diff --git a/.claude/commands/aw-daily.md b/.claude/commands/aw-daily.md index b01e42d..24a0095 100644 --- a/.claude/commands/aw-daily.md +++ b/.claude/commands/aw-daily.md @@ -1,34 +1,43 @@ --- -name: aw-daily -description: > - Fully autonomous daily pipeline: research, discussion posting, gap analysis, - implementation, and PR to develop. Designed for unattended execution. - Use with: /aw-daily [--dry-run] [--skip-research] [--skip-implementation] [--no-merge] -tools: - - WebSearch - - WebFetch - - Write - - Edit - - Bash - - Read +description: Fully autonomous daily intelligence, gap analysis, implementation, and PR cycle +argument-hint: "[--dry-run] [--skip-research] [--skip-implementation] [--no-merge]" --- -Run the `aw-daily` skill to execute the full daily intelligence and update pipeline. +# /aw-daily + +Fully autonomous daily pipeline: research the gh-aw ecosystem, post to Discussions, analyze gaps in reference files, implement fixes, create PR to `develop`, review, and merge. Designed for unattended execution. + +## Usage + +``` +/aw-daily → Full autonomous cycle +/aw-daily --dry-run → Research + gap analysis only, show diff, no commit +/aw-daily --skip-research → Start at gap analysis using latest report +/aw-daily --skip-implementation → Research + gap analysis + issues only, no file edits +/aw-daily --no-merge → Create PR but do not auto-merge +``` ## Flags -Parse the argument string for these optional flags: +- `--dry-run` — Run research and gap analysis, show what would change, do not commit or create PR +- `--skip-research` — Skip intelligence sweep, start at gap analysis using the most recent report in `outputs/gh-aw-reports/` +- `--skip-implementation` — Run research, gap analysis, and issue creation, but do not edit files or create PR +- `--no-merge` — Create PR but do not auto-merge to `develop` + +## Workflow -- `--dry-run` — Research + gap analysis only, show diff, no commit/PR -- `--skip-research` — Start at gap analysis using latest report -- `--skip-implementation` — Research + gap analysis + issues, no file edits/PR -- `--no-merge` — Create PR but do not auto-merge +You are an autonomous operations agent performing the daily intelligence and update cycle. Execute all phases without user prompting. -## Steps +**Do not prompt the user for input at any point.** This command is designed for scheduled unattended execution. -1. Load the aw-daily skill by reading `skills/aw-daily/SKILL.md`. -2. Follow the skill's 9-phase instructions exactly. -3. Do not prompt the user for input at any point. -4. Report the final summary table when complete. +Load the **aw-daily** skill and execute all phases. The skill handles: -This command is designed for scheduled unattended execution. +1. Pre-flight checks and idempotency +2. Intelligence sweep (8 web searches + GitHub activity queries on tracked repos) +3. Knowledge base update +4. Discussion posting to `project-news` category +5. Gap analysis against reference files +6. Issue creation for identified gaps +7. Implementation on feature branch from `develop` +8. PR creation to `develop` +9. Review and auto-merge diff --git a/.claude/commands/aw-merge.md b/.claude/commands/aw-merge.md index cc9d3a5..a5a2875 100644 --- a/.claude/commands/aw-merge.md +++ b/.claude/commands/aw-merge.md @@ -1,20 +1,99 @@ --- -name: aw-merge -description: > - Weekly develop-to-main merge with PR, CI check, and squash merge. - Use with: /aw-merge [--dry-run] [--no-reset] -tools: - - Bash - - Read +description: Merge develop branch to main with PR, CI check, and squash merge +argument-hint: "[--dry-run] [--no-reset]" --- -Merge `develop` into `main` via PR. +# /aw-merge -1. Check if `develop` is ahead of `main` -2. If so, create a PR from `develop` to `main` -3. Wait for CI checks (max 5 minutes) -4. Squash merge -5. Unless `--no-reset`, reset `develop` to new `main` HEAD +Weekly merge of `develop` into `main`. Creates a PR, waits for CI, squash merges, and resets `develop` to the new `main` HEAD. -If `develop` is not ahead of `main`, report "Nothing to merge" and exit. -If `--dry-run`, show what would be merged but take no action. +## Usage + +``` +/aw-merge → Full merge cycle +/aw-merge --dry-run → Show what would be merged, do not create PR +/aw-merge --no-reset → Merge but do not reset develop to main after +``` + +## Flags + +- `--dry-run` — Show commits on `develop` ahead of `main`, do not create PR or merge +- `--no-reset` — After merge, do not reset `develop` to `main` HEAD (preserves divergent history) + +## Workflow + +You are an autonomous operations agent performing the weekly develop-to-main merge. + +**Do not prompt the user for input at any point.** + +### Phase 1: Check divergence + +```bash +git fetch origin main develop +AHEAD=$(git rev-list --count origin/main..origin/develop) +``` + +If `AHEAD` is 0: report "develop is up to date with main. Nothing to merge." and **exit**. + +If `--dry-run`: show `git log --oneline origin/main..origin/develop` and **exit**. + +### Phase 2: Create PR + +```bash +gh pr create \ + --draft \ + --repo zircote/github-agentic-workflows \ + --base main \ + --head develop \ + --title "chore: weekly develop merge $(date +%Y-%m-%d)" \ + --body "## Summary + +Weekly merge of \`develop\` into \`main\`. + +**Commits:** $AHEAD commits since last merge. + +\`\`\` +$(git log --oneline origin/main..origin/develop) +\`\`\` + +--- +_Automated by /aw-merge_" +``` + +Mark PR ready: +```bash +gh pr ready +``` + +### Phase 3: CI and merge + +1. Wait for CI checks: poll `gh pr checks` every 15 seconds, max 5 minutes +2. If CI passes (or no checks configured): squash merge +```bash +gh pr merge --squash --auto --delete-branch=false +``` +3. If CI fails: leave PR open, report URL + +### Phase 4: Reset develop (unless `--no-reset`) + +After successful merge, reset `develop` to match `main`: +```bash +git checkout develop +git reset --hard origin/main +git push --force-with-lease origin develop +git checkout main +git pull +``` + +### Final Report + +``` +┌──────────────────────────────────────────┐ +│ /aw-merge complete │ +├──────────────────────────────────────────┤ +│ Commits merged: N │ +│ PR: URL │ +│ Merged: yes/no │ +│ develop reset: yes/no/skipped │ +└──────────────────────────────────────────┘ +``` diff --git a/.claude/commands/aw-report.md b/.claude/commands/aw-report.md index 2748f0e..dbb9a06 100644 --- a/.claude/commands/aw-report.md +++ b/.claude/commands/aw-report.md @@ -1,37 +1,53 @@ --- -name: aw-report -description: > - Generate today's GitHub Agentic Workflows intelligence report. Searches the web - for the latest news, features, breaking changes, and community activity across - the gh-aw ecosystem, then produces and saves a structured Markdown report and - posts it to GitHub Discussions for historical record. - Use with: /aw-report [--deep] [--no-post] [--domains domain1,domain2] -tools: - - WebSearch - - WebFetch - - Write - - Bash - - Read +description: Run a full gh-aw ecosystem intelligence sweep and produce a dated report +argument-hint: "[--deep] [--no-post] [--domains domain1,domain2]" --- -Run the `gh-aw-report` skill to produce today's GitHub Agentic Workflows intelligence report. +# /aw-report -## Flags +Runs a full intelligence sweep across the GitHub Agentic Workflows ecosystem — 8+ web searches — and produces a dated Markdown report saved to `outputs/gh-aw-reports/YYYY-MM-DD.md`. Updates the persistent knowledge base and posts to GitHub Discussions. + +## Usage -Parse the argument string for these optional flags: +``` +/aw-report → Full sweep, all domains, post to Discussions +/aw-report --deep → Extended sweep with deep-dive queries +/aw-report --no-post → Generate report without posting to Discussions +/aw-report --domains gh-aw,mcp → Only sweep specified domains +``` + +## Flags - `--deep` — Run additional deep-dive queries from the extended query library beyond the 8 primary searches - `--no-post` — Skip posting to GitHub Discussions (still saves report locally and updates knowledge base) -- `--domains` — Comma-separated list of domains to sweep. Valid: `gh-aw`, `actions`, `workspace`, `agent-mode`, `models`, `mcp-server`, `claude-code`, `community` +- `--domains` — Comma-separated list of domains to sweep. Valid domains: `gh-aw`, `actions`, `workspace`, `agent-mode`, `models`, `mcp-server`, `claude-code`, `community` + +## Workflow + +You are an intelligence analyst for the gh-aw ecosystem. Load the **gh-aw-report** skill to execute the full intelligence cycle: + +1. Load context from the knowledge base and architecture reference +2. Execute the primary sweep (8 targeted web searches) +3. If `--deep` is passed, run additional deep-dive queries +4. If `--domains` is passed, filter to only the specified domains +5. Synthesize findings into a structured report +6. Save the report to `outputs/gh-aw-reports/YYYY-MM-DD.md` +7. Update the knowledge base with stable facts +8. Unless `--no-post`, post the report to GitHub Discussions in the `project-news` category at `zircote/github-agentic-workflows` +9. Print the final summary + +## Examples + +``` +/aw-report +# → Full sweep, saves report, updates KB, posts to Discussions -## Steps +/aw-report --deep +# → Extended sweep with deep-dive queries on rich domains -1. Load the gh-aw-report skill by reading `skills/gh-aw-report/SKILL.md`. -2. Follow the skill's instructions exactly — perform all 8 required web searches (or filtered if `--domains` specified), synthesize findings, and produce the full structured report. -3. If `--deep` is passed, run additional deep-dive queries from `skills/gh-aw-report/references/search-queries.md`. -4. Save the report to `outputs/gh-aw-reports/YYYY-MM-DD.md` (today's date). -5. Update the knowledge base at `skills/gh-aw-report/knowledge-base.md`. -6. Unless `--no-post`, post the report to GitHub Discussions in the `Project News` category at `zircote/github-agentic-workflows` using the GraphQL API (see skill Phase 6). -7. Present the saved report link, discussion URL, and a 3-sentence summary of the most important findings. +/aw-report --no-post --domains gh-aw,mcp-server +# → Only sweep gh-aw core and MCP server, skip Discussions post -Do not produce placeholder content. Every section must reflect real search results from today's run. +/aw-report --deep --domains claude-code +# → Deep dive on Claude Code × GitHub integrations only +``` diff --git a/.claude/commands/aw-status.md b/.claude/commands/aw-status.md index 0fd2645..d50a8fe 100644 --- a/.claude/commands/aw-status.md +++ b/.claude/commands/aw-status.md @@ -1,32 +1,60 @@ --- -name: aw-status -description: > - Summarize the current state of the GitHub Agentic Workflows ecosystem from the - persistent knowledge base. Provides a quick briefing without running new web - searches. Use with: /aw-status [--domain domain] [--since YYYY-MM-DD] -tools: - - Read +description: Quick briefing on current gh-aw ecosystem state from the knowledge base +argument-hint: "[--domain domain] [--since YYYY-MM-DD]" --- -Read the knowledge base at `skills/gh-aw-report/knowledge-base.md` -and provide a concise status briefing covering: +# /aw-status -## Flags +Reads the persistent knowledge base and delivers a quick 300–400 word briefing on the current state of the gh-aw ecosystem. No web searches needed — this is a fast, offline status check. + +## Usage + +``` +/aw-status → Full briefing across all domains +/aw-status --domain gh-aw → Briefing focused on a specific domain +/aw-status --since 2026-04-01 → Only entries since the given date +``` -Parse the argument string for these optional flags: +## Flags - `--domain` — Focus the briefing on a specific domain: `gh-aw`, `actions`, `workspace`, `agent-mode`, `models`, `mcp-server`, `claude-code`, `community` - `--since` — Only include knowledge base entries from this date forward -## Briefing Format +## Workflow + +You are a briefing analyst. Deliver a concise status report from the knowledge base. + +1. Read the knowledge base at `skills/gh-aw-report/knowledge-base.md` +2. Read `skills/gh-aw-report/references/gh-aw-architecture.md` for architecture context +3. If `--domain` is passed, filter entries to the specified domain +4. If `--since` is passed, filter entries to those dated on or after the given date +5. Synthesize a 300–400 word briefing covering: + +### Briefing Format + +``` +## gh-aw Ecosystem Status — YYYY-MM-DD + +### Current Versions +- gh-aw CLI: vX.Y.Z +- GitHub MCP Server: vX.Y.Z +- [other tracked versions] + +### Active Deprecations +- [deprecation with timeline and migration path] + +### Recent Changes (last 7 days) +- [notable changes from knowledge base] + +### Recommended Actions +- [specific actions for workflow maintainers] +``` -1. **Current versions & GA status** — gh-aw CLI, Copilot CLI, Copilot Workspace, GitHub MCP Server -2. **Active deprecations & breaking changes** — what needs migration now -3. **Key architectural facts** — how the system works (safe outputs, AWF, MCP Gateway, etc.) -4. **Last report date** — when the knowledge base was last updated -5. **Recommended immediate actions** — top 2–3 things a practitioner should do right now +6. If the knowledge base is empty or has no recent entries, report that and recommend running `/aw-report` to populate it. -Keep the briefing to 300–400 words. If the knowledge base has not been updated in more -than 3 days, note this and recommend running `/aw-report` to refresh. +## Notes -Entries marked `[SUPERSEDED]` should be excluded from the briefing. +- This command does NOT perform web searches — it reads only from the knowledge base +- For fresh intelligence, run `/aw-report` first +- The knowledge base is updated by each `/aw-report` run +- Entries marked `[SUPERSEDED]` are excluded from the briefing diff --git a/.claude/skills/aw-daily/SKILL.md b/.claude/skills/aw-daily/SKILL.md index e2f8c50..e8cc9a2 100644 --- a/.claude/skills/aw-daily/SKILL.md +++ b/.claude/skills/aw-daily/SKILL.md @@ -1,16 +1,374 @@ --- name: aw-daily -description: > +description: | Fully autonomous daily pipeline for the aw-author plugin. Executes intelligence research (web search + GitHub activity queries), posts to Discussions, performs gap analysis against reference files, creates issues, implements changes on - develop branch, creates PR, requests review, and auto-merges. + develop branch, creates PR, requests review, and auto-merges. Designed for + unattended execution with zero human intervention. Triggers on: "aw-daily", + "daily pipeline", "daily cycle", "autonomous update". --- -Load and follow the instructions in `skills/aw-daily/SKILL.md` exactly. +# Autonomous Daily Intelligence Pipeline -This is the Claude Code mirror of the main skill. The full 9-phase pipeline -(Pre-flight → Research → KB Update → Discussion → Gap Analysis → Issues → -Implementation → PR → Review & Merge) is defined in the main skill file. +You are an autonomous operations agent. Execute all phases below in order. If any phase fails, follow the error mode specified. **Do not prompt the user for input at any point.** This pipeline is designed for fully unattended execution. -Parse flags from arguments: `--dry-run`, `--skip-research`, `--skip-implementation`, `--no-merge`. +Parse the argument string for optional flags: +- `--dry-run` -- Research + gap analysis only, show diff, do not commit or PR +- `--skip-research` -- Start at Phase 4 using the latest report in `outputs/gh-aw-reports/` +- `--skip-implementation` -- Research + gap analysis + issues only, do not edit files or PR +- `--no-merge` -- Create PR but do not auto-merge to `develop` + +--- + +## Phase 0: Pre-flight & Idempotency + +1. Determine today's date: `date +%Y-%m-%d` -> store as `TODAY` +2. Verify `gh` CLI: `gh auth status` +3. Verify clean working tree: `git status --porcelain` must be empty + - If dirty: **ABORT** -- "Working tree is dirty. Commit or stash before running /aw-daily." +4. Capture current branch: `git branch --show-current` -> store as `ORIGINAL_BRANCH` + +**Ensure `develop` branch exists:** +```bash +if ! git ls-remote --exit-code origin develop >/dev/null 2>&1; then + git checkout main + git checkout -b develop + git push -u origin develop + git checkout "$ORIGINAL_BRANCH" +fi +git fetch origin develop +``` + +**Idempotency checks:** + +5. Check if today's Discussion already exists: +```bash +EXISTING_DISCUSSION=$(gh api graphql -f query='{ repository(owner:"zircote", name:"github-agentic-workflows") { discussions(categoryId:"DIC_kwDORSXBr84C61Lr", first:5, orderBy:{field:CREATED_AT, direction:DESC}) { nodes { title url } } } }' -q ".data.repository.discussions.nodes[] | select(.title | contains(\"$TODAY\")) | .url") +``` +If found and `--skip-research` not set: set `RESEARCH_DONE=true`, store URL as `DISCUSSION_URL` + +6. Check if today's PR already exists: +```bash +EXISTING_PR=$(gh pr list --repo zircote/github-agentic-workflows --base develop --search "daily-intelligence-$TODAY" --state all --json number,url -q '.[0].url') +``` +If found: report "Today's pipeline already completed. PR: $EXISTING_PR" and **exit successfully**. + +--- + +## Phase 1: Research (Intelligence Sweep) + +Skip if `RESEARCH_DONE=true` or `--skip-research` flag. + +### 1a. Load context + +1. Read `.claude/skills/gh-aw-report/knowledge-base.md` -- note the most recent entry date as `LAST_DATE` +2. Read `.claude/skills/gh-aw-report/references/gh-aw-architecture.md` for current known state +3. Read `.claude/skills/gh-aw-report/references/search-queries.md` for query library +4. Read `.claude/skills/aw-daily/references/tracked-repos.md` for GitHub activity query patterns + +### 1b. Web searches + +Execute the 8 primary sweep queries from the search query library: +1. gh-aw core: releases, updates, breaking changes +2. GitHub Actions AI features +3. GitHub Copilot Workspace updates +4. GitHub Copilot Agent Mode / CLI updates +5. GitHub Models API changes +6. GitHub MCP Server releases +7. Claude Code x GitHub integrations +8. Agentic CI/CD community patterns + +For each query, extract: version numbers, release dates, feature descriptions, deprecation notices, breaking changes, source URLs. + +### 1c. GitHub activity queries + +Query tracked repositories for activity since `LAST_DATE`: + +```bash +# github/gh-aw -- issues, PRs, discussions +gh search issues --repo github/gh-aw --created ">=$LAST_DATE" --sort created --json title,url,labels,createdAt --limit 20 +gh search prs --repo github/gh-aw --created ">=$LAST_DATE" --sort created --json title,url,labels,state,createdAt --limit 20 + +# github/github-mcp-server -- releases +gh release list --repo github/github-mcp-server --limit 5 --json tagName,publishedAt,name + +# github/gh-aw -- discussions +gh api graphql -f query='{ repository(owner:"github", name:"gh-aw") { + discussions(first:10, orderBy:{field:CREATED_AT, direction:DESC}) { + nodes { title url createdAt category { name } } + } +}}' + +# zircote/github-agentic-workflows -- own activity +gh search issues --repo zircote/github-agentic-workflows --created ">=$LAST_DATE" --sort created --json title,url,labels,createdAt --limit 10 +``` + +Prioritize items labeled `breaking-change`, `deprecation`, `safe-output`, `engine`, `mcp`. + +### 1d. Synthesize report + +Combine web search findings and GitHub activity into the standard report structure: + +```markdown +# gh-aw Ecosystem Intelligence Report -- {TODAY} + +## Executive Summary +## 1. gh-aw Core +## 2. GitHub Actions AI +## 3. Copilot Workspace +## 4. Copilot Agent Mode +## 5. GitHub Models API +## 6. GitHub MCP Server +## 7. Claude Code x GitHub +## 8. Agentic CI/CD Community +## GitHub Activity Since {LAST_DATE} +## Deprecation Watch +## Recommended Actions +## Sources +``` + +Save to `outputs/gh-aw-reports/{TODAY}.md`. If file exists, append counter: `{TODAY}-2.md`. + +**Error mode:** If zero results across all 8 web searches AND all GitHub queries return empty, **ABORT** -- "No intelligence data available. Check network and API access." + +--- + +## Phase 2: Knowledge Base Update + +1. Review findings for stable, persistent facts (version releases, deprecations, breaking changes, architecture changes) +2. Check existing entries in `.claude/skills/gh-aw-report/knowledge-base.md` for duplicates +3. Append new entries using the format: +```markdown +### YYYY-MM-DD -- category -- Title +Content +``` +4. Mark superseded entries with `[SUPERSEDED by YYYY-MM-DD]` + +Categories: `version`, `deprecation`, `breaking-change`, `architecture`, `ecosystem`, `security`, `feature` + +**Error mode:** If write fails, log warning and continue. KB update is not blocking. + +--- + +## Phase 3: Discussion Posting + +Skip if `RESEARCH_DONE=true`. + +Post the report to GitHub Discussions: + +```bash +REPO_ID=$(gh api graphql -f query='{ repository(owner:"zircote", name:"github-agentic-workflows") { id } }' -q '.data.repository.id') + +DISCUSSION_URL=$(gh api graphql -f query=' + mutation($repoId: ID!, $catId: ID!, $title: String!, $body: String!) { + createDiscussion(input: {repositoryId: $repoId, categoryId: $catId, title: $title, body: $body}) { + discussion { url } + } + }' \ + -f repoId="$REPO_ID" \ + -f catId="DIC_kwDORSXBr84C61Lr" \ + -f title="gh-aw Intelligence Report -- $TODAY" \ + -f body="$(cat outputs/gh-aw-reports/$TODAY.md)" \ + -q '.data.createDiscussion.discussion.url') +``` + +Store `DISCUSSION_URL` for the final summary. + +**Error mode:** If GraphQL fails, log warning and continue. Discussion posting is historical, not blocking. + +--- + +## Phase 4: Gap Analysis + +Read `.claude/skills/aw-daily/references/gap-analysis-targets.md` to load the reference file inventory. + +For each reference file in the inventory: + +1. Read the file +2. Compare against today's research findings: + - **Version numbers**: Check tracked version locations against release data + - **Deprecated features**: Check if deprecated items are documented with warnings + - **New features**: Check if new safe-outputs, tools, fields, patterns are covered + - **Corrections**: Check if any findings contradict current content +3. Produce a structured gap entry for each discrepancy: + +``` +GAP-{NNN}: {type} | {file} | {section} | {description} | {source} +``` + +Where `type` is: `incorrect` (priority 1), `outdated` (priority 2), `missing` (priority 3). + +Sort gaps by priority. Limit to **top 5 gaps** per run to keep changes reviewable. + +If no gaps found: report "No actionable gaps identified. Reference files are current." and skip to Phase 9. + +If `--dry-run`: report the gap list and **stop** (skip Phases 5-8). + +--- + +## Phase 5: Issue Creation + +For each gap (up to 5): + +1. Check for existing open issue with matching title: +```bash +EXISTING=$(gh search issues "[aw-daily]" --repo zircote/github-agentic-workflows --state open --json title -q ".