github/gh-aw v0.79.0 on GitHub

🌟 Release Highlights

v0.79.0 is a significant milestone release centered on the AI Credits (AIC) naming migration, smarter budget guardrails, Windows platform support, and a wave of compiler and tooling improvements.

⚠️ Breaking Changes

setup-steps rejected on activation/pre-activation jobs — The compiler now fails fast if setup-steps is attached to activation or pre_activation jobs, where it could bypass built-in protection sequencing. Remove setup-steps from these job types before upgrading. (#37441)
max-runs deprecated → max-turns — The top-level max-runs field is deprecated in favor of the canonical max-turns. Automated migration is available via gh aw fix --write. (#37587)

✨ What's New

AI Credits (AIC) — complete migration — The project has fully migrated from "Effective Tokens" terminology to "AI Credits (AIC)" across all docs, workflow templates, telemetry, and OpenTelemetry attributes. The cost management docs reflect the new language. (#37692, #37693, #37691)
max-ai-credits enabled by default — Workflows now default to a 1000 AI Credit budget with no configuration needed. Set max-ai-credits: -1 to disable enforcement entirely for unrestricted runs. (#37585, #37437)
AIC exhaustion detection & smart retry halting — The harness now detects budget exhaustion from the firewall audit log and correctly classifies it separately from provider HTTP 429 throttling, preventing misleading failure reports and stopping unnecessary retries on credit exhaustion. (#37936, #38022, #38018)
Windows platform support — A new CWI.yml push-triggered workflow builds the CLI for Windows and runs integration tests to validate cross-OS compatibility. (#37844)
pr-finisher skill — New skill that guides agents through taking an in-flight PR to merge-ready state: local validation order, failing CI inspection, and iteration discipline. (#37873)
add-comment: exact-match comment minimization — hide-older-comments.match now supports exact multi-workflow comment minimization, giving workflows precise control over which older comments are hidden. (#37977)
temporary_id enforcement — create-issue and create-pull-request safe-output calls now require valid #aw_* IDs enforced at the frontmatter and MCP validation layer, preventing stale references leaking into user-facing artifacts. (#37469)
gh aw compile --use-samples — New hidden flag for deterministic safe-outputs replay, replacing live agentic execution with recorded samples for reproducible testing. (#37359)

🐛 Bug Fixes & Improvements

Fix gh aw add for long hyphenated repository names — Workflow specs with long hyphenated repo names were incorrectly rejected; parsing is now accurate for all valid owner/repo/path forms. (#37960)
Fix bundle refs on non-main branch dispatch — refs/heads/<branch> is now correctly included in bundles when the agent HEAD is on the target branch during non-main dispatches. (#37929)
Stop retrying Copilot CLI PAT-rejection 400 as transient — 400 errors from PAT rejection are now treated as permanent failures, avoiding wasteful retries. (#37937)
Compiler: quote env scalars with : in YAML — Env values containing : are now properly quoted in compiled YAML, preventing parse errors in generated workflows. (#37706)
TTY guard for ConfirmAction — Matches existing non-TTY fallback in list.go to prevent hangs in non-interactive environments. (#37933)
Windows terminal startup guard — Terminal probing on Windows is now skipped when stderr is redirected, preventing hangs in CI environments. (#37823)

⚡ Performance

Reduced set-memory overhead — High-traffic workflow and CLI paths now use map[string]struct{} sets instead of map[string]bool, reducing allocations in hot paths. (#37480)

📚 Documentation

AI Credits terminology — All user-facing documentation migrated from "Effective Tokens" to "AI Credits" including the cost management reference. (#37692)
GH_AW_GITHUB_TOKEN reference and Go cache guidance — New docs covering secure token configuration and Go build cache best practices. (#37583)
PR lifecycle and setup-steps docs — CONTRIBUTING and DEVGUIDE updated with PR lifecycle guidance; setup-steps docs clarify pre-activation constraints. (#37964, #37436)

