🌟 Release Highlights

This release brings meaningful quality-of-life improvements to workflow automation: smarter add-wizard scheduling, better protection for critical files, and a proactive fix for repo-memory size failures — plus a notable security hardening for git authentication.

✨ What's New

• Schedule frequency picker in add-wizard — When adding a scheduled workflow, gh aw add-wizard now prompts you to choose a frequency (hourly, 3-hourly, daily, weekly, monthly, or custom cron). No more being locked to whatever schedule the upstream workflow shipped with. (#19709)

• Protected-files enforcement in safe outputs — Workflows can now declare protected-files to prevent agents from inadvertently modifying critical files (e.g., AGENTS.md, .github/ configs, runtime manifests). When a push attempts to touch a protected file, safe outputs surfaces a clear remediation message instead of silently failing or overwriting. (#19958)

• Early size validation for repo-memory — A new push_repo_memory MCP tool validates memory size before pushing, catching oversized payloads early and giving agents a chance to trim content rather than failing at upload time. (#19977)

• Remote workflow dependencies fetched on gh aw add — When adding a workflow that uses dispatch-workflow dependencies or declares resources, gh aw add now automatically fetches and saves those assets locally. (#19965)

🐛 Bug Fixes & Improvements

• Security: git credentials no longer written to disk — Git authentication tokens are now passed as environment variables to the fetch subprocess rather than written to .git/config. This closes a window where an attacker monitoring filesystem events (e.g., via inotify) could capture the token. (#19963)

• Cleaner first-run experience for repo-memory — Suppressed 5 spurious GitHub Actions error annotations that appeared on the first run of push_repo_memory (where git fetch/git pull failing is expected because the memory branch doesn't exist yet). (#19979)

• Clearer compile command help text — The gh aw compile short description now explicitly states it converts .md files to .lock.yml, removing a common source of confusion for new users. (#19988)

📚 Documentation

• Streamlined permissions.md reference (~18% shorter) by consolidating duplicate sections, fixing a broken callout, and correcting heading hierarchy — all technical content preserved. (#20003)

🌍 Community Contributions

A huge thank you to the community members who reported issues resolved in this release:

• @dsyme for repo-memory fails when memory exceeds allowed size (#19976)
• @dsyme for gh aw add-wizard for scheduled workflow should offer choice of frequencies (#19708)

For complete details, see CHANGELOG.

Generated by Release

What's Changed

• fix: pass git auth via environment variables instead of writing to .git/config by @Copilot in #19963
• add-wizard: offer schedule frequency selection for scheduled workflows by @Copilot in #19709
• feat(add): fetch dispatch-workflow dependencies and resources when adding remote workflows by @Copilot in #19965
• [code-simplifier] refactor: extract shared sanitizeForFilename helper in generate_git_patch.cjs by @github-actions[bot] in #19980
• Add protected-files support to runtimes and enforce protected file protection in safe outputs by @Copilot in #19958
• fix: suppress spurious error annotations in push_repo_memory for expected git failures by @Copilot in #19979
• feat: Add push_repo_memory MCP tool for early size validation by @Copilot in #19977
• Improve compile command help text to clarify input/output formats by @Copilot in #19988

Full Changelog: v0.55.0...v0.56.0

🌟 Release Highlights

This release sharpens the developer experience with smarter error messages, a more reliable audit command, and automatic strict-mode enforcement for public repositories.

✨ What's New

• Automatic strict mode for public repositories — Lockdown validation now enforces strict: true automatically for public repos, ensuring agentic workflows default to the safest configuration without requiring manual setup. (#19948)

• "Did you mean?" suggestions for permission typos — When a permission level is mistyped (e.g., rite instead of write), the compiler now surfaces a nearest-match suggestion for nested enum violations, making YAML configuration errors much faster to diagnose. (#19925)

🐛 Bug Fixes & Improvements

• gh aw audit now surfaces ##[error] annotations from flat log files — The audit command previously left the errors array empty for failed runs when GitHub Actions stored logs in the flat per-job format (workflow-logs/{N}_{job_name}.txt). Error annotations are now correctly extracted regardless of log file layout. (#19923)

• CLI consistency fixes across 7 commands — A broken documentation URL in the project new command and several medium/low severity inconsistencies surfaced by automated inspection have been resolved. (#19927)

📚 Documentation

• Environment variables reference updated — Documentation for GITHUB_STEP_SUMMARY support in agent step summaries has been added. (#19928)

For complete details, see CHANGELOG.