[].title" | grep -c "GAP-{NNN}") +``` +2. If no existing issue, create one: +```bash +gh issue create \ + --repo zircote/github-agentic-workflows \ + --title "[aw-daily] GAP-{NNN}: {short description}" \ + --body "## Gap Details + +**Type:** {incorrect|outdated|missing} +**File:** \`{path}\` +**Section:** {section heading} + +## Current Content +{excerpt of current content} + +## Expected Content +{what should change based on research} + +## Source +{URL or GitHub activity reference} + +## Intelligence Report +{link to today's Discussion} + +--- +_Automated by /aw-daily on {TODAY}_" \ + --label "automated,reference-update" +``` + +Store issue numbers for PR linking. + +If `--skip-implementation`: report issue list and **stop** (skip Phases 6-8). + +**Error mode:** If issue creation fails for one gap, log warning and continue with remaining gaps. + +--- + +## Phase 6: Implementation + +1. Switch to develop and create feature branch: +```bash +git checkout develop +git pull origin develop +git checkout -b daily-intelligence-{TODAY} +``` + +2. For each gap, ordered by priority: + - Read the target file + - Locate the section using header text as anchor (NOT line numbers) + - Apply the edit: + - **Version updates**: Find exact old string, replace with new + - **New sections**: Insert after the appropriate parent section + - **Deprecation notices**: Insert after the feature heading + - **New table rows**: Append to the table body + - **Corrections**: Replace incorrect content + - If an edit fails, revert that file: `git checkout -- {file}` and continue + +3. Check if `.claude/` mirror exists for any edited file. If so, apply the same change there. + +4. Verify changes make sense: `git diff --stat` should show only the expected files. + +5. Stage and commit: +```bash +git add skills/ .claude/skills/ +git commit -m "docs(references): daily intelligence update {TODAY} + +{bullet per gap addressed} + +Closes {#issue1}, {#issue2}, ... + +Automated by /aw-daily" +``` + +6. Push: +```bash +git push -u origin daily-intelligence-{TODAY} +``` + +If `--dry-run`: show the diff but do not commit or push. + +**Error mode:** If commit fails, leave branch for manual inspection. Switch back to `ORIGINAL_BRANCH`. + +--- + +## Phase 7: PR Creation + +```bash +gh pr create \ + --draft \ + --repo zircote/github-agentic-workflows \ + --base develop \ + --head daily-intelligence-{TODAY} \ + --title "docs(references): daily intelligence update {TODAY}" \ + --body "## Summary + +Automated reference file updates from daily intelligence sweep. + +## Gaps Addressed + +{list with issue links using 'Closes #NNN' syntax} + +## Intelligence Report + +{DISCUSSION_URL} + +## Changes + +{git diff --stat output} + +--- +_Automated by /aw-daily_" +``` + +Store the PR URL and number. + +When running as a gh-aw workflow, `post-steps` handles marking the draft PR ready for review automatically. When running locally via `/aw-daily`, mark it ready: +```bash +gh pr ready {PR_NUMBER} +``` + +The pipeline does NOT auto-merge. Merging is a separate review decision. + +**Error mode:** If PR creation fails, report error. Leave branch for manual inspection. Switch back to `ORIGINAL_BRANCH`. + +--- + +## Phase 9: Final Summary + +``` ++--------------------------------------------------+ +| /aw-daily complete | ++--------------------------------------------------+ +| Date: {TODAY} | +| Searches: N web + M GitHub activity queries | +| Findings: N items across M domains | +| KB Updates: N new entries | +| Discussion: {DISCUSSION_URL} | +| Gaps Found: N (P incorrect, Q outdated, R new)| +| Issues: N created, M skipped (existing) | +| Files Changed: N | +| PR: {PR_URL} (ready for review) | ++--------------------------------------------------+ +``` + +--- + +## Error Recovery + +If any phase fails mid-execution: +1. Report the phase number, what failed, and why +2. If on a feature branch, switch back to `ORIGINAL_BRANCH` +3. Do NOT delete the feature branch on failure -- leave for inspection +4. Report what succeeded and what needs manual attention + +**Re-run guidance:** +- If Phases 1-3 succeeded but 4+ failed: re-run with `--skip-research` +- If Phases 1-5 succeeded but 6+ failed: re-run with `--skip-research` (idempotency prevents duplicate issues) +- Same-day re-runs are safe -- idempotency checks prevent all duplicate work diff --git a/skills/aw-daily/references/gap-analysis-targets.md b/.claude/skills/aw-daily/references/gap-analysis-targets.md similarity index 92% rename from skills/aw-daily/references/gap-analysis-targets.md rename to .claude/skills/aw-daily/references/gap-analysis-targets.md index 350222e..5790aa1 100644 --- a/skills/aw-daily/references/gap-analysis-targets.md +++ b/.claude/skills/aw-daily/references/gap-analysis-targets.md @@ -15,8 +15,8 @@ Reference files subject to automated gap analysis. Maps research domains and Git | Validation | `skills/aw-author/references/validation.md` | gh-aw | New error types, resolved issues, checklist gaps | | Markdown Body | `skills/aw-author/references/markdown-body.md` | gh-aw | Expression context changes, instruction file updates | | LLMs Resources | `skills/aw-author/references/llms-resources.md` | gh-aw | URL changes, new fetchable resources | -| Architecture | `skills/gh-aw-report/references/gh-aw-architecture.md` | all | Version numbers, component additions/removals | -| Search Queries | `skills/gh-aw-report/references/search-queries.md` | all | Query effectiveness, new search terms needed | +| Architecture | `.claude/skills/gh-aw-report/references/gh-aw-architecture.md` | all | Version numbers, component additions/removals | +| Search Queries | `.claude/skills/gh-aw-report/references/search-queries.md` | all | Query effectiveness, new search terms needed | ## Gap Types diff --git a/skills/aw-daily/references/tracked-repos.md b/.claude/skills/aw-daily/references/tracked-repos.md similarity index 96% rename from skills/aw-daily/references/tracked-repos.md rename to .claude/skills/aw-daily/references/tracked-repos.md index b109878..dc209bf 100644 --- a/skills/aw-daily/references/tracked-repos.md +++ b/.claude/skills/aw-daily/references/tracked-repos.md @@ -17,7 +17,7 @@ GitHub repositories queried for activity since the last intelligence report. Act ### Determine last report date ```bash -LAST_DATE=$(grep -oP '^\#\#\# \K\d{4}-\d{2}-\d{2}' skills/gh-aw-report/knowledge-base.md | tail -1) +LAST_DATE=$(grep -oP '^\#\#\# \K\d{4}-\d{2}-\d{2}' .claude/skills/gh-aw-report/knowledge-base.md | tail -1) # Fallback to 7 days ago if no entries LAST_DATE=${LAST_DATE:-$(date -d '7 days ago' +%Y-%m-%d 2>/dev/null || date -v-7d +%Y-%m-%d)} ``` diff --git a/.claude/skills/gh-aw-report/SKILL.md b/.claude/skills/gh-aw-report/SKILL.md index 0f71b45..ee70d58 100644 --- a/.claude/skills/gh-aw-report/SKILL.md +++ b/.claude/skills/gh-aw-report/SKILL.md @@ -1,142 +1,129 @@ --- name: gh-aw-report -description: > - Generates a comprehensive daily intelligence report on the GitHub Agentic Workflows - (gh-aw) ecosystem. Use when asked to produce a gh-aw report, run a daily GitHub - agentic workflows briefing, check what's new in GitHub agentic workflows, GitHub - Actions AI updates, GitHub Copilot Workspace news, GitHub Models API changes, - MCP GitHub integration updates, Claude Code GitHub integration status, or - "what's trending in agentic CI/CD". Also triggers on: "gh-aw status", - "agentic workflows digest", "agentic CI report", "GitHub AI ecosystem update". +description: | + Daily intelligence reporting for the GitHub Agentic Workflows (gh-aw) ecosystem. Executes 8+ targeted web searches, synthesizes findings into a structured Markdown report, updates the persistent knowledge base, and optionally posts to GitHub Discussions. Triggers on: "aw-report", "gh-aw report", "intelligence sweep", "ecosystem report", "daily briefing". --- -# gh-aw-report: Daily GitHub Agentic Workflows Intelligence +# gh-aw Ecosystem Intelligence Report -Produce a comprehensive, dated intelligence report on the GitHub Agentic Workflows -ecosystem. This skill directs the agent to gather current information from the web, -synthesize it, and persist key findings to a knowledge base. +You are an intelligence analyst for the GitHub Agentic Workflows (gh-aw) ecosystem. Your mission is to produce a comprehensive, dated intelligence report covering the full gh-aw landscape. -## Scope +## Covered Domains -The "GitHub Agentic Workflows" (gh-aw) space covers: +1. **GitHub Agentic Workflows** — `github/gh-aw`, `gh aw` CLI +2. **GitHub Actions AI Features** — AI-powered Actions, deprecations +3. **GitHub Copilot Workspace** — browser-based agentic coding +4. **GitHub Copilot Agent Mode** — IDE and CLI agentic coding +5. **GitHub Models API** — model marketplace and API +6. **GitHub MCP Server** — `github/github-mcp-server` +7. **Claude Code × GitHub** — Claude Code integrations +8. **Agentic CI/CD Community** — patterns, tools, ecosystem -- **GitHub Agentic Workflows** — the `github/gh-aw` repository, `gh aw` CLI, compiled - Markdown workflows, safe-outputs system, Agent Workflow Firewall (AWF), MCP Gateway -- **GitHub Actions** — new runner features, action deprecations, pricing changes, - immutable actions, cache migrations, OIDC updates -- **GitHub Copilot Workspace** — agent mode, coding agent, agentic code review, IDE - integrations (VS Code, JetBrains), Autopilot mode, sub-agents -- **GitHub Copilot CLI** — GA status, plan/autopilot modes, specialized agent delegation, - model support (Claude Opus/Sonnet, GPT, Gemini), `& background` delegation -- **GitHub Models** — model catalog changes, API updates, rate limits, new model arrivals -- **GitHub MCP Server** — `github/github-mcp-server` releases, new tools, OAuth changes, - Projects toolset, insiders mode, enterprise HTTP mode -- **Claude Code on GitHub** — `CLAUDE.md` support in Copilot, Claude as gh-aw agent, - Claude Code MCP integrations, `steipete/claude-code-mcp` -- **Agentic CI/CD patterns** — "continuous AI" paradigm, community sample workflows - (`githubnext/agentics`), community adoption, blog posts, conference talks -- **Security** — AWF network egress control, prompt injection detection, safe outputs, - permission models, MCP Gateway +## Execution Flow -## Execution Steps +### Phase 1: Load Context -### Step 1 — Web Research (run ALL searches) +1. Read the knowledge base at `.claude/skills/gh-aw-report/knowledge-base.md` to understand the current state of knowledge +2. Read `.claude/skills/gh-aw-report/references/gh-aw-architecture.md` for stable architecture facts +3. Read `.claude/skills/gh-aw-report/references/search-queries.md` for the query library +4. Determine today's date with `date +%Y-%m-%d` -Execute the following searches. Do not skip any. Use today's date in queries where noted. +### Phase 2: Intelligence Sweep -1. `site:github.blog/changelog github agentic workflows` — Official changelog entries -2. `"gh-aw" OR "github agentic workflows" new features breaking changes 2026` — Broad news -3. `github/gh-aw releases issues discussions 2026` — Repo-level activity -4. `github MCP server releases changelog 2026` — MCP server updates -5. `github copilot workspace agent mode updates 2026` — Copilot workspace news -6. `github copilot CLI agentic features 2026` — Copilot CLI news -7. `"continuous AI" github agentic CI/CD community 2026` — Community & ecosystem -8. `claude code github integration CLAUDE.md AGENTS.md 2026` — Claude-specific integration +Execute the **8 primary sweep queries** from `references/search-queries.md` using WebSearch. For each query: -For each search, extract: new features, version numbers, deprecations, breaking changes, -notable issues, community sentiment, and recommended actions. +1. Run the web search +2. Extract relevant findings: versions, releases, announcements, deprecations, breaking changes, new features, community patterns +3. Discard noise (old results, unrelated matches, marketing fluff) +4. Note the source URL for each finding -### Step 2 — Read the knowledge