Skip to content

v0.68.5

Pre-release
Pre-release

Choose a tag to compare

View all tags
@github-actions github-actions released this 16 Apr 16:16
· 237 commits to main since this release
Immutable release. Only release title and notes can be modified.
v0.68.5
6ec285a
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

🌟 Release Highlights

This release delivers two new workflow customization features, a significant security hardening for cache-memory workflows, and resolves four community-reported issues around permissions, safe-outputs protection, and GitHub App token deprecation.

✨ What's New

  • pre-agent-steps frontmatter field β€” Inject custom steps immediately before the agent engine runs. Supports imports and merge semantics, giving you fine-grained control over pre-execution setup without forking shared workflows. (#26666)

  • MCP config relocated to .github/mcp.json β€” The MCP configuration file now lives at .github/mcp.json (previously .mcp.json at the repository root), aligning with standard GitHub configuration conventions. The init flow creates the new path automatically; existing .mcp.json files will need to be migrated. (#26665)

  • shared/reporting-otlp.md import bundle β€” A new composite import combines shared/reporting.md and shared/observability-otlp.md into a single import, reducing boilerplate in telemetry-enabled reporting workflows. (#26655)

  • cache-memory working-tree sanitization β€” Cached working trees are now sanitized before agent execution to neutralize planted executables and disallowed files, hardening workflows that persist state across runs. (#26587)

πŸ› Bug Fixes & Improvements

  • Environment-level secrets now work correctly β€” The environment: frontmatter field now properly propagates to the activation job, preventing false secret-validation failures for environment-scoped secrets. (#26650)

  • Activation-job permissions are now narrowly scoped β€” Compiled workflows no longer request broader permissions (e.g. discussions:write, pull-requests:write) than the workflow actually requires; permissions are now derived from the actual trigger events. (#26535)

  • GitHub App token input migrated to client-id β€” Resolves the app-id deprecation warning. Includes schema-level compatibility and an automatic codemod to migrate existing workflows. (#26551)

  • safe-outputs protected file manifests aligned for Claude engine β€” The activation-job config and handler config now use consistent protected_files/protected_path_prefixes for Claude engine workflows, fixing a mismatch that could cause safe-output failures. (#26550)

  • BYOK Copilot model fallback fixed β€” Prevents an empty COPILOT_MODEL variable in compiled BYOK workflows. (#26566)

  • Auto-Triage pre-agent auth failure resolved β€” Fixes no-op failed runs caused by an authentication failure before the agent step. (#26572)

  • CLI Version Checker false positives eliminated β€” The version checker no longer reports failures when safe outputs were already produced in a prior step. (#26570)

  • Security: @mention injection in create_issue body neutralized β€” Sanitizes @mentions in issue bodies to close a cross-workflow prompt-injection gap. (#26589)

  • Security: steganographic injection via markdown link titles neutralized (#26596)

  • MCP Gateway updated to v0.2.21 (#26678)

πŸ“š Documentation

  • Improved mobile table readability across the docs site β€” table columns now expose data-label attributes for card-layout rendering on small screens. Homepage videos gained descriptive accessibility metadata. (#26660)

🌍 Community Contributions

A huge thank you to the community members who reported issues that were resolved in this release!

@AlexDeMichieli

@corygehr

@deyaaeldeen

@lupinthe14th

For complete details, see CHANGELOG.

Generated by Release Β· ● 1.7M

What's Changed

  • Scope activation-job permissions to actual trigger events and add status-comment discussions/issues/pull-requests toggles by @Copilot in #26535
  • Migrate GitHub App token input to client-id, add schema-level compatibility, and provide codemod migration by @Copilot in #26551
  • safe-outputs: align activation protected manifests with handler config for engine-specific files by @Copilot in #26550
  • Generate poutine untrusted_checkout_exec suppression for workflow_call save-base steps by @Copilot in #26552
  • Fix Auto-Triage Issues pre-agent auth failure that caused no-op failed runs by @Copilot in #26572
  • Refactor MCP validation into focused sub-validators by @Copilot in #26573
  • Prevent false CLI Version Checker failures when safe outputs were already produced by @Copilot in #26570
  • Refactor dispatch workflow validation by extracting file-resolution utilities by @Copilot in #26574
  • fix: sanitize @mentions in create_issue body to close XPIA gap by @Copilot in #26589
  • [docs] Consolidate developer specs - tone fixes v6.2 (2026-04-16) by @github-actions[bot] in #26612
  • [instructions] Sync github-agentic-workflows.md with v0.68.3 by @github-actions[bot] in #26607
  • [docs] Update documentation for features from 2026-04-16 by @github-actions[bot] in #26605
  • [spec-enforcer] Enforce specifications for stats, styles, testutil by @github-actions[bot] in #26601
  • [spec-extractor] Update package specifications for agentdrain, fileutil, gitutil, tty by @github-actions[bot] in #26600
  • [fp-enhancer] refactor(actionpins): precompile SHA regex and extract findCompatiblePin helper by @github-actions[bot] in #26597
  • [architecture] Update architecture diagram - 2026-04-16 by @github-actions[bot] in #26591
  • Split template injection validator by responsibility by @Copilot in #26580
  • Refactor workflow tool validation by separating GitHub-specific logic from core tools validation by @Copilot in #26579
  • Refactor safe-outputs max validation into dedicated module to enforce validator file size limit by @Copilot in #26581
  • fix(sanitize): neutralize markdown link title text to close steganographic injection channel by @Copilot in #26596
  • Ensure activation secret validation is skipped when top-level environment is configured by @Copilot in #26650
  • Fix BYOK Copilot model fallback to avoid empty COPILOT_MODEL in compiled workflows by @Copilot in #26566
  • Refactor daily audit import stack into shared daily-audit-base component by @Copilot in #26654
  • Rename GetActionPinWithData to ResolveActionPin in pkg/actionpins by @Copilot in #26657
  • Refactor workflow imports: add shared/reporting-otlp.md bundle and migrate dual-import workflows by @Copilot in #26655
  • cache-memory: add pre-agent working-tree sanitization to neutralize planted executables and disallowed files by @Copilot in #26587
  • Configure Architecture Guardian thresholds via repository-level .architecture.yml by @Copilot in #26664
  • chore: bump DefaultMCPGatewayVersion to v0.2.21 by @lpcox in #26678
  • Move MCP config from .mcp.json to .github/mcp.json by @Copilot in #26665

Full Changelog: v0.68.4...v0.68.5

Contributors

lpcox
Assets 17
Loading