Generated by 🚀 Release · 185.4 AIC · ⊞ 28.5K

What's Changed

Enforce bash parser specification invariants in JS Copilot SDK parser by @Copilot in #37394
Align token-usage tests with table-based summary output (JS shard 3/4) by @Copilot in #37399
Resolve lint-js failure by formatting new fuzz/parser JS files and preserve fuzz test coverage in CJS CI by @Copilot in #37406
[aw] Update legacy ET rate-limit guidance to AI Credits-first format by @Copilot in #37400
Emit compact usage artifact from conclusion job for forecast data access by @Copilot in #37408
Trim ambient-context wording from generated footer metrics by @Copilot in #37414
Refactor Antigravity log metrics parsing to meet function-length linter by @Copilot in #37413
feat: add daily-formal-spec-verifier agentic workflow by @Copilot in #37407
Stabilize Daily Caveman Optimizer by keeping model-size experiment and fixing small-agent alias by @Copilot in #37402
recompile: regenerate lock files with dev build by @Copilot in #37422
agentics-maintenance: run forecast directly without log predownload by @Copilot in #37423
Use repo UTC for computed expiration times in generated footers by @Copilot in #37424
Forecast: prefer usage artifact for token AIC, retain legacy agent fallback by @Copilot in #37427
Use AIC in forecast issue report and consume AIC projection fields by @Copilot in #37428
Normalize agentic workflow AI budgets to max-ai-credits: 1500 by @Copilot in #37431
Refresh wasm golden fixtures for compiler output drift by @Copilot in #37433
Standardize agent failure warnings on GitHub alert callouts by @Copilot in #37430
Add AIC, ambient context metrics, and history link to noop comments by @Copilot in #37439
feat(compile): add hidden --use-samples flag for deterministic safe-outputs replay by @dsyme in #37359
Use usage-only forecast artifacts and cache forecast run logs in maintenance workflow by @Copilot in #37440
Surface jobs.<job>.setup-steps in .github/aw syntax docs and clarify setup vs pre hook semantics by @Copilot in #37436
feat(max-ai-credits): allow -1 to disable budget enforcement and steering by @dsyme in #37437
Target effective-token terminology updates to AI credits in instruction docs by @Copilot in #37432
Safe-outputs: add schema-driven synonym mapping (incl. camelCase aliases), keep synonym metadata internal to MCP/CLI prompts, and enforce strict unknown-parameter errors; clarify schema constraints by @Copilot in #37421
Reject setup-steps on activation and pre-activation jobs by @Copilot in #37441
Improve forecast maintenance diagnostics and timeout behavior by @Copilot in #37447
Pin Daily Documentation Healer to explicit Claude model variants by @Copilot in #37445
Include detection AIC in no-op comment footer totals by @Copilot in #37446
Fix Copilot SDK sample driver BYOK session configuration in Daily Model Inventory workflow by @Copilot in #37454
Refactor import-input substitution to shared resolver/serializer utility by @Copilot in #37455
Preserve agent AIC in create-issue footer breakdown by @Copilot in #37464
Include AIC + ambient metrics in auto-triage agent-failure issue footer by @Copilot in #37463
feat: forecast — context-aware downloads, no workflow logs, partial results on timeout, enriched report with repo aggregate by @Copilot in #37457
Enforce required temporary_id for create-issue/create-pull-request via frontmatter and MCP validation by @Copilot in #37469
Use usage artifact JSONL aggregation for max daily AI credits guardrail by @Copilot in #37474
[community] Update community contributions in README by @github-actions[bot] in #37475
Reduce set-memory overhead in high-traffic workflow/CLI paths by @Copilot in #37480
Address json.Marshal error handling gaps and refactor effective token computation API by @Copilot in #37481
[aw] Unblock Daily Compiler Quality by removing overly strict bash tool allowlist by @Copilot in #37485