base +If a domain yields particularly rich results, run additional deep-dive queries from the query library. -Read `${CLAUDE_PLUGIN_ROOT}/skills/gh-aw-report/knowledge-base.md` to load prior context. -Cross-reference search findings with existing entries. Flag anything that contradicts or -supersedes prior knowledge. +### Phase 3: Synthesize Report -### Step 3 — Compose the Report +Produce a structured Markdown report with these sections: -Write a dated Markdown report. Today's date determines the filename. +```markdown +# gh-aw Ecosystem Intelligence Report — YYYY-MM-DD -**Report structure** (use exactly these section headers): +## Executive Summary + -``` -# GitHub Agentic Workflows — Intelligence Report: YYYY-MM-DD +## 1. gh-aw Core + -## Executive Summary -3–5 sentences. What matters most today. Lead with the highest-signal finding. +## 2. GitHub Actions AI + + +## 3. Copilot Workspace + -## New Features & Releases -For each item: component name, version/date, what changed, impact assessment. -Subsections by product area: gh-aw CLI, GitHub Actions, Copilot Workspace, -Copilot CLI, GitHub Models, GitHub MCP Server. +## 4. Copilot Agent Mode + -## Breaking Changes & Deprecations -Explicit list. For each: what is deprecated/changed, effective date, migration path, -severity (High/Medium/Low). Empty section is fine — write "No new breaking changes -detected." rather than omitting. +## 5. GitHub Models API + -## Trending Issues & Community Discussion -Top 3–5 items from GitHub Discussions, HN, DEV Community, Twitter/X, blog posts. -Include link, sentiment summary, and why it matters. +## 6. GitHub MCP Server + -## Ecosystem Tool Updates -MCP integrations, Claude Code, third-party action runners, Agent Package Manager (APM), -`githubnext/awesome-continuous-ai`, community workflow packs. +## 7. Claude Code × GitHub + -## Notable PRs & Commits -From `github/gh-aw`, `github/github-mcp-server`, `github/copilot-cli` (if public). -Title, link if available, brief description of significance. +## 8. Agentic CI/CD Community + + +## Deprecation Watch + ## Recommended Actions -Bulleted list of concrete next steps for a team building on gh-aw today. -Examples: "Upgrade to gh aw v0.X to get signed-commit support on new branches", -"Replace plugins: field with dependencies: field (use gh aw fix --write)", etc. + ## Sources -All URLs consulted, as markdown links. + ``` -### Step 4 — Save the report +### Phase 4: Save Report -Save the complete report to: -``` -outputs/gh-aw-reports/YYYY-MM-DD.md -``` -(Replace YYYY-MM-DD with today's actual date.) +1. Write the report to `outputs/gh-aw-reports/YYYY-MM-DD.md` +2. If a report for today already exists, append a counter: `YYYY-MM-DD-2.md` -If the directory does not exist, create it with `mkdir -p`. +### Phase 5: Update Knowledge Base -### Step 5 — Update the knowledge base +Review findings for **stable, persistent facts** worth adding to the knowledge base: -Append a dated entry to `${CLAUDE_PLUGIN_ROOT}/skills/gh-aw-report/knowledge-base.md`. -Each entry should capture only persistent, stable facts — API changes, confirmed -deprecations, version pinpoints, architecture decisions — not transient news. +- Version releases (e.g., "gh-aw v0.62.0 released with X feature") +- Deprecation announcements with timelines +- Breaking changes +- Architecture changes +- New ecosystem tools or integrations +- Security advisories + +Append new entries to `.claude/skills/gh-aw-report/knowledge-base.md` using the format: -Entry format: ```markdown -## [YYYY-MM-DD] Update -- **gh-aw CLI**: Current stable version X.Y.Z. Key facts: ... -- **Deprecations active**: plugins: field → dependencies:; npm @mcp/server-github deprecated -- **Breaking changes effective**: [list any with dates] -- **Architecture notes**: [any stable facts about how the system works] +### YYYY-MM-DD — category — Title +Content ``` -### Step 6 — Post to GitHub Discussions +Do NOT add: +- Ephemeral news or rumors +- Speculation about unreleased features +- Duplicate entries (check existing entries first) + +If a finding supersedes an existing entry, mark the old entry with `[SUPERSEDED by YYYY-MM-DD]`. + +### Phase 6: Post to GitHub Discussions Post the report to the project's GitHub Discussions for historical record and indexability. Use the GitHub GraphQL API via `gh api graphql` to create a discussion in the **Project News** category. -The known category ID for `zircote/github-agentic-workflows` Project News: `DIC_kwDORSXBr84C61Lr` +The known IDs for `zircote/github-agentic-workflows`: +- **Repository ID**: Fetch with `gh api graphql -f query='{ repository(owner:"zircote", name:"github-agentic-workflows") { id } }' -q '.data.repository.id'` +- **Project News Category ID**: `DIC_kwDORSXBr84C61Lr` + +Create the discussion: ```bash REPO_ID=$(gh api graphql -f query='{ repository(owner:"zircote", name:"github-agentic-workflows") { id } }' -q '.data.repository.id') @@ -156,25 +143,49 @@ DISCUSSION_URL=$(gh api graphql -f query=' echo "Discussion posted: $DISCUSSION_URL" ``` -If `--no-post` flag was passed, skip this step. +If the `gh` CLI version supports `gh discussion create`, that works too: + +```bash +gh discussion create \ + --repo zircote/github-agentic-workflows \ + --category "Project News" \ + --title "gh-aw Intelligence Report — YYYY-MM-DD" \ + --body-file outputs/gh-aw-reports/YYYY-MM-DD.md +``` + +Report the discussion URL in the final summary. + +### Phase 7: Final Summary + +Print a summary to the user: -### Step 7 — Present to user +``` +┌──────────────────────────────────────────────┐ +│ /aw-report complete │ +├──────────────────────────────────────────────┤ +│ Date: YYYY-MM-DD │ +│ Searches: N queries executed │ +│ Findings: N items across M domains │ +│ KB Updates: N new entries │ +│ Report: outputs/gh-aw-reports/FILE.md │ +│ Discussion: URL │ +└──────────────────────────────────────────────┘ +``` -Share the link to the saved report file and the discussion URL, then give a 3-sentence -verbal summary of the most important findings. +## Report Quality Standards -## Quality Standards +- Every claim must have a source URL +- Version numbers must be exact (not "latest" or "recent") +- Deprecation timelines must include dates when available +- "No significant changes" is a valid finding — don't fabricate news +- Distinguish between official announcements and community speculation +- Flag anything that requires immediate action in the Executive Summary -- Never produce placeholder or template content — every section must reflect actual - search findings from today's run. -- If a search returns no relevant results for a section, write "No significant updates - detected in this area." — do not invent content. -- Prefer primary sources (GitHub Changelog, GitHub Blog, official docs) over secondary. -- Date all version numbers and facts — "as of YYYY-MM-DD". -- Flag anything marked as "technical preview" or "beta" with a ⚠️ symbol. +## Copilot Compatibility -## Reference Files +This skill is designed to work with both **Claude Code** and **GitHub Copilot**: -- `references/gh-aw-architecture.md` — stable facts about gh-aw system design -- `references/search-queries.md` — extended query library for edge-case coverage -- `knowledge-base.md` — persistent cross-session knowledge store +- **Claude Code**: Uses WebSearch tool for intelligence sweep, Bash for `gh` CLI and file operations +- **GitHub Copilot**: Uses `gh` CLI search capabilities, bash tools for file I/O and discussion posting +- The report format, knowledge base format, and discussion posting use standard tools available to both engines +- The `gh` CLI commands for discussion creation work identically regardless of which AI engine executes them diff --git a/.claude/skills/gh-aw-report/knowledge-base.md b/.claude/skills/gh-aw-report/knowledge-base.md index ff82c77..769a15b 100644 --- a/.claude/skills/gh-aw-report/knowledge-base.md +++ b/.claude/skills/gh-aw-report/knowledge-base.md @@ -2,7 +2,29 @@ > Persistent cross-session facts about the GitHub Agentic Workflows ecosystem. > Updated by each run of the gh-aw-report skill. Entries are dated and append-only. -> Do not remove entries — mark superseded information with ~~strikethrough~~ and a note. +> Do not remove entries — mark superseded information with `[SUPERSEDED by YYYY-MM-DD]`. + +--- + +## [2026-04-18] Intelligence Update + +### GitHub MCP Server +- **v1.0.0 released**: 2026-04-16 — first stable major release +- **`set_issue_fields` tool** (v1.0.0): Sets/updates/deletes org-level custom field values on issues; in `issues_granular` toolset; feature-flagged under `issues_granular` +- **MCP Apps** (v1.0.0): Graduated from insiders-only to feature flag `remote_mcp_ui_apps`; insiders mode remains for other experiments +- **`resolve_review_thread` tool** (v0.33.0): Resolves PR review threads; in `pull_request_granular` toolset +- **Granular toolsets** (v0.33.0): `pull_request_granular` and `issues_granular` OSS toolsets +- **`list_commits` parameters** (v0.33.0): Added `path`, `since`, `until` filter params +- **v0.33.1**: Patch over v0.33.0 (2026-04-14) + +### gh-aw Core (as of 2026-04-18) +- **MCP Gateway**: Current default version **v0.2.24** [SUPERSEDES v0.1.9 noted 2026-04-14] +- **AWF (Actions Workflow Framework)**: Current default version **v0.25.24** +- **"Redact secrets in logs" fix**: MCP gateway now runs as runner user with proper uid/gid mapping; eliminates persistent log warnings (PR #26658) +- **`create_pull_request.base_branch`**: Now honored correctly in safe-output patch generation (PR #26952) +- **Compile hardening**: `gh aw compile` now hardens MCP stdout handling (PR #26968) +- **Copilot CLI pinned**: Default Copilot CLI version is v1.0.21 (PR #26963) +- **`SideRepoOps` context**: Native context providing explicit `workflowRepo` vs `eventRepo` distinction for comment scripts (PR #26953) --- diff --git a/.claude/skills/gh-aw-report/references/gh-aw-architecture.md b/.claude/skills/gh-aw-report/references/gh-aw-architecture.md index b4abcdc..2c5ed57 100644 --- a/.claude/skills/gh-aw-report/references/gh-aw-architecture.md +++ b/.claude/skills/gh-aw-report/references/gh-aw-architecture.md @@ -1,57 +1,96 @@ # gh-aw Architecture Reference -> Last updated: 2026-04-16. This file captures stable architectural facts about the -> GitHub Agentic Workflows system to reduce web searches on known-stable information. - -## System Overview - -GitHub Agentic Workflows (gh-aw) is GitHub's framework for "Continuous AI" — AI agents -that run as GitHub Actions jobs, performing reasoning-based repository maintenance tasks -that traditional deterministic CI cannot handle. - -**Core repository**: `github/gh-aw` -**Docs site**: `github.github.com/gh-aw/` -**GitHub Next project page**: `githubnext.com/projects/agentic-workflows/` -**Technical preview launched**: February 13, 2026 - -## Workflow Authoring - -- Workflows are written in **Markdown** (not YAML), stored in `.github/workflows/*.md` -- The `gh aw compile` command compiles Markdown to GitHub Actions YAML (`.lock.yml` files) -- Workflow prompt files (`.github/aw/*.md`) are resolved directly from the gh-aw repo by - the agent — they are NOT managed by the CLI -- Two-file structure: a `.md` source and a `.lock.yml` compiled output - -## gh aw CLI - -- Version referenced: `v0.68.3` (as of 2026-04-14) -- Default AI agent: GitHub Copilot CLI -- Supported alternative agents: Claude (Anthropic), Codex (OpenAI), custom agents -- Key commands: - - `gh aw compile` — compile Markdown workflows to YAML - - `gh aw run` — execute a workflow - - `gh aw fix --write` — auto-migrate