Generated by Release

What's Changed

• [jsweep] Clean assign_to_user.cjs by @github-actions[bot] in #19924
• fix(audit): surface ##[error] annotations from flat GitHub Actions log files by @Copilot in #19923
• fix: resolve 7 CLI consistency issues from automated inspection by @Copilot in #19927
• [docs] Update documentation for features from 2026-03-07 by @github-actions[bot] in #19928
• refactor: implement semantic function clustering improvements across pkg/ by @Copilot in #19926
• fix: "Did you mean?" suggestions for nested enum violations (e.g., permission level typos) by @Copilot in #19925
• [actions] Update GitHub Actions versions by @github-actions[bot] in #19938
• Enforce strict: true for public repositories in lockdown validation by @Copilot in #19948

Full Changelog: v0.54.0...v0.55.0

🌟 Release Highlights

This release focuses on expanding workflow capabilities with Agent Package Manager support and broader temporary ID coverage, while hardening security and improving reliability for public repository workflows.

✨ What's New

• Agent Package Manager (APM) support — Workflows can now declare microsoft/apm dependencies directly in frontmatter. The compiler emits a SHA-pinned microsoft/apm-action step to install packages before agent execution, making it easier to manage agent dependencies declaratively.

• Temporary IDs for all project operations — #aw_* temporary IDs are now supported across all project-related safe outputs, enabling cross-references between operations within the same workflow run.

• Engines always use latest versions — Agentic engines (Copilot, Claude Code, Codex, Gemini) now bind to "latest" instead of pinned versions, ensuring workflows automatically benefit from the newest AI capabilities without manual version bumps. CLI versions in this release: Claude Code 2.1.70, Copilot CLI 0.0.422, Codex 0.111.0.

🐛 Bug Fixes & Improvements

• Fixed gh aw add auth failure for public repos — The downloadFileFromGitHubWithDepth function now falls back to git/raw-URL when REST client creation fails with an auth error, resolving failures when adding workflows from public repositories in agentic contexts.

• Security: Go module cache disabled in agentic setup — The actions/setup-go step now runs with cache: false in agentic workflows, closing a potential cache poisoning vector via prompt injection. This mirrors the existing mitigation already in place for Node.js.

📚 Documentation

• Streamlined the SideRepoOps patterns page for better readability.

For complete details, see CHANGELOG.

Generated by Release

What's Changed

• Update CLI versions: Claude Code 2.1.70, Copilot CLI 0.0.422, Codex 0.111.0 by @Copilot in #19854
• Reclassify 5 minor changesets as major breaking changes by @Copilot in #19870
• fix: disable Go module cache in agentic setup actions to prevent cache poisoning by @Copilot in #19865
• [dead-code] chore: remove 10 dead functions from analyzer batch run by @github-actions[bot] in #19880
• [code-simplifier] refactor: use ExtraWithFields merge in Go go-mod-file setup path by @github-actions[bot] in #19884
• Fix gh aw add auth failure for public repos in agentic workflows by @Copilot in #19853
• [docs] docs: unbloat SideRepoOps page by @github-actions[bot] in #19906
• [docs] Consolidate developer specs: fix 2 tone issues (v3.8) by @github-actions[bot] in #19904
• [instructions] Sync github-agentic-workflows.md with v0.40.1 by @github-actions[bot] in #19902
• [log] Add debug logging to spinner, import processor, and utility packages by @github-actions[bot] in #19894
• Bind all agentic engines to "latest" instead of pinning versions by @Copilot in #19882
• chore(deps): bump express-rate-limit from 8.2.1 to 8.3.0 in /.github/workflows in the npm_and_yarn group across 1 directory by @dependabot[bot] in #19881
• Allow temporary IDs for all project operations by @Copilot in #19573
• Add microsoft/apm dependencies support to frontmatter by @Copilot in #19883

Full Changelog: v0.53.6...v0.54.0

🌟 Release Highlights

This is a focused patch release that resolves a long-standing step summary truncation issue affecting all AI engines, alongside a documentation improvement and an internal test reliability fix.