Require explicit safe-output completion in Code Simplifier workflow by @Copilot in #37489
Forecast: recover missing AIC costs and enrich report ranking/links by @Copilot in #37472
internal/nolint: correctly match comma-separated directives and enforce exact linter tokens by @Copilot in #37495
tolowerequalfold: detect local ToLower/ToUpper aliases in literal comparisons by @Copilot in #37496
[jsweep] Clean workflow_metadata_helpers.cjs by @github-actions[bot] in #37490
fix: add max-ai-credits: 1500 to safe-output-health workflow by @Copilot in #37506
Fix Copilot SDK tool-permission parsing for multiline shell scripts and restore least-privilege workflow allowlist by @Copilot in #37487
Stabilize daily-doc-healer model selection by @Copilot in #37505
Accept milestone_title in assign_milestone safe-output validation by @Copilot in #37529
Harden sample replay JSON-RPC framing and move shim logs off stdout by @Copilot in #37528
Accept runtime ${{ ... }} expressions in safe-outputs samples by @dsyme in #37537
Make safe-outputs sample runtime-expression substitution schema-aware by @dsyme in #37539
[instructions] Sync instruction files with release v0.78.3 by @github-actions[bot] in #37520
[spec-extractor] Update package specifications for envutil, fileutil, gitutil, logger by @github-actions[bot] in #37525
[spec-enforcer] Enforce specifications for cli, console, constants by @github-actions[bot] in #37542
[mcp-tools] Add list_issue_fields to issues toolset mapping by @github-actions[bot] in #37548
Fix golint stringsseq modernize finding in nolint.go by @dsyme in #37567
[aw] Enforce explicit safe-output completion in Dictation Prompt Generator by @Copilot in #37556
Annotate resolve_transport_paths with SEC-005 exemption to avoid false cross-repo validation failure by @Copilot in #37560
Raise Test Quality Sentinel signal for runtime-expression safe-output tests by @Copilot in #37562
Rename file-close AST walker helper for clearer intent by @Copilot in #37568
Fix sample replay multi-repo lookup when Configure Git credentials clobbers origin (#37545) by @dsyme in #37565
Enable explicit AI credit budget guard for Daily Compiler Quality workflow by @Copilot in #37566
Deduplicate conclusion failure messaging for cache misses while preserving specialized alerts by @Copilot in #37575
Add regression tests for Copilot SDK shell-permission parsing on issue command shapes by @Copilot in #37574
docs: fill spec gaps from 2026-06-07 spec-librarian audit by @Copilot in #37577
[actions] Update GitHub Actions versions and recompile workflows - 2026-06-07 by @github-actions[bot] in #37517
Defer sample schema validation for dynamic safe-output tools by @Copilot in #37554
Harden latest-install download path in install-gh-aw.sh with versioned fallback by @Copilot in #37564
fix: use correct filenames (aw-info.jsonl, agent_usage.jsonl, detection_usage.jsonl) in conclusion job usage artifact by @Copilot in #37579
Add summary_detail A/B experiment to dependabot campaign and support guardrail direction metadata by @Copilot in #37563
Default max-ai-credits to enabled 1000 (1k) and align schema/docs by @Copilot in #37585
[aw] Stabilize Daily Documentation Updater model experiment selection by @Copilot in #37582
[dead-code] chore: remove dead functions — 1 function removed by @github-actions[bot] in #37588
fix: reduce max-daily-ai-credits from 100M to 10K across all agentic workflows by @Copilot in #37589
Suppress false ET rate-limit failures with max-ai-credits budget reconciliation by @Copilot in #37581
Docs: add GH_AW_GITHUB_TOKEN reference and secure Go cache guidance by @Copilot in #37583
Bump default Claude Code and Copilot CLI pins and recompile lock workflows by @Copilot in #37584
ci: add integration-fix job — run fix --write then verify compilation by @Copilot in #37596
