Download Latest Version gh-aw-wasm-v0.68.3.tar.gz (4.9 MB)
Email in envelope

Get an email when there's a new version of GitHub Agentic Workflows

Home / v0.67.4
Name Modified Size InfoDownloads / Week
Parent folder
sbom.cdx.json 2026-04-09 3.3 MB
0
sbom.spdx.json 2026-04-09 5.6 MB
0
windows-amd64.exe 2026-04-09 26.4 MB
0
windows-arm64.exe 2026-04-09 24.1 MB
0
linux-arm64 2026-04-09 23.7 MB
0
freebsd-arm64 2026-04-09 23.7 MB
0
gh-aw-wasm-v0.67.4.tar.gz 2026-04-09 4.8 MB
0
linux-386 2026-04-09 24.8 MB
0
linux-amd64 2026-04-09 25.8 MB
0
linux-arm 2026-04-09 24.6 MB
0
freebsd-amd64 2026-04-09 25.7 MB
0
android-arm64 2026-04-09 26.0 MB
0
checksums.txt 2026-04-09 1.0 kB
0
darwin-amd64 2026-04-09 26.2 MB
0
darwin-arm64 2026-04-09 24.4 MB
0
freebsd-386 2026-04-09 24.6 MB
0
README.md 2026-04-09 12.8 kB
0
v0.67.4 source code.tar.gz 2026-04-09 245.8 MB
0
v0.67.4 source code.zip 2026-04-09 248.1 MB
0
Totals: 19 Items   807.7 MB 0

🌟 Release Highlights

This release delivers a critical Copilot engine reliability fix that restores all affected workflows, alongside a wave of new agentic workflow templates, meaningful security hardening, and a rich set of bug fixes driven by community reports.

🚨 Critical Fix: Copilot Engine Silent Startup Crash

All Copilot-engine workflows were silently failing for ~35+ hours starting April 8 due to a startup crash in Copilot CLI v1.0.21. This release pins DefaultCopilotVersion to 1.0.20 and recompiles all 187 workflow lock files to restore normal operation immediately.

✨ What's New

  • Five new agentic workflow templatesapproach-validator, test-quality-sentinel, refactoring-cadence, architecture-guardian, and design-decision-gate expand the built-in workflow library for code quality, ADR enforcement, and architectural governance.

  • allowed-events filter for submit-pull-request-review — Workflows can now restrict which review types (APPROVE, COMMENT, REQUEST_CHANGES) the safe-output job may submit, giving maintainers tighter control over automated review actions. (#25484)

  • Copilot driver retry logic — The Copilot driver now retries on partial session failures, reducing flaky workflow runs caused by transient CAPI errors. (#25329)

  • --runner-guard compilation flaggh aw compile now accepts --runner-guard to enforce runner constraints in the static-analysis-report workflow. (#25281)

  • Version bumps — Firewall updated to v0.25.18 and MCP Gateway to v0.2.17 for all compiled workflows. (#25505)

🔒 Security Hardening

  • NFKC normalization + homoglyph detection — SafeOutputs now normalizes Unicode input using NFKC and detects Cyrillic/Greek homoglyph substitutions. The Secret Leak threat detection check is also hardened to catch more patterns. (#25458)

  • HTML comment bypass fixremoveXmlComments is now applied before mention neutralization, closing a potential injection path in safe-output processing. (#25462)

🐛 Bug Fixes & Improvements

  • gh aw list false positive "Compiled: No" — The compiler now uses a frontmatter content hash instead of file mtime to detect compiled status, fixing incorrect results after git checkout. (#25364)

  • safe-outputs type imports — Types declared in imported safe-outputs schemas are no longer silently dropped when the main workflow also defines safe-outputs. (#25402)

  • gh aw add-wizard HTTPS auth fix — The wizard no longer fails authentication when the git remote uses an HTTPS URL with an embedded username. (#25375)

  • Playwright MCP logs directorychmod 777 applied to the playwright mcp-logs directory so non-root Docker containers can write logs correctly. (#25417)

  • Stale actions-lock.json entries pruned — Compilation now removes stale gh-aw-actions entries from actions-lock.json, preventing stale pin accumulation across releases. (#25361)

  • CLI proxy RUNNER_TEMP quoting\$\{RUNNER_TEMP} in generated shell commands is now properly quoted and template expressions in run: blocks are handled correctly. (#25330)

📚 Documentation

  • Developer docs consolidated (v5.6): broken README links fixed and tone updated. (#25446)
  • Slash command guidance added for the SideRepoOps pattern.
  • dispatch-ops.md condensed by 24% for easier reading. (#25423)

🌍 Community Contributions

A huge thank you to the community members who reported issues that were resolved in this release! ### `@bryanknox` - [gh aw add-wizard not logged in to GitHub CLI](https://github.com/github/gh-aw/issues/25351) _(direct issue)_ ### `@chrisfregly` - [Bug in `safe-outputs` Frontmatter Merging Schematics](https://github.com/github/gh-aw/issues/25349) _(direct issue)_ ### `@deyaaeldeen` - [Compiler v0.67.3 pins runtime setup action to v0.67.1, leaving stale entries in actions-lock.json](https://github.com/github/gh-aw/issues/25359) _(direct issue)_ ### `@JanKrivanek` - [submit-pull-request-review: allow filtering allowed event types (APPROVE, COMMENT, REQUEST_CHANGES)](https://github.com/github/gh-aw/issues/25439) _(direct issue)_ ### `@pholleran` - [Copilot CLI should retry on transient CAPIError 400 Bad Request during agentic workflow execution](https://github.com/github/gh-aw/issues/25313) _(direct issue)_ ### `@yskopets` - [gh aw list: 'Compiled: No' false positive after git checkout due to mtime comparison](https://github.com/github/gh-aw/issues/25362) _(direct issue)_ - [Docs: No guidance on using slash commands in SideRepoOps pattern](https://github.com/github/gh-aw/issues/25363) _(direct issue)_

For complete details, see CHANGELOG.

Generated by Release · ● 909.5K

What's Changed

Full Changelog: https://github.com/github/gh-aw/compare/v0.67.3...v0.67.4

Source: README.md, updated 2026-04-09