🐛 Bug Fixes & Improvements

• Step summary output expanded to 2000 characters — Agent step summaries were silently truncated at 500 characters. This release increases the limit to 2000 characters and correctly forwards GITHUB_STEP_SUMMARY into the sandbox for all engines (Copilot, Codex, Claude, Gemini), ensuring agents can write meaningful summaries without silent data loss. (#19821)

📚 Documentation

• Added a PDF download link to the slides documentation page, making it easier to share and reference presentation materials offline. (#19842)

🌍 Community Contributions

A huge thank you to the community members who reported issues that were resolved in this release:

• @danielmeppiel for Step summary truncates agent output at 500 chars with no visible warning (#19810)

For complete details, see CHANGELOG.

Generated by Release

What's Changed

• Add PDF download link to slides doc page by @Copilot in #19842
• Fix label trigger integration test type assertions for names field by @Copilot in #19843
• Fix step summary truncation: forward GITHUB_STEP_SUMMARY into sandbox for all engines, increase text limit to 2000 chars by @Copilot in #19821

Full Changelog: v0.53.5...v0.53.6

🌟 Release Highlights

This release focuses on reliability improvements for label-trigger workflows and GitHub App token handling, plus new capabilities for repo memory and the add_comment safe output tool.

✨ What's New

• GitHub Wiki backing for repo-memory — The repo-memory frontmatter now supports a wiki: true flag to use a repository's GitHub Wiki git backend as persistent memory storage, following GitHub Wiki markdown conventions. (#19800)

• Temporary ID support in add_comment — The add_comment safe output tool now accepts temporary_id, enabling cross-referencing of not-yet-created comments within the same workflow run. (#19737)

• /ace slash command workflow — A new built-in workflow responds to /ace in PR comments, generates ACE editor session URLs, and posts a reply linking teammates to a collaborative editing session. (#19741)

🐛 Bug Fixes & Improvements

• Label trigger shorthand now correctly filters by label name — Workflows using on: pull_request labeled my-label were firing on any labeled event due to a Go type mismatch ([]string vs []any). The activation job's if: clause now correctly includes the github.event.label.name condition. (#19824)

• Label trigger shorthand wires item_number for manual dispatch — The compiler now properly wires inputs.item_number as a fallback for entity number expressions in label-shorthand workflows, fixing empty PR/issue numbers on manual workflow_dispatch runs. (#19795)

• assign-to-agent auto-fallback for GitHub App tokens — The Copilot assignment API rejects GitHub App installation tokens, causing "not available as an assignee" failures. The fix auto-falls back to GH_AW_AGENT_TOKEN → GH_AW_GITHUB_TOKEN → GITHUB_TOKEN, while explicit github-token: overrides still take precedence. (#19796)

• MCP compile errors now surface Docker retry instructions — The compile MCP tool previously swallowed helpful guidance when Docker images weren't cached. Users now see actionable retry instructions instead of a bare "docker images not ready" message. (#19792)

• Allowed tool filter respected for mcp-servers section — The tools.allowed filter is now correctly applied when compiling MCP server tool configurations. (#19801)

• GH_AW_HOME defined once at job level — Eliminates repeated fallback macro expansion (\$\{GH_AW_HOME:-/opt/gh-aw}) across workflow steps by hoisting the variable definition to the job level. (#19823)

🌍 Community Contributions

A huge thank you to the community members who reported issues resolved in this release:

• @deyaaeldeen for Bug: Label trigger shorthand does not produce label filter condition in compiled workflow (#19770)
• @deyaaeldeen for Bug: workflow_dispatch item_number not wired into expression extraction for label trigger shorthand (#19773)
• @mason-tim for assign-to-agent fails with GitHub App tokens — Copilot assignment API requires a PAT (#19765)

For complete details, see CHANGELOG.