Deprecate top-level max-runs; migrate to canonical max-turns by @Copilot in #37587
Switch setup failure messaging to GitHub alert callouts (runtime templates only) by @Copilot in #37593
fix: suppress missing tool report when excessive tool denials is present by @Copilot in #37601
Compile project timezone into workflow env for expiration footers by @Copilot in #37594
feat: noop pre-flight and retry guard for all harnesses by @Copilot in #37599
Resolve dev-hawk github-env highs by tightening env-file usage in generated workflow steps by @Copilot in #37586
docs: document skipping the agent via noop in steps by @Copilot in #37607
Handle batched tool/permission denials and normalize read(...) in failure context generation by @Copilot in #37602
Allow safeoutputs/mcpscripts shell wildcard rules when SDK sends full command-text identifiers by @Copilot in #37610
Refreshing WebAssembly test cases by @Copilot in #37614
Apply discussion #37598 recommendations for workflow guidance and persona explorer output routing by @Copilot in #37615
feat: add daily credit limit test workflow (intentionally broken, max-daily-ai-credits: 10) by @Copilot in #37616
Harden Test Quality Sentinel JS analyzer quoting to prevent Copilot step hangs by @Copilot in #37612
Simplify forecast report table, clarify sparse-usage interpretation, and handle zero-AIC missing data by @Copilot in #37609
[linter-miner] add lenstringzero linter by @github-actions[bot] in #37618
Run daily credit-limit test workflow every 12 hours by @Copilot in #37619
[q] Align agent-persona-explorer with issue-based reporting by @Copilot in #37621
Update report guidance to use GitHub alert blocks instead of emoji severity markers by @Copilot in #37628
Lower daily credit-limit guardrail test to 1 AI credit by @Copilot in #37631
fix(forecast): slim down report table — drop P95/Run and Weekly columns, capitalize heading by @Copilot in #37626
Tighten AI Credits guardrail messaging and approximate AIC display by @Copilot in #37623
fix: replace deprecated gpt-5.4-mini with gpt-5-mini in daily-cache-strategy-analyzer experiment by @Copilot in #37630
Align forecast rounding test with current issue table schema by @Copilot in #37641
Normalize Copilot SDK read permission grants to allow all read requests by @Copilot in #37643
Add daily workflow to test per-run max AI credits guardrail by @Copilot in #37642
Replace “effective tokens” wording with “AI credits” across workflow instruction docs by @Copilot in #37644
Remove explicit Copilot model from daily max-AI-credits guardrail workflow by @Copilot in #37646
Optimize maintenance activity report by using usage-only artifacts by @Copilot in #37648
Use API proxy event logs as the ambient context source of truth by @Copilot in #37655
Use concrete Claude model variants in Daily Caveman Optimizer by @Copilot in #37656
Add explicit AI credits budget to Daily Team Evolution Insights by @Copilot in #37657
Configure Daily Regulatory workflow with explicit AI Credits budget by @Copilot in #37665
Strengthen daily max-credit test prompt with forced multi-turn large-file reads by @Copilot in #37669
Add explicit AI credit budget to audit workflow by @Copilot in #37666
fix: scope daily AIC guardrail to repo+workflow, not per user by @Copilot in #37634
Remove stale 25M default budget language and align docs to current guardrail behavior by @Copilot in #37671
docs: surface guardrail direction + numeric threshold across experiment docs by @Copilot in #37670
[docs] Self-healing documentation fixes from issue analysis - 2026-06-08 by @github-actions[bot] in #37679
Add fix codemod to migrate safe-outputs message ET suffix placeholders to AI credits suffix by @Copilot in #37685
Remove legacy effective-token limits and ET surfacing; keep migration codemods by @Copilot in #37686