deprecated config fields - - `gh aw upgrade` — upgrade workflows to latest patterns - -## Dependencies System (Agent Package Manager / APM) - -- As of early 2026, **`plugins:` frontmatter field is DEPRECATED** -- Replacement: **`dependencies:` field** backed by Microsoft APM (Agent Package Manager) -- Migration: run `gh aw fix --write` to auto-migrate existing `plugins:` fields +Stable architectural facts about the GitHub Agentic Workflows ecosystem. Used by the `gh-aw-report` skill to contextualize intelligence findings. + +## Core Components + +### gh-aw CLI Extension +- **Repository**: `github/gh-aw` +- **Install**: `gh extension install github/gh-aw` +- **Purpose**: Compile markdown workflow definitions into GitHub Actions `.lock.yml` files +- **Key commands**: `gh aw compile`, `gh aw validate`, `gh aw upgrade`, `gh aw mcp inspect`, `gh aw mcp list` +- **AWF (Actions Workflow Framework)**: Default version **v0.25.24** (as of 2026-04-18) + +### Workflow File Structure +- **Source**: `.github/workflows/.md` — markdown with YAML frontmatter +- **Compiled**: `.github/workflows/.lock.yml` — generated Actions workflow (never edit directly) +- **Frontmatter**: trigger config, engine, tools, permissions, safe-outputs, network +- **Body**: Prose instructions for the AI agent (H1 heading, context, instructions, edge cases) + +### Engines +- `copilot` — GitHub-native (default), powered by GitHub Models +- `claude` — Anthropic Claude, strong reasoning +- `codex` — OpenAI, code-focused +- `custom` — bring your own engine via MCP or API + +### Safe-Outputs System +- All write operations go through safe-outputs using GitHub App tokens +- The AI agent itself is read-only; safe-outputs are the only write path +- Each safe-output type has configurable constraints (allowlists, max limits, title prefixes) +- Write permissions in `permissions:` block are rejected by the compiler + +### MCP Server Integration +- gh-aw supports MCP (Model Context Protocol) servers as tools +- Container-based servers use `container:` field with Docker image references +- Process-based servers use `command:` with `npx` or `uvx` +- MCP gateway logs at `agent-artifacts/mcp-logs/{server}.log` + +### Dependencies System (Agent Package Manager) + +- **`plugins:` field:** DEPRECATED as of early 2026 +- **`dependencies:` field:** Current replacement, backed by Microsoft APM (Agent Package Manager) +- **Migration:** Run `gh aw fix --write` to auto-migrate existing `plugins:` references +- APM is the package registry for gh-aw workflow plugin dependencies +- Dependencies are resolved at compile time via `gh aw compile` + +## Related GitHub Products + +### GitHub Copilot Workspace +- Browser-based agentic coding environment +- Plan → Implement → Review → PR cycle +- Uses Copilot engine for code generation +- Natively reads `CLAUDE.md`, `AGENTS.md`, `COPILOT.md`, and custom instruction files +- Workspace-scoped and global-scoped instruction files are both respected + +### GitHub Copilot Agent Mode (VS Code / CLI) +- Agentic coding in IDE with tool use +- `@workspace` agent for codebase-wide tasks +- CLI: `gh copilot` for terminal-based agentic coding + +### GitHub Copilot CLI (GA: February 25, 2026) + +- Terminal-native agentic coding environment and default agent runtime for gh-aw +- **Autopilot mode:** Fully autonomous task execution without approval prompts +- **Plan mode:** Displays step-by-step plan before execution for review +- **Background delegation:** Prefix prompt with `&` to delegate to cloud coding agent +- **Specialized sub-agents:** Explore, Task, Code Review, Plan +- **Model support:** Claude Opus 4.6, Claude Sonnet 4.6, GPT-5.3-Codex, ~~Gemini 3 Pro~~ (deprecated 2026-03-26) +- Available to all paid Copilot subscribers (Pro, Business, Enterprise) -## Security Architecture +### GitHub Models API +- Model serving platform at `https://models.github.com` +- Hosts multiple LLM providers (OpenAI, Anthropic, Meta, etc.) +- Used by gh-aw engines for inference + +### GitHub MCP Server +- **Repository**: `github/github-mcp-server` +- Provides GitHub API tools via MCP protocol +- Used by Claude Code, Copilot, and other MCP-compatible clients +- **Projects toolset:** Consolidated `projects_list`, `projects_get`, `projects_write` tools (~50% token reduction, ~23,000 tokens saved) +- **New tools:** `get_copilot_job_status`, `assign_copilot_to_issue`, `create_pull_request_with_copilot` +- **`base_ref` parameter:** On Copilot PR tools for stacked PR / feature branch workflows +- **Insiders mode:** Opt-in experimental features via `/insiders` URL or config header +- **HTTP mode:** Enterprise deployment with per-request OAuth token forwarding +- **MCP Gateway:** Centralized access management for MCP servers (**v0.2.24** as of 2026-04-18; runs as runner user with uid/gid Docker mapping since v0.2.x) -| Layer | Mechanism | -|-------|-----------| -| Default permissions | Read-only repository access | -| Write operations | "Safe Outputs" subsystem — separate permission-controlled jobs | -| Network egress | Agent Workflow Firewall (AWF) — restricts outbound connections | -| MCP access | MCP Gateway — centralized access management | -| Threat detection | Dedicated job checks for prompt injection, leaked credentials, malicious code | +## Claude Code (Anthropic) -### Safe Output Types (known) -- `remove-labels` — workflow can remove labels from issues/PRs -- Additional types are added incrementally via gh-aw releases +- Anthropic's CLI agentic coding tool, integrates with GitHub via MCP servers +- Can serve as the AI engine in gh-aw workflows (alternative to Copilot CLI) +- **Open-sourced** (2026): Agent layer at `anthropics/claude-code` +- **Remote Tasks** (launched March 20, 2026): Define a GitHub repo + prompt + cron schedule → Claude runs autonomously on Anthropic's cloud infrastructure; cron scheduling supported +- **Remote Sessions**: Start a task locally, close laptop; session continues on Anthropic infrastructure +- Directly comparable to gh-aw scheduled workflows for Claude-engine use cases — a native Anthropic alternative that does not require GitHub Actions ## Companion Projects @@ -63,51 +102,25 @@ that traditional deterministic CI cannot handle. | `githubnext/agentics` | Sample pack of community gh-aw workflows | | `githubnext/awesome-continuous-ai` | Curated list of Continuous AI tools and frameworks | -## GitHub MCP Server - -- Official repo: `github/github-mcp-server` -- Deployment modes: Docker (`ghcr.io/github/github-mcp-server`), HTTP with OAuth, local -- **Deprecated**: npm `@modelcontextprotocol/server-github` (deprecated April 2025) -- Key tools: repository management, issue/PR automation, CI/CD workflow intelligence, - code analysis, Copilot job status (`get_copilot_job_status`) -- Enterprise: HTTP mode with per-request OAuth token forwarding -- Insiders mode: opt-in experimental features via `/insiders` URL or config header -- Projects toolset: consolidated (reduces ~23,000 tokens/50% token usage) -- **v0.33.0 (2026-04-14):** Granular PRs/issues toolsets, resolve review threads tool, `list_commits` gets `path`/`since`/`until` params, configurable server name/title via translation strings, OSS HTTP logging adapter, static CLI flags as per-request filter upper bound -- **v0.33.1 (2026-04-14):** Hotfix release - -## GitHub Copilot CLI (GA: February 25, 2026) - -- Terminal-native agentic coding environment -- **Autopilot mode**: fully autonomous task execution -- **Plan mode**: shows plan before executing -- **Background delegation**: prefix with `&` to delegate to cloud coding agent -- **Specialized sub-agents**: Explore, Task, Code Review, Plan -- **Model support**: Claude Opus 4.6, Claude Sonnet 4.6, GPT-5.3-Codex, ~~Gemini 3 Pro~~ (deprecated 2026-03-26) -- Available to all paid Copilot subscribers (Pro, Business, Enterprise) - -## GitHub Copilot Workspace / Agent Mode +## Ecosystem Integrations -- Agent mode GA: VS Code (earlier) + JetBrains (March 2026) -- Copilot reads `CLAUDE.md`, `AGENTS.md`, `COPILOT.md`, and custom instruction files -- Agentic code review: gathers full project context → suggests changes → can spawn - fix PR via coding agent automatically -- Assign GitHub issue to Copilot → autonomous background work → PR opened for review -- Waitlist removed for Pro/Business/Enterprise (early 2026) +### CI/CD Patterns +- gh-aw workflows compile to standard GitHub Actions +- Can coexist with traditional `.yml` Actions workflows (with caveats around App token pushes) +- `dispatch-workflow` safe-output enables runtime workflow chaining +- `call-workflow` enables compile-time fan-out (inlined reusable workflows) -## Claude Code (Anthropic) +### Security Model +- `strict: true` (default) — restricts network, enforces ecosystem identifiers +- `strict: false` — required for custom domains and untrusted input +- `lockdown` settings for public repositories +- Network firewall with ecosystem identifiers: `defaults`, `github`, `containers`, `node`, `python` -- Anthropic's CLI agentic coding tool, integrates with GitHub via MCP servers -- Can serve as the AI engine in gh-aw workflows (alternative to Copilot CLI) -- **Open-sourced** (2026): Agent layer at `anthropics/claude-code` -- **Remote Tasks** (launched March 20, 2026): Define a GitHub repo + prompt + cron schedule → Claude runs autonomously on Anthropic's cloud infrastructure; cron scheduling supported -- **Remote Sessions**: Start a task locally, close laptop; session continues on Anthropic infrastructure -- Directly comparable to gh-aw scheduled workflows for Claude-engine use cases — a native Anthropic alternative that does not require GitHub Actions +## Cross-Repository Context -## Continuous AI Paradigm +### SideRepoOps Context (workflowRepo vs eventRepo) +gh-aw provides a native `SideRepoOps` context that distinguishes between: +- **`workflowRepo`**: The repository where the gh-aw workflow is defined +- **`eventRepo`**: The repository that triggered the event (may differ in cross-repo scenarios) -GitHub Next's framing: "Continuous AI" is the agentic evolution of CI. -- **NOT a replacement** for deterministic CI/CD -- **Augments** existing pipelines with reasoning-based automation -- Target use cases: issue triage, documentation updates, test generation, CI failure - analysis, PR review, repository health reporting, accessibility scanning +This context is used internally for comment scripts and for cross-repository safe-output operations. The distinction matters when using `target-repo` or `allowed-repos` in safe-outputs, or when writing workflows that operate across repositories. Refactored for native context in gh-aw PR #26953 (2026-04-18). diff --git a/.claude/skills/gh-aw-report/references/search-queries.md b/.claude/skills/gh-aw-report/references/search-queries.md index 4c70445..d6ee4de 100644 --- a/.claude/skills/gh-aw-report/references/search-queries.md +++ b/.claude/skills/gh-aw-report/references/search-queries.md @@ -1,62 +1,97 @@ -# Extended Search Query Library - -> Reference for the gh-aw-report skill. The SKILL.md lists 8 required queries. -> This file provides additional queries for deeper coverage of specific subtopics. - -## Core Required Queries (from SKILL.md) - -1. `site:github.blog/changelog github agentic workflows` -2. `"gh-aw" OR "github agentic workflows" new features breaking changes 2026` -3. `github/gh-aw releases issues discussions 2026` -4. `github MCP server releases changelog 2026` -5. `github copilot workspace agent mode updates 2026` -6. `github copilot CLI agentic features 2026` -7. `"continuous AI" github agentic CI/CD community 2026` -8. `claude