Generated by Release

What's Changed

• Add /ace slash command workflow that posts ACE editor session links on PR comments by @Copilot in #19741
• [docs] docs: consolidate repetitive engine sections in engines.md by @github-actions[bot] in #19779
• [docs] Fix 3 tone issues in scratchpad specs (v3.7) by @github-actions[bot] in #19778
• [docs] Self-healing documentation fixes from issue analysis - 2026-03-05 by @github-actions[bot] in #19755
• [code-simplifier] refactor: simplify recent code changes for clarity and idiomaticity by @github-actions[bot] in #19753
• [dead-code] chore: remove dead functions — 8 functions removed by @github-actions[bot] in #19750
• [instructions] Sync github-agentic-workflows.md with release v0.40.1 by @github-actions[bot] in #19777
• Update action pin tests to match updated action_pins.json data by @Copilot in #19794
• fix: surface Docker image retry instructions in MCP compile error message by @Copilot in #19792
• chore(deps): bump dompurify from 3.3.0 to 3.3.2 in /docs in the npm_and_yarn group across 1 directory by @dependabot[bot] in #19791
• [docs] Update documentation for features from 2026-03-06 by @github-actions[bot] in #19805
• Fix: wire inputs.item_number fallback for label trigger shorthand workflows by @Copilot in #19795
• feat: add temporary ID support to add_comment tool by @Copilot in #19737
• Fix assign-to-agent failing with GitHub App tokens — auto-fallback to GH_AW_AGENT_TOKEN by @Copilot in #19796
• refactor: resolve 4 semantic function clustering findings by @Copilot in #19799
• Ensure allowed tool filter for mcp-servers section by @Copilot in #19801
• [docs] Update glossary - daily scan by @github-actions[bot] in #19822
• Add wiki flag to repo-memory frontmatter for GitHub Wiki git backing by @Copilot in #19800
• fix: label trigger shorthand missing label filter condition in compiled workflow by @Copilot in #19824
• ci: split CLI MCP Inspect GitHub matrix group, pin upload-artifact action by @Copilot in #19825
• [docs] Update glossary - daily scan by @github-actions[bot] in #19826
• [docs] Update glossary - daily scan by @github-actions[bot] in #19840

Full Changelog: v0.53.4...v0.53.5

🌟 Release Highlights

This patch release delivers a targeted security fix for GHES environments and documentation improvements, keeping the workflow engine running smoothly across all deployment types.

🐛 Bug Fixes & Improvements

• GHES incremental patch fetch authentication fixed — The push_to_pull_request_branch MCP handler was failing with Cannot generate incremental patch: failed to fetch on GitHub Enterprise Server (GHES) because generate_git_patch.cjs ran git fetch origin without authentication. The fix configures the correct http.(serverUrl)/.extraheader using GITHUB_TOKEN and GITHUB_SERVER_URL (matching the pattern already used in dynamic_checkout.cjs), and uses a try/finally block to ensure the token is removed from .git/config immediately after the fetch — preserving the credential isolation security boundary. (#19685)

📚 Documentation

• Glossary expanded — New terms added: CentralRepoOps (a MultiRepoOps variant using a single private repo as a control plane), Trigger File (a .yml workflow that separates trigger definitions from agentic workflow logic), workflow_call (trigger type enabling compiled workflows to be invoked by other workflows), and Conclusion Job concurrency documentation. (#19712)

🌍 Community Contributions

A huge thank you to the community members who reported issues that were resolved in this release:

• @AlexanderWert for safeoutputs-push_to_pull_request_branch fails on fetch (#18703)

For complete details, see CHANGELOG.