fix: add missing RuntimeConnection import in copilot_sdk_driver_sample_node.cjs by @Copilot in #37684
Remove JavaScript-side effective-token handling in favor of AI credits by @Copilot in #37673
[WIP] Fix the failing GitHub Actions job build by @Copilot in #37674
Fix duplicate success marker in gh aw fix --write output by @Copilot in #37688
Replace effective_tokens_rate_limit_error with ai_credits_rate_limit_error across workflow outputs by @Copilot in #37691
Replace EffectiveTokens with AI Credits in CLI audit/logs outputs by @Copilot in #37690
Migrate docs terminology from Effective Tokens to AI Credits by @Copilot in #37692
OpenTelemetry JS: enforce AIC emission and block effective token attribute by @Copilot in #37693
Add ET→AIC build-update blog post aligned to Copilot and models.dev pricing by @Copilot in #37694
Stabilize pinning tests and unify wasm golden normalization by @Copilot in #37711
[community] Update community contributions in README by @github-actions[bot] in #37725
Fix fragile "edit" substring count in sandbox tools test by @Copilot in #37736
Fix CJS workflow failure by formatting model-table generator script by @Copilot in #37738
compiler: quote env scalars containing : in compiled YAML by @Copilot in #37706
Tighten max-ai-credits failure issue messaging by @Copilot in #37739
fix: normalize shell heredoc reasons and suppress engine failure noise when tool denials exceeded by @Copilot in #37744
Prevent Designer Drift Audit failure on empty reference matches by @Copilot in #37743
Sync lenstringzero across linter docs and spec contract (21 → 22) by @Copilot in #37751
Migrate remaining daily guardrail ET wording to AI Credits (without schema/key changes) by @Copilot in #37754
[spec-review] Update Safe Outputs conformance checker for recent spec changes by @github-actions[bot] in #37757
[code-simplifier] Simplify AI credits audit log parsing: extract shared helper, eliminate double file read by @github-actions[bot] in #37731
Improve lenstringzero precision for len(string) aliases in zero-comparisons by @Copilot in #37750
[jsweep] Clean update_release.cjs by @github-actions[bot] in #37745
chore: update drain3 default log pattern weights by @github-actions[bot] in #37762
[awf] Bump firewall images to v0.25.66 and MCPG to v0.3.24 by @Copilot in #37708
[instructions] Sync instruction files with release v0.78.3 by @github-actions[bot] in #37789
[architecture] Update architecture diagram - 2026-06-08 by @github-actions[bot] in #37794
[spec-extractor] Update package specifications for parser, repoutil, semverutil, sliceutil by @github-actions[bot] in #37801
[docs] Update glossary - weekly full scan by @github-actions[bot] in #37803
[spec-enforcer] Enforce specification for importinpututil by @github-actions[bot] in #37810
Align spinner docs with MiniDot and remove dead Bubble Tea keypath by @Copilot in #37827
[ab-advisor] A/B experiment for copilot-agent-analysis: output_format (structured vs. prose) by @Copilot in #37826
Guard startup terminal probing on Windows when stderr is redirected by @Copilot in #37823
Add daily Windows terminal agent to maintain cross-OS CLI integration workflow by @Copilot in #37842
Add CWI.yml: Windows CLI build and integration test workflow by @Copilot in #37844
Fix CI Optimization Coach failure by formatting handle_agent_failure.test.cjs by @Copilot in #37843
Add pr-finisher skill for merge-readiness workflows by @Copilot in #37873
Fix CI lint failures and Windows integration tests on main by @dsyme in #37880
update actions by @pelikhan in #37883
[dead-code] chore: remove dead functions — 11 functions removed by @github-actions[bot] in #37846
Fix CI: add missing v0.3.24 MCPG pin and Windows test compatibility by @dsyme in #37887
Add formal AWF config source conformance test suite (P1–P10) by @Copilot in #37868
[WIP] Fix failing GitHub Actions job for CLI Docker build by @Copilot in #37886