code github integration CLAUDE.md AGENTS.md 2026` - -## Supplemental Queries by Topic Area - -### gh-aw CLI & Tooling -- `"gh aw" compile upgrade fix deprecation` -- `site:github.com/github/gh-aw issues` -- `"agent package manager" APM github workflows` -- `"safe outputs" github agentic workflows` -- `"agent workflow firewall" AWF github` -- `"MCP gateway" github agentic` - -### GitHub Actions Core -- `site:github.blog/changelog github actions deprecations` -- `github actions runner ubuntu macos windows deprecation 2026` -- `github actions OIDC token changes 2026` -- `github actions immutable actions update` -- `github actions pricing changes 2026` - -### GitHub MCP Server -- `site:github.com/github/github-mcp-server/releases` -- `github MCP server insiders mode new tools` -- `github MCP server OAuth HTTP enterprise` -- `github MCP copilot job status tools` - -### Copilot & Workspace -- `github copilot coding agent issue assignment PR 2026` -- `github copilot JetBrains agent mode general availability` -- `github copilot custom instructions AGENTS.md workspace` -- `copilot workspace agentic code review fix PR` - -### Claude Code Integration -- `"CLAUDE.md" github copilot agent instructions` -- `claude code MCP github server setup 2026` -- `"steipete/claude-code-mcp" updates` -- `anthropic claude github actions workflow` - -### Community & Ecosystem -- `site:dev.to github agentic workflows tutorial` -- `site:news.ycombinator.com github agentic workflows` -- `"githubnext/agentics" new workflows` -- `"awesome-continuous-ai" new entries` -- `github agentic workflows production case study` - -### Security -- `github agentic workflows prompt injection detection` -- `github agentic workflows permissions security model` -- `AWF network egress firewall rules agentic` +# Search Query Library + +Curated web search queries for the `gh-aw-report` skill. Organized by domain. + +## Primary Sweep (8 queries — run by default) + +### 1. gh-aw Core +``` +"github agentic workflows" OR "gh-aw" OR "gh aw" release OR update OR changelog +``` +**Targets**: gh-aw CLI releases, version bumps, breaking changes + +### 2. GitHub Actions AI Features +``` +"github actions" AI OR agentic OR copilot OR agent new feature OR update OR announcement +``` +**Targets**: GitHub Actions platform changes affecting agentic workflows + +### 3. GitHub Copilot Workspace +``` +"github copilot workspace" OR "copilot workspace" update OR release OR feature +``` +**Targets**: Copilot Workspace changes, new capabilities + +### 4. GitHub Copilot Agent Mode +``` +"github copilot" "agent mode" OR "agentic" OR "coding agent" update OR release +``` +**Targets**: Copilot agent capabilities in VS Code, CLI, IDE extensions + +### 5. GitHub Models API +``` +"github models" API OR marketplace new model OR update OR deprecation +``` +**Targets**: New models available, API changes, deprecations + +### 6. GitHub MCP Server +``` +"github-mcp-server" OR "github mcp server" release OR update OR feature +``` +**Targets**: MCP server releases, new tools, breaking changes + +### 7. Claude Code + GitHub +``` +"claude code" github OR "mcp" OR "agentic" update OR integration OR release +``` +**Targets**: Claude Code releases, GitHub integration improvements + +### 8. Agentic CI/CD Community +``` +"agentic ci" OR "agentic cd" OR "ai ci/cd" OR "llm github actions" pattern OR workflow OR best practice +``` +**Targets**: Community patterns, blog posts, new tooling in the agentic CI/CD space + +## Deep Dive Queries (run on request or for specific topics) + +### gh-aw Deprecations +``` +"gh-aw" OR "github agentic workflows" deprecated OR breaking OR migration +``` + +### MCP Protocol Updates +``` +"model context protocol" OR "mcp" specification OR update OR "mcp server" new +``` + +### GitHub App Token Changes +``` +"github app" token OR "installation token" OR "fine-grained" change OR update +``` + +### Safe-Outputs Changes +``` +"gh-aw" "safe-outputs" OR "safe outputs" new OR change OR deprecation +``` + +### Engine Updates +``` +"gh-aw" engine OR "copilot engine" OR "claude engine" OR "codex engine" update +``` + +### Security Advisories +``` +"github actions" security advisory OR vulnerability OR CVE agentic OR workflow +``` + +### Competitor Landscape +``` +"ai code review" OR "ai ci" OR "automated pr" tool OR platform launch OR release +``` + +## Query Construction Notes + +- Use `OR` for term alternatives, quotes for exact phrases +- Append `site:github.blog` or `site:github.com` to narrow to official sources +- Append date range filters when available (e.g., `after:YYYY-MM-DD`) +- For GitHub Discussions/Issues: use `gh search issues` or `gh search discussions` via CLI diff --git a/.github/workflows/daily-intelligence.md b/.github/workflows/daily-intelligence.md index 9363b71..155f7d5 100644 --- a/.github/workflows/daily-intelligence.md +++ b/.github/workflows/daily-intelligence.md @@ -53,6 +53,9 @@ safe-outputs: add-labels: allowed: [automated, reference-update, intelligence] max: 5 + assign-to-agent: + target: "*" + max: 5 post-steps: - name: Mark draft PR ready and request Copilot review with auto-merge @@ -118,11 +121,11 @@ gh pr list --repo zircote/github-agentic-workflows --base develop --search "dail If a PR already exists, report "Today's pipeline already completed" and stop. -4. Read `skills/gh-aw-report/knowledge-base.md` to determine the last report date (`LAST_DATE`). Look for the most recent `### YYYY-MM-DD` heading. +4. Read `.claude/skills/gh-aw-report/knowledge-base.md` to determine the last report date (`LAST_DATE`). Look for the most recent `### YYYY-MM-DD` heading. ### Phase 1: Intelligence Sweep -Execute 8 web searches from the query library at `skills/gh-aw-report/references/search-queries.md`. For each search: +Execute 8 web searches from the query library at `.claude/skills/gh-aw-report/references/search-queries.md`. For each search: - Extract version numbers, release dates, feature descriptions, deprecation notices, breaking changes - Note the source URL for every finding - Discard results older than 14 days or clearly unrelated @@ -147,7 +150,7 @@ If zero results across ALL searches AND ALL GitHub queries, stop with a noop — ### Phase 2: Knowledge Base Update -Review findings for stable, persistent facts. Append new entries to `skills/gh-aw-report/knowledge-base.md` using the format: +Review findings for stable, persistent facts. Append new entries to `.claude/skills/gh-aw-report/knowledge-base.md` using the format: ``` ### YYYY-MM-DD — category — Title @@ -162,7 +165,7 @@ Create a Discussion in the Project News category with today's report content. Us ### Phase 4: Gap Analysis -Read `skills/aw-daily/references/gap-analysis-targets.md` for the reference file inventory. For each reference file: +Read `.claude/skills/aw-daily/references/gap-analysis-targets.md` for the reference file inventory. For each reference file: 1. Read the file 2. Compare against today's findings (or the latest report if research was skipped) @@ -184,6 +187,8 @@ For each identified gap, check if an open issue with matching `[aw-daily]` title - Body: gap details, current content excerpt, expected change, source URL - Labels: `automated`, `reference-update` +After creating each issue, assign it to Copilot using the `assign-to-agent` safe-output so the issue is automatically picked up for implementation. + ### Phase 6: Implementation Create a feature branch from `develop`: diff --git a/CLAUDE.md b/CLAUDE.md index 030aeea..915c169 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -34,8 +34,8 @@ After editing any `.github/workflows/*.md` file, always recompile with `gh aw co | Path | Role | |------|------| | `skills/aw-author/references/` | 9 canonical reference files — the core deliverable | -| `skills/aw-daily/SKILL.md` | 9-phase autonomous pipeline | -| `skills/gh-aw-report/knowledge-base.md` | Persistent append-only KB | +| `.claude/skills/aw-daily/SKILL.md` | 9-phase autonomous pipeline | +| `.claude/skills/gh-aw-report/knowledge-base.md` | Persistent append-only KB | | `.github/workflows/daily-intelligence.md` | Primary daily gh-aw workflow | | `.github/workflows/weekly-develop-merge.md` | Weekly merge gh-aw workflow | | `.claude-plugin/plugin.json` | Plugin manifest | diff --git a/commands/aw-daily.md b/commands/aw-daily.md deleted file mode 100644 index 24a0095..0000000 --- a/commands/aw-daily.md +++ /dev/null @@ -1,43 +0,0 @@ ---- -description: Fully autonomous daily intelligence, gap analysis, implementation, and PR cycle -argument-hint: "[--dry-run] [--skip-research] [--skip-implementation] [--no-merge]" ---- - -# /aw-daily - -Fully autonomous daily pipeline: research the gh-aw ecosystem, post to Discussions, analyze gaps in reference files, implement fixes, create PR to `develop`, review, and merge. Designed for unattended execution. - -## Usage - -``` -/aw-daily → Full autonomous cycle -/aw-daily --dry-run → Research + gap analysis only, show diff, no commit -/aw-daily --skip-research → Start at gap analysis using latest report -/aw-daily --skip-implementation → Research + gap analysis + issues only, no file edits -/aw-daily --no-merge → Create PR but do not auto-merge -``` - -## Flags - -- `--dry-run` — Run research and gap analysis, show what would change, do not commit or create PR -- `--skip-research` — Skip intelligence sweep, start at gap analysis using the most recent report in `outputs/gh-aw-reports/` -- `--skip-implementation` — Run research, gap analysis, and issue creation, but do not edit files or create PR -- `--no-merge` — Create PR but do not auto-merge to `develop` - -## Workflow - -You are an autonomous operations agent performing the daily intelligence and update cycle. Execute all phases without user prompting. - -**Do not prompt the user for input at any point.** This command is designed for scheduled unattended execution. - -Load the **aw-daily** skill and execute all phases. The skill handles: - -1. Pre-flight checks and idempotency -2. Intelligence sweep (8 web searches + GitHub activity queries on tracked repos) -3. Knowledge base update -4. Discussion posting to `project-news` category -5. Gap analysis against reference files -6. Issue creation for identified gaps -7. Implementation on feature branch from `develop` -8. PR creation to `develop` -9. Review and auto-merge diff --git a/commands/aw-merge.md b/commands/aw-merge.md deleted file mode 100644 index a5a2875..0000000 --- a/commands/aw-merge.md +++ /dev/null @@ -1,99 +0,0 @@ ---- -description: Merge develop branch to main with PR, CI check, and squash merge -argument-hint: "[--dry-run] [--no-reset]" ---- - -# /aw-merge - -Weekly merge of `develop` into `main`. Creates a PR, waits for CI, squash merges, and resets `develop` to the new `main` HEAD. - -## Usage - -``` -/aw-merge → Full merge cycle -/aw-merge --dry-run → Show what would be merged, do not create PR -/aw-merge --no-reset → Merge but do not reset develop to main after -``` - -## Flags - -- `--dry-run` — Show commits on `develop` ahead of `main`, do not create PR or merge -- `--no-reset` — After merge, do not reset `develop` to `main` HEAD (preserves divergent history) - -## Workflow - -You are an autonomous operations agent performing the weekly develop-to-main merge. - -**Do not prompt the user for input at any point.