Generated by Release

What's Changed

• [docs] Update glossary - daily scan 2026-03-05 by @github-actions[bot] in #19712
• [actions] Update GitHub Actions versions - 2026-03-05 by @github-actions[bot] in #19707
• [fp-enhancer] Improve pkg/cli: use sliceutil.Filter/Map for functional slice operations by @github-actions[bot] in #19705
• fix: configure git auth for GHES in incremental patch fetch by @Copilot in #19685

Full Changelog: v0.53.3...v0.53.4

🌟 Release Highlights

This release focuses on reliability and correctness — eliminating workflow toggle loops, hardening enterprise compatibility, and improving the gh aw upgrade experience so lock files stay consistent across commands.

✨ What's New

• Concurrency safety for conclusion jobs — The conclusion job now uses a concurrency group keyed to the workflow run ID, preventing race conditions when multiple workflow runs finish simultaneously (#19616).
• Enterprise GitHub Server support in safe outputs — Hardcoded github.com references in the safe output JavaScript layer have been replaced with GITHUB_SERVER_URL, enabling correct behavior in GitHub Enterprise Cloud environments (#19621).

🐛 Bug Fixes & Improvements

• gh aw upgrade / gh aw compile no longer produce divergent lock files — A long-standing issue where running both commands in sequence caused files to toggle between two states is now fixed (#19681).
• gh aw upgrade no longer corrupts SHA-pinned uses: lines — The upgrader was wrapping the entire uses: value (including the inline # vX.Y.Z comment) in quotes; this is now corrected (#19679).
• Conclusion job survives API failures — The handle_create_pr_error function now degrades gracefully when GitHub API calls fail, preventing conclusion job crashes (#19683).
• Audit command surfaces activation errors — gh aw audit now correctly surfaces errors from the activation job even when no agent artifacts were uploaded, giving clearer diagnostics on early failures (#19678).
• No more duplicate No-Op Runs issues — Transient search failures no longer cause the workflow to create duplicate [aw] No-Op Runs issues (#19613).
• Label constraint messages are unambiguous — Label names containing spaces are now quoted in compiler constraint messages, eliminating parsing ambiguity (#19682).
• Correct pull request history links — History links now use type=pullrequests for accurate navigation (#19676).
• Version-pinning fix applied to install script source — The version-pinning correction is now applied directly to install-gh-aw.sh, the source of truth, rather than a generated copy (#19686).

📚 Documentation

Documentation for the CentralRepoOps pattern has been expanded with trigger file and workflow_call usage examples, and the compilation process guide has been trimmed by ~20% for clarity (#19693, #19664).

🌍 Community Contributions

A huge thank you to the community members who reported issues that were resolved in this release:

• @srgibbs99 for Bug: gh aw upgrade wraps uses value in quotes, including the inline comment (#19640)
• @srgibbs99 for Bug: gh aw upgrade and gh aw compile produce different lock files — toggle endlessly (#19622)
• @samuelkahessay for handle_create_pr_error: unhandled exceptions on API calls crash conclusion job (#19605)

For complete details, see CHANGELOG.