Optimize CWI Windows workflow trigger and compile coverage by @Copilot in #37892
[linter-miner] feat(linters): add sortslice linter to flag sort.Slice/sort.SliceStable by @github-actions[bot] in #37888
pr-finisher: add copilot-review step after make fmt by @Copilot in #37895
Force Responses wire API for o4-mini in AOAI apikey smoke test by @Copilot in #37874
[WIP] Fix failing GitHub Actions job lint-go by @Copilot in #37891
ci: scope workflow triggers to relevant paths by @pelikhan in #37898
Explore impact report by @mnkiefer in #37897
Always key mermaid nodes with descriptive IDs; never delete mermaid diagrams in unbloat by @Copilot in #37896
Upgrade pr-finisher skill with agent-merge patterns by @pelikhan in #37905
docs: add db migration pattern, deployment_status clarification, and PR-report checklist by @Copilot in #37904
Bump default MCP Gateway to v0.3.25 and firewall to v0.25.67, merge main, and regenerate pinned lock artifacts by @Copilot in #37885
Move noop to final turn in daily max-ai-credits guardrail workflow by @Copilot in #37926
Explore impact efficiency by @Copilot in #37924
Require per-iteration commit/push in pr-finisher skill by @Copilot in #37928
Replace codex-incompatible gpt-5-mini variant in Daily Cache Strategy Analyzer by @Copilot in #37930
Fix "Organizations" typo in docs sidebar (2 locations) by @Copilot in #37934
Stop retrying Copilot CLI PAT-rejection 400 as transient by @pelikhan in #37937
Align mcp/secrets unknown-subcommand behavior with root CLI errors by @Copilot in #37935
Add TTY guard to ConfirmAction to match list.go non-TTY fallback by @Copilot in #37933
[caveman] Optimize instruction verbosity — campaign, charts-trending (2026-06-08) by @github-actions[bot] in #37944
fix(bundle): include refs/heads/ in bundle when agent HEAD is on target branch (non-main dispatch) by @Copilot in #37929
feat: detect max-ai-credits guardrail exhaustion from firewall audit log by @Copilot in #37936
ci-coach: make pre-flight validation non-fatal so the coach can repair broken CI by @pelikhan in #37957
fix: add missing artifact sets to --artifacts flag description by @Copilot in #37954
Add coverage-aware impacted-unit-test Makefile targets and run them in CGO/CJS workflows by @Copilot in #37952
Add PR lifecycle guidance to CONTRIBUTING and DEVGUIDE by @Copilot in #37964
Enable Copilot org-billing auth for ready-for-review PR reviewer workflows by @Copilot in #37968
Honor role_name in runtime role authorization for on.roles (maintain/triage) by @Copilot in #37959
Fix gh aw add parsing for long hyphenated repository names by @Copilot in #37960
Align no-op tracker expiry with maintenance workflow generation by @Copilot in #37965
fix: remove unsupported --related flag from vitest invocation by @Copilot in #37975
Enable copilot-requests feature in Daily Max AI Credits workflow by @Copilot in #37992
add-comment: support hide-older-comments.match for exact multi-workflow comment minimization by @Copilot in #37977
Clarify pr-finisher handling for github-actions[bot] review threads by @Copilot in #37996
Bump gh-aw-firewall to v0.25.68 and refresh generated artifacts by @Copilot in #37995
Derive omitted GitHub App owners from effective checkout target by @Copilot in #37976
[community] Update community contributions in README by @github-actions[bot] in #38009
Prioritize max-ai-credits exhaustion over engine HTTP 429 classification in failure reporting by @Copilot in #38022
Stop harness retries on AI-credit exhaustion and AWF proxy blocking signals by @Copilot in #38018
Replace non-idiomatic len(string) == 0 checks flagged by lenstringzero by @Copilot in #38015
[lint-monster] Migrate unsafe sort.Slice calls to type-safe slices.SortFunc by @Copilot in #38014
Version issue-creation REST calls in handle_agent_failure by @Copilot in #38017

Full Changelog: v0.78.3...v0.79.0