** - -### Phase 1: Check divergence - -```bash -git fetch origin main develop -AHEAD=$(git rev-list --count origin/main..origin/develop) -``` - -If `AHEAD` is 0: report "develop is up to date with main. Nothing to merge." and **exit**. - -If `--dry-run`: show `git log --oneline origin/main..origin/develop` and **exit**. - -### Phase 2: Create PR - -```bash -gh pr create \ - --draft \ - --repo zircote/github-agentic-workflows \ - --base main \ - --head develop \ - --title "chore: weekly develop merge $(date +%Y-%m-%d)" \ - --body "## Summary - -Weekly merge of \`develop\` into \`main\`. - -**Commits:** $AHEAD commits since last merge. - -\`\`\` -$(git log --oneline origin/main..origin/develop) -\`\`\` - ---- -_Automated by /aw-merge_" -``` - -Mark PR ready: -```bash -gh pr ready -``` - -### Phase 3: CI and merge - -1. Wait for CI checks: poll `gh pr checks` every 15 seconds, max 5 minutes -2. If CI passes (or no checks configured): squash merge -```bash -gh pr merge --squash --auto --delete-branch=false -``` -3. If CI fails: leave PR open, report URL - -### Phase 4: Reset develop (unless `--no-reset`) - -After successful merge, reset `develop` to match `main`: -```bash -git checkout develop -git reset --hard origin/main -git push --force-with-lease origin develop -git checkout main -git pull -``` - -### Final Report - -``` -┌──────────────────────────────────────────┐ -│ /aw-merge complete │ -├──────────────────────────────────────────┤ -│ Commits merged: N │ -│ PR: URL │ -│ Merged: yes/no │ -│ develop reset: yes/no/skipped │ -└──────────────────────────────────────────┘ -``` diff --git a/commands/aw-report.md b/commands/aw-report.md deleted file mode 100644 index dbb9a06..0000000 --- a/commands/aw-report.md +++ /dev/null @@ -1,53 +0,0 @@ ---- -description: Run a full gh-aw ecosystem intelligence sweep and produce a dated report -argument-hint: "[--deep] [--no-post] [--domains domain1,domain2]" ---- - -# /aw-report - -Runs a full intelligence sweep across the GitHub Agentic Workflows ecosystem — 8+ web searches — and produces a dated Markdown report saved to `outputs/gh-aw-reports/YYYY-MM-DD.md`. Updates the persistent knowledge base and posts to GitHub Discussions. - -## Usage - -``` -/aw-report → Full sweep, all domains, post to Discussions -/aw-report --deep → Extended sweep with deep-dive queries -/aw-report --no-post → Generate report without posting to Discussions -/aw-report --domains gh-aw,mcp → Only sweep specified domains -``` - -## Flags - -- `--deep` — Run additional deep-dive queries from the extended query library beyond the 8 primary searches -- `--no-post` — Skip posting to GitHub Discussions (still saves report locally and updates knowledge base) -- `--domains` — Comma-separated list of domains to sweep. Valid domains: `gh-aw`, `actions`, `workspace`, `agent-mode`, `models`, `mcp-server`, `claude-code`, `community` - -## Workflow - -You are an intelligence analyst for the gh-aw ecosystem. Load the **gh-aw-report** skill to execute the full intelligence cycle: - -1. Load context from the knowledge base and architecture reference -2. Execute the primary sweep (8 targeted web searches) -3. If `--deep` is passed, run additional deep-dive queries -4. If `--domains` is passed, filter to only the specified domains -5. Synthesize findings into a structured report -6. Save the report to `outputs/gh-aw-reports/YYYY-MM-DD.md` -7. Update the knowledge base with stable facts -8. Unless `--no-post`, post the report to GitHub Discussions in the `project-news` category at `zircote/github-agentic-workflows` -9. Print the final summary - -## Examples - -``` -/aw-report -# → Full sweep, saves report, updates KB, posts to Discussions - -/aw-report --deep -# → Extended sweep with deep-dive queries on rich domains - -/aw-report --no-post --domains gh-aw,mcp-server -# → Only sweep gh-aw core and MCP server, skip Discussions post - -/aw-report --deep --domains claude-code -# → Deep dive on Claude Code × GitHub integrations only -``` diff --git a/commands/aw-status.md b/commands/aw-status.md deleted file mode 100644 index d50a8fe..0000000 --- a/commands/aw-status.md +++ /dev/null @@ -1,60 +0,0 @@ ---- -description: Quick briefing on current gh-aw ecosystem state from the knowledge base -argument-hint: "[--domain domain] [--since YYYY-MM-DD]" ---- - -# /aw-status - -Reads the persistent knowledge base and delivers a quick 300–400 word briefing on the current state of the gh-aw ecosystem. No web searches needed — this is a fast, offline status check. - -## Usage - -``` -/aw-status → Full briefing across all domains -/aw-status --domain gh-aw → Briefing focused on a specific domain -/aw-status --since 2026-04-01 → Only entries since the given date -``` - -## Flags - -- `--domain` — Focus the briefing on a specific domain: `gh-aw`, `actions`, `workspace`, `agent-mode`, `models`, `mcp-server`, `claude-code`, `community` -- `--since` — Only include knowledge base entries from this date forward - -## Workflow - -You are a briefing analyst. Deliver a concise status report from the knowledge base. - -1. Read the knowledge base at `skills/gh-aw-report/knowledge-base.md` -2. Read `skills/gh-aw-report/references/gh-aw-architecture.md` for architecture context -3. If `--domain` is passed, filter entries to the specified domain -4. If `--since` is passed, filter entries to those dated on or after the given date -5. Synthesize a 300–400 word briefing covering: - -### Briefing Format - -``` -## gh-aw Ecosystem Status — YYYY-MM-DD - -### Current Versions -- gh-aw CLI: vX.Y.Z -- GitHub MCP Server: vX.Y.Z -- [other tracked versions] - -### Active Deprecations -- [deprecation with timeline and migration path] - -### Recent Changes (last 7 days) -- [notable changes from knowledge base] - -### Recommended Actions -- [specific actions for workflow maintainers] -``` - -6. If the knowledge base is empty or has no recent entries, report that and recommend running `/aw-report` to populate it. - -## Notes - -- This command does NOT perform web searches — it reads only from the knowledge base -- For fresh intelligence, run `/aw-report` first -- The knowledge base is updated by each `/aw-report` run -- Entries marked `[SUPERSEDED]` are excluded from the briefing diff --git a/outputs/gh-aw-reports/2026-04-18.md b/outputs/gh-aw-reports/2026-04-18.md new file mode 100644 index 0000000..de1d71e --- /dev/null +++ b/outputs/gh-aw-reports/2026-04-18.md @@ -0,0 +1,106 @@ +# gh-aw Intelligence Report — 2026-04-18 + +**Generated**: 2026-04-18 +**Coverage**: 2026-04-14 → 2026-04-18 +**Sources**: GitHub API (github-mcp-server, gh-aw commits), repository data + +--- + +## 1. Summary + +Significant activity this week: **GitHub MCP Server reached v1.0.0** (its first stable major release) on 2026-04-16. The gh-aw core also had active development, with the default MCP Gateway bumped to **v0.2.24** and AWF to **v0.25.24**, plus a fix for the persistent "Redact secrets in logs" warning in MCP gateway logs. + +--- + +## 2. GitHub MCP Server + +### v1.0.0 (2026-04-16) — First Stable Release 🎉 +- **`set_issue_fields` tool**: New tool in the `issues_granular` toolset. Sets, updates, or deletes organization-level custom field values on issues. Feature-flagged under `issues_granular`. +- **MCP Apps Feature Flag**: MCP Apps UI support migrated from insiders-only mode to a proper feature flag (`remote_mcp_ui_apps`). Will be rolled out to more users with supported clients over time. Insiders mode remains active for other experiments. +- **Dependencies**: `modelcontextprotocol/go-sdk` upgraded to v1.5.0; `docker/login-action` to 4.0.0; `docker/setup-buildx-action` to 4.0.0. +- **Source**: https://github.com/github/github-mcp-server/releases/tag/v1.0.0 + +### v0.33.1 (2026-04-14) — Patch +- Patch release over v0.33.0. Full changelog: https://github.com/github/github-mcp-server/releases/tag/v0.33.1 + +### v0.33.0 (2026-04-14) — OSS Granular Toolsets +- **`resolve_review_thread` tool**: Resolves PR review threads (in `pull_request_granular` toolset). +- **Granular toolsets (OSS)**: `pull_request_granular` and `issues_granular` — fine-grained write operations separated from default toolsets. +- **`list_commits` parameters**: Added `path`, `since`, and `until` filter parameters. +- **Configurable server name/title** via translation strings. +- **Source**: https://github.com/github/github-mcp-server/releases/tag/v0.33.0 + +--- + +## 3. gh-aw Core + +### Version Bumps (2026-04-18) +- **AWF (Actions Workflow Framework)** bumped to **v0.25.24** +- **MCP Gateway** bumped to **v0.2.24** +- **Commit**: `Bump default AWF to v0.25.24 and MCP Gateway to v0.2.24 (#26966)` + +### "Redact secrets in logs" Fix (2026-04-18) +- **Issue**: MCP gateway was previously running as a different user than the runner, causing persistent "Redact secrets in logs" warnings in workflow logs. +- **Fix**: MCP gateway now runs as runner user with proper uid/gid mapping for Docker socket group. +- **Impact**: Eliminates noisy log warnings; does not affect functionality. +- **Commit**: `Eliminate persistent "Redact secrets in logs" warnings by running MCP gateway as runner user (#26658)` + +### `create_pull_request.base_branch` Honored (2026-04-18) +- The configured `create_pull_request.base_branch` safe-output parameter is now honored in safe-output patch generation. +- **Commit**: `Honor configured create_pull_request.base_branch in safe-output patch generation (#26952)` + +### Compile: MCP Stdout Hardening (2026-04-18) +- `gh aw compile` now hardens MCP stdout handling and has compile stdio pollution coverage tests. +- **Commit**: `Harden compile MCP stdout handling and add compile stdio pollution coverage (#26968)` + +### SideRepoOps Context (2026-04-18) +- Comment scripts refactored for native `SideRepoOps` context, providing explicit `workflowRepo` vs `eventRepo` distinction. +- **Commit**: `Refactor comment scripts for native SideRepoOps context (workflowRepo vs eventRepo) (#26953)` + +### Copilot CLI Pinned to v1.0.21 (2026-04-17) +- Default Copilot CLI version reverted/pinned to v1.0.21 and lockfiles recompiled. +- **Commit**: `Revert default Copilot CLI to v1.0.21 and recompile lockfiles (#26963)` + +--- + +## 4. GitHub Actions / Platform + +No significant GitHub Actions platform updates identified in this period beyond what's captured above. + +--- + +## 5. GitHub Copilot + +No new Copilot-specific updates beyond what's captured in the gh-aw section above. + +--- + +## 6. Ecosystem / Community + +No significant community posts or blog posts identified (web search unavailable; GitHub API only). + +--- + +## 7. Gap Analysis Summary + +Gaps identified against reference files (see Phase 4 for detail): + +| Gap ID | Priority | File | Description | +|--------|----------|------|-------------| +| GAP-1 | outdated (2) | `gh-aw-architecture.md` | MCP Gateway version v0.1.9 → v0.2.24 | +| GAP-2 | missing (3) | `gh-aw-architecture.md` | AWF version v0.25.24 not documented | +| GAP-3 | missing (3) | `production-gotchas.md` | "Redact secrets in logs" resolved gotcha not documented | +| GAP-4 | missing (3) | `tools-reference.md` | `set_issue_fields` tool (v1.0.0) not documented | +| GAP-5 | missing (3) | `gh-aw-architecture.md` | `SideRepoOps` context (workflowRepo/eventRepo) not documented | + +*Note: Gaps from yesterday's run (#32 GAP-1, #33 GAP-2, #34 GAP-3) are still open and excluded from today's new issues.