Generated by Release

What's Changed

• fix: prevent duplicate [aw] No-Op Runs issues on transient search failure by @Copilot in #19613
• fix: add agentic-workflows label to recompile-needed issues by @Copilot in #19612
• [WIP] Rewrite changes and review tests from pull request 19591 by @Copilot in #19609
• feat: add concurrency group to conclusion job using workflow ID by @Copilot in #19616
• Fix failing JS test: sync expected labels with implementation in check_workflow_recompile_needed by @Copilot in #19628
• chore(deps): bump svgo from 4.0.0 to 4.0.1 in /docs in the npm_and_yarn group across 1 directory by @dependabot[bot] in #19665
• [docs] docs: reduce compilation-process.md by ~20% by removing redundant content by @github-actions[bot] in #19664
• [docs] Developer Documentation Consolidation v3.6 — 2 tone fixes by @github-actions[bot] in #19663
• [instructions] Sync github-agentic-workflows.md with v0.40.1 by @github-actions[bot] in #19661
• [log] Add debug logging to tar, schema utilities, MCP config types, and wizard command by @github-actions[bot] in #19651
• Enterprise: replace hardcoded github.com with GITHUB_SERVER_URL in safe output JS by @Copilot in #19621
• [dead-code] chore: remove dead functions — 10 functions removed by @github-actions[bot] in #19643
• chore(deps): bump the npm_and_yarn group across 1 directory with 2 updates by @dependabot[bot] in #19654
• [jsweep] Clean add_reviewer.cjs by @github-actions[bot] in #19680
• fix(audit): surface activation job errors when no agent artifacts were uploaded by @Copilot in #19678
• fix: use type=pullrequests for pull request history links by @Copilot in #19676
• Quote label names in constraint messages to eliminate ambiguity with spaces by @Copilot in #19682
• fix: graceful degradation in handle_create_pr_error when API calls fail by @Copilot in #19683
• fix: migrate version-pinning fix to source file install-gh-aw.sh by @Copilot in #19686
• fix: gh aw upgrade wraps SHA-pinned uses: value in quotes, including inline comment by @Copilot in #19679
• [docs] Update documentation for features from 2026-03-05 by @github-actions[bot] in #19690
• fix: gh aw upgrade and gh aw compile produce identical lock files by @Copilot in #19681
• docs: add trigger file + workflow_call pattern to CentralRepoOps by @Copilot in #19693

Full Changelog: v0.53.2...v0.53.3

🌟 Release Highlights

This patch release brings up-to-date CLI tooling versions, targeted workflow fixes, and a documentation refresh.

⚡ Dependency Updates

• Claude Code updated to 2.1.66, Copilot CLI to 0.0.421, and MCP Gateway to v0.1.8 — ensuring you're running the latest agent runtimes with the most recent fixes and capabilities. (#19576)

🐛 Bug Fixes & Improvements

• History link generation: Removed the in:comments flag from history search links, improving search accuracy when navigating workflow run history. (#19608)
• Push-to-PR branch context: Improved review context handling in push_to_pull_request_branch workflows so agents receive more accurate context when pushing changes. (#19604)

🔧 Internal

• Moved the Custom Error Patterns example workflow to pkg/cli/workflows for better discoverability alongside other built-in workflow examples. (#19579)

📚 Documentation

• Glossary updated with latest terminology — keeping the reference docs current. (#19570)

For complete details, see CHANGELOG.

Generated by Release

What's Changed

• [docs] Update glossary - daily scan by @github-actions[bot] in #19570
• Move Example: Custom Error Patterns workflow to pkg/cli/workflows by @Copilot in #19579
• [WIP] Remove 'in:comments' flag from history link generation by @Copilot in #19608
• [WIP] Review context handling in push_to_pull_request_branch by @Copilot in #19604
• Update CLI versions: Claude Code 2.1.66, Copilot CLI 0.0.421, MCP Gateway v0.1.8 by @Copilot in #19576

Full Changelog: v0.53.1...v0.53.2

🌟 Release Highlights

This patch release delivers targeted bug fixes improving expression validation, safe-output reliability, and custom job compilation — along with a security hardening fix for the safe-outputs handler.

✨ What's New

• Safe Output Step Summaries now show secrecy and integrity fields — When agents include these metadata fields in safe-output messages, they are now visible in the step summary, giving teams clearer visibility into the confidentiality and trustworthiness of each output (#19552).
• allowed-github-references supports macro expressions — Schema validation now accepts $\{\{ ... }} macro syntax in the allowed-github-references field, enabling dynamic reference configuration at workflow runtime (#19554).

🐛 Bug Fixes & Improvements

• Expression defaults now compile correctly — Patterns like $\{\{ inputs.devices || 'mobile,tablet,desktop' }} were incorrectly rejected at compile time. String, number, and boolean literals are now unconditionally allowed as OR-fallback values (#19550).
• Fixed 7 silently-dropped custom job fields — buildCustomJobs() was discarding fields including name, timeout-minutes, continue-on-error, defaults, strategy, environment, and outputs. Custom jobs now faithfully preserve all authored configuration (#19539).
• Fixed context is not defined crash in safe-output MCP server — Unguarded global context accesses caused a ReferenceError in environments without a GitHub Actions payload context; all access sites are now safely guarded (#19544).
• Fixed double-escaped HTML entities in titles — Issue and PR titles containing >, <, & were being double-encoded. The sanitizer now correctly decodes named HTML entities in a single pass (#19545).
• Clearer compile-time error for agent job write permissions — The error message now explains the security context and points directly to the safe-outputs documentation (#19546).
• Security: body content sanitized before GitHub API writes — update_handler_factory was forwarding raw body content to GitHub without sanitization. All body fields are now sanitized before any API write (SEC-004, #19538).

📚 Documentation

• Added a Security Posture section to the workflow creation guide, prominently explaining why the agent job must remain read-only (#19548).
• Updated ProjectOps docs with practical workflow examples and fixed a broken anchor link for add-comment (#19387, #19556).

🌍 Community Contributions

A huge thank you to the community members who reported issues that were resolved in this release:

• @dsyme for Allowed expressions should allow simple defaults (#19468)

For complete details, see CHANGELOG.

Generated by Release

What's Changed

• fix: update action pin test expectations for actions/setup-node v6.3.0 by @Copilot in #19537
• SEC-004: Sanitize body content in update_handler_factory before GitHub API writes by @Copilot in #19538
• Improve compile-time error message for write permissions on agent job by @Copilot in #19546
• docs: add Security Posture section to .github/aw/create-agentic-workflow.md by @Copilot in #19548
• Add scope/constraint guidance to developer.instructions to prevent complex workflow timeouts by @Copilot in #19549
• fix: allow expr || 'literal' default patterns in expression validation by @Copilot in #19550
• [WIP] Fix context is not defined error in safe output MCP server by @Copilot in #19544
• [WIP] Fix double escaping of text in titles by @Copilot in #19545
• chore: update projectops docs by @mnkiefer in #19387
• Display secrecy and integrity fields in safe output step summary renderer by @Copilot in #19552
• [WIP] Update schema pattern for allowed GitHub references by @Copilot in #19554
• Fix buildCustomJobs() to extract 7 silently-dropped job fields by @Copilot in #19539

Full Changelog: v0.53.0...v0.53.1

🌟 Release Highlights

This release focuses on reliability and polish — fixing a cluster of real-world bugs reported by the community while strengthening core workflows around PR creation, model configuration, memory persistence, and the upgrade experience.

✨ What's New

• Configurable activation token — The on: section now supports github-token and github-app fields, letting you use a custom PAT or GitHub App token for activation-job reactions and status comments. (#19427)
• Graceful PR-permission fallback — When GitHub Actions lacks permission to create PRs, create_pull_request now opens a fallback issue with a one-click link to open the PR manually, so your pushed branch is never left dangling. (#19466)
• Strategy schema for custom jobs — The strategy field (with matrix, fail-fast, max-parallel) is now fully usable in custom job definitions, and strategy values are properly extracted by the compiler. (#19405)
• Workflow call ID in comments — The add_comment action now appends a gh-aw-workflow-call-id marker to comments when a caller workflow ID is present, enabling better cross-workflow traceability. (#19525)
• Smarter history link types — Generated GitHub search URLs now include a type= parameter scoped to the correct content type (issues, PRs, discussions), reducing irrelevant results. (#19507)

🐛 Bug Fixes & Improvements

• gh aw upgrade SHA-pins setup-cli — Upgrade now writes a SHA-pinned reference for the setup-cli action instead of a bare version tag, consistent with all other action references. (#19496)
• Copilot model path fixed — The fallback model configuration now correctly uses the COPILOT_MODEL environment variable instead of the unsupported --model CLI flag, making org-level model overrides work as expected. (#19509)
• push_repo_memory retry/backoff — Concurrent agents racing on the repo-memory branch no longer cause non-fast-forward failures; the push step now retries with exponential backoff and a job-level concurrency group. (#19494)
• ENOENT noise eliminated — Pre-agent failures (sandbox crash, network timeout) no longer cause downstream ENOENT errors from a missing agent-output artifact. Failure issues also now include richer context in their title. (#19505)
• runtime-import in .github repos — Compiling a workflow inside a repository literally named .github no longer produces duplicated paths like .github/.github/workflows/…. (#19518)
• safe-inputs script runner fixed — The script: runner for safe inputs was always returning {"stdout":"","stderr":""} instead of actual output; the generated .cjs now correctly calls execute() when run as a subprocess. (#19493)
• stderr suppressed in non-git directories — get_current_branch.cjs no longer leaks fatal: not a git repository to stderr when invoked outside a git repo. (#19499)
• MCP audit error clarity — Debug log lines are now filtered from the audit tool error response, so callers see the actual error instead of a wall of internal diagnostics when DEBUG=* is set. (#19506)

📚 Documentation

• Updated docs for the new on.github-token and on.github-app activation fields. (#19502)
• trial-ops.md trimmed by 24% — same content, much easier to scan. (#19478)

🌍 Community Contributions

A huge thank you to the community members who reported issues that were resolved in this release:

• @MatthewLabasan-NBCU for Bug: gh-aw compile incorrectly prepends repository name to #runtime-import paths in .github repositories (#19500)
• @samuelkahessay for push_repo_memory.cjs has no retry/backoff, fails on concurrent pushes (#19476)
• @samuelkahessay for get_current_branch.cjs leaks stderr when not in a git repository (#19475)
• @samuelkahessay for Unconditional agent-output artifact download causes ENOENT noise on pre-agent failures (#19474)
• @samuelkahessay for Copilot engine fallback model path uses --model CLI flag instead of COPILOT_MODEL env var (#19473)
• @dsyme for "GitHub Actions is not permitted to create or approve pull requests." (#19465)
• @rspurgeon for Bug: gh aw upgrade does not set a sha for setup-cli in copilot-setup-steps.yml (#19451)

For complete details, see CHANGELOG.

Generated by Release

What's Changed

• Fix unusable strategy schema for custom jobs + add compiler extraction (Option B) by @Copilot in #19405
• [log] Add debug logging to 5 pkg/ files by @github-actions[bot] in #19455
• create_pull_request: create fallback issue with one-click PR link on permission error by @Copilot in #19466
• [instructions] Sync github-agentic-workflows.md with v0.40.1 by @github-actions[bot] in #19470
• [docs] Consolidate developer specs: fix 3 tone issues, bump dev.md to v3.5 by @github-actions[bot] in #19472
• [docs] docs: unbloat trial-ops.md (24% reduction) by @github-actions[bot] in #19478
• Add configuration for activation GitHub token by @Copilot in #19427
• [docs] Update documentation for on.github-token and on.github-app fields from 2026-03-04 by @github-actions[bot] in #19502
• fix: suppress stderr in get_current_branch.cjs when outside a git repo by @Copilot in #19499
• refactor: extract common CLI install/build codegen for maintenance workflow run_operation job by @Copilot in #19498
• fix(conformance): USE-001 standardized error codes + USE-003 staged mode emoji by @Copilot in #19497
• fix: SHA-pin setup-cli action reference in copilot-setup-steps.yml on upgrade by @Copilot in #19496
• fix: retry/backoff for push_repo_memory + job-level concurrency group by @Copilot in #19494
• fix(mcp): filter debug log lines from audit tool error response by @Copilot in #19506
• Fix safe-inputs script: runner always returning {"stdout":"","stderr":""} by @Copilot in #19493
• Fix ENOENT noise from unconditional agent-output env var and add pre-agent failure context to issue title by @Copilot in #19505
• Fix copilot fallback model path to use COPILOT_MODEL env var instead of --model flag by @Copilot in #19509
• Update history link generation to set type in search query by @Copilot in #19507
• Fix runtime-import path duplication when repo is named .github by @Copilot in #19518
• [aw] Updates available by @github-actions[bot] in #19527
• [WIP] Update generated footer to include gh-aw-workflow-call-id by @Copilot in #19525

Full Changelog: v0.52.1...v0.53.0