* + +--- + +## 8. Recommended Actions + +1. Update `gh-aw-architecture.md` MCP Gateway version to v0.2.24 +2. Add AWF version v0.25.24 to architecture documentation +3. Document the "Redact secrets in logs" fix in `production-gotchas.md` +4. Add `set_issue_fields` to `tools-reference.md` GitHub tools section +5. Document `SideRepoOps` context in `gh-aw-architecture.md` diff --git a/skills/aw-author/references/production-gotchas.md b/skills/aw-author/references/production-gotchas.md index 1d2cc4f..abf3795 100644 --- a/skills/aw-author/references/production-gotchas.md +++ b/skills/aw-author/references/production-gotchas.md @@ -373,3 +373,25 @@ Repositories with branch protection rulesets that require **signed commits** now **Current behavior (early 2026+):** gh-aw correctly signs commits on newly created branches. No configuration change needed. **Edge case:** Custom tokens (`github-token:` in safe-outputs) using a different App identity may still require signing configuration on the target App. + +--- + +## "Redact secrets in logs" Warnings from MCP Gateway + +### Symptom + +Persistent `"Redact secrets in logs"` warnings appearing in agent workflow logs at MCP gateway startup. + +### Root Cause + +MCP gateway Docker container was running as a different user than the GitHub Actions runner, causing file permission/ownership mismatches that triggered GitHub Actions' secret redaction heuristics. + +### Resolution + +**Fixed in gh-aw MCP Gateway v0.2.x** — gateway now runs as runner user with proper uid/gid Docker socket group mapping (gh-aw PR #26658, merged 2026-04-18). + +If still seeing this warning: +1. Update gh-aw extension: `gh aw upgrade` +2. Verify MCP gateway is v0.2.24+ by checking workflow logs for the MCP gateway version line. + +This was a cosmetic/log-noise issue only — workflow functionality was not impacted. diff --git a/skills/aw-author/references/tools-reference.md b/skills/aw-author/references/tools-reference.md index 18c6f81..f402254 100644 --- a/skills/aw-author/references/tools-reference.md +++ b/skills/aw-author/references/tools-reference.md @@ -127,6 +127,9 @@ tools: | `secret_protection` | Secret scanning | | `security_advisories` | Security advisory management | | `stargazers` | Star information | +| `copilot` | Copilot job management (`get_copilot_job_status`, `assign_copilot_to_issue`, `create_pull_request_with_copilot`) — default toolset since v0.32.0 | +| `pull_request_granular` | Fine-grained PR operations (`resolve_review_thread`) — feature flag `pull_request_granular`, added v0.33.0 | +| `issues_granular` | Granular issue field operations (`set_issue_fields`) — feature flag `issues_granular`, added v0.33.0 | ### Default Toolsets @@ -170,6 +173,20 @@ tools: **Token precedence:** GitHub App → `github-token` → `GH_AW_GITHUB_MCP_SERVER_TOKEN` → `GH_AW_GITHUB_TOKEN` → `GITHUB_TOKEN` +### Notable GitHub MCP Tools (v0.32.0–v1.0.0) + +New and notable tools added in recent GitHub MCP Server releases: + +| Tool | Toolset | Version | Description | +|------|---------|---------|-------------| +| `get_copilot_job_status` | `copilot` | v0.32.0 | Get status of a Copilot coding agent job | +| `assign_copilot_to_issue` | `copilot` | v0.32.0 | Assign Copilot to work on an issue | +| `create_pull_request_with_copilot` | `copilot` | v0.32.0 | Create a PR with Copilot; supports `base_ref` for stacked PRs | +| `resolve_review_thread` | `pull_request_granular` | v0.33.0 | Resolve a PR review thread by thread ID | +| `set_issue_fields` | `issues_granular` | v1.0.0 | Set/update/delete org-level custom field values on issues | + +**`list_commits` parameter additions** (v0.33.0): Added `path` (filter by file), `since` (ISO 8601 start date), and `until` (ISO 8601 end date) parameters to filter commit history. + ### App Token Permission Inheritance (CRITICAL) When using `tools.github.app`, the GitHub MCP server requests **ALL** workflow-level permissions for the App token — not just the ones MCP tools need. If the workflow has `packages: read` (e.g., for GHCR docker login in `steps:`) but the GitHub App doesn't have Packages permission, the App token creation fails with HTTP 422. diff --git a/skills/aw-daily/SKILL.md b/skills/aw-daily/SKILL.md deleted file mode 100644 index 4844efd..0000000 --- a/skills/aw-daily/SKILL.md +++ /dev/null @@ -1,469 +0,0 @@ ---- -name: aw-daily -description: | - Fully autonomous daily pipeline for the aw-author plugin. Executes intelligence - research (web search + GitHub activity queries), posts to Discussions, performs - gap analysis against reference files, creates issues, implements changes on - develop branch, creates PR, requests review, and auto-merges. Designed for - unattended execution with zero human intervention. Triggers on: "aw-daily", - "daily pipeline", "daily cycle", "autonomous update". ---- - -# Autonomous Daily Intelligence Pipeline - -You are an autonomous operations agent. Execute all phases below in order. If any phase fails, follow the error mode specified. **Do not prompt the user for input at any point.** This pipeline is designed for fully unattended execution. - -Parse the argument string for optional flags: -- `--dry-run` -- Research + gap analysis only, show diff, do not commit or PR -- `--skip-research` -- Start at Phase 4 using the latest report in `outputs/gh-aw-reports/` -- `--skip-implementation` -- Research + gap analysis + issues only, do not edit files or PR -- `--no-merge` -- Create PR but do not auto-merge to `develop` - ---- - -## Phase 0: Pre-flight & Idempotency - -1. Determine today's date: `date +%Y-%m-%d` -> store as `TODAY` -2. Verify `gh` CLI: `gh auth status` -3. Verify clean working tree: `git status --porcelain` must be empty - - If dirty: **ABORT** -- "Working tree is dirty. Commit or stash before running /aw-daily." -4. Capture current branch: `git branch --show-current` -> store as `ORIGINAL_BRANCH` - -**Ensure `develop` branch exists:** -```bash -if ! git ls-remote --exit-code origin develop >/dev/null 2>&1; then - git checkout main - git checkout -b develop - git push -u origin develop - git checkout "$ORIGINAL_BRANCH" -fi -git fetch origin develop -``` - -**Idempotency checks:** - -5. Check if today's Discussion already exists: -```bash -EXISTING_DISCUSSION=$(gh api graphql -f query='{ repository(owner:"zircote", name:"github-agentic-workflows") { discussions(categoryId:"DIC_kwDORSXBr84C61Lr", first:5, orderBy:{field:CREATED_AT, direction:DESC}) { nodes { title url } } } }' -q ".data.repository.discussions.nodes[] | select(.title | contains(\"$TODAY\")) | .url") -``` -If found and `--skip-research` not set: set `RESEARCH_DONE=true`, store URL as `DISCUSSION_URL` - -6. Check if today's PR already exists: -```bash -EXISTING_PR=$(gh pr list --repo zircote/github-agentic-workflows --base develop --search "daily-intelligence-$TODAY" --state all --json number,url -q '.[0].url') -``` -If found: report "Today's pipeline already completed. PR: $EXISTING_PR" and **exit successfully**. - ---- - -## Phase 1: Research (Intelligence Sweep) - -Skip if `RESEARCH_DONE=true` or `--skip-research` flag. - -### 1a. Load context - -1. Read `skills/gh-aw-report/knowledge-base.md` -- note the most recent entry date as `LAST_DATE` -2. Read `skills/gh-aw-report/references/gh-aw-architecture.md` for current known state -3. Read `skills/gh-aw-report/references/search-queries.md` for query library -4. Read `skills/aw-daily/references/tracked-repos.md` for GitHub activity query patterns - -### 1b. Web searches - -Execute the 8 primary sweep queries from the search query library: -1. gh-aw core: releases, updates, breaking changes -2. GitHub Actions AI features -3. GitHub Copilot Workspace updates -4. GitHub Copilot Agent Mode / CLI updates -5. GitHub Models API changes -6. GitHub MCP Server releases -7. Claude Code x GitHub integrations -8. Agentic CI/CD community patterns - -For each query, extract: version numbers, release dates, feature descriptions, deprecation notices, breaking changes, source URLs. - -### 1c. GitHub activity queries - -Query tracked repositories for activity since `LAST_DATE`: - -```bash -# github/gh-aw -- issues, PRs, discussions -gh search issues --repo github/gh-aw --created ">=$LAST_DATE" --sort created --json title,url,labels,createdAt --limit 20 -gh search prs --repo github/gh-aw --created ">=$LAST_DATE" --sort created --json title,url,labels,state,createdAt --limit 20 - -# github/github-mcp-server -- releases -gh release list --repo github/github-mcp-server --limit 5 --json tagName,publishedAt,name - -# github/gh-aw -- discussions -gh api graphql -f query='{ repository(owner:"github", name:"gh-aw") { - discussions(first:10, orderBy:{field:CREATED_AT, direction:DESC}) { - nodes { title url createdAt category { name } } - } -}}' - -# zircote/github-agentic-workflows -- own activity -gh search issues --repo zircote/github-agentic-workflows --created ">=$LAST_DATE" --sort created --json title,url,labels,createdAt --limit 10 -``` - -Prioritize items labeled `breaking-change`, `deprecation`, `safe-output`, `engine`, `mcp`. - -### 1d. Synthesize report - -Combine web search findings and GitHub activity into the standard report structure: - -```markdown -# gh-aw Ecosystem Intelligence Report -- {TODAY} - -## Executive Summary -## 1. gh-aw Core -## 2. GitHub Actions AI -## 3. Copilot Workspace -## 4. Copilot Agent Mode -## 5. GitHub Models API -## 6. GitHub MCP Server -## 7. Claude Code x GitHub -## 8. Agentic CI/CD Community -## GitHub Activity Since {LAST_DATE} -## Deprecation Watch -## Recommended Actions -## Sources -``` - -Save to `outputs/gh-aw-reports/{TODAY}.md`. If file exists, append counter: `{TODAY}-2.md`. - -**Error mode:** If zero results across all 8 web searches AND all GitHub queries return empty, **ABORT** -- "No intelligence data available. Check network and API access." - ---- - -## Phase 2: Knowledge Base Update - -1. Review findings for stable, persistent facts (version releases, deprecations, breaking changes, architecture changes) -2. Check existing entries in `skills/gh-aw-report/knowledge-base.md` for duplicates -3. Append new entries using the format: -```markdown -### YYYY-MM-DD -- category -- Title -Content -``` -4. Mark superseded entries with `[SUPERSEDED by YYYY-MM-DD]` - -Categories: `version`, `deprecation`, `breaking-change`, `architecture`, `ecosystem`, `security`, `feature` - -**Error mode:** If write fails, log warning and continue. KB update is not blocking. - ---- - -## Phase 3: Discussion Posting - -Skip if `RESEARCH_DONE=true`. - -Post the report to GitHub Discussions: - -```bash -REPO_ID=$(gh api graphql -f query='{ repository(owner:"zircote", name:"github-agentic-workflows") { id } }' -q '.data.repository.id') - -DISCUSSION_URL=$(gh api graphql -f query=' - mutation($repoId: ID!, $catId: ID!, $title: String!, $body: String!) { - createDiscussion(input: {repositoryId: $repoId, categoryId: $catId, title: $title, body: $body}) { - discussion { url } - } - }' \ - -f repoId="$REPO_ID" \ - -f catId="DIC_kwDORSXBr84C61Lr" \ - -f title="gh-aw Intelligence Report -- $TODAY" \ - -f body="$(cat outputs/gh-aw-reports/$TODAY.md)" \ - -q '.data.createDiscussion.discussion.url') -``` - -Store `DISCUSSION_URL` for the final summary. - -**Error mode:** If GraphQL fails, log warning and continue. Discussion posting is historical, not blocking. - ---- - -## Phase 4: Gap Analysis - -Read `skills/aw-daily/references/gap-analysis-targets.md` to load the reference file inventory. - -For each reference file in the inventory: - -1. Read the file -2. Compare against today's research findings: - - **Version numbers**: Check tracked version locations against release data - - **Deprecated features**: Check if deprecated items are documented with warnings - - **New features**: Check if new safe-outputs, tools, fields, patterns are covered - - **Corrections**: Check if any findings contradict current content -3. Produce a structured gap entry for each discrepancy: - -``` -GAP-{NNN}: {type} | {file} | {section} | {description} | {source} -``` - -Where `type` is: `incorrect` (priority 1), `outdated` (priority 2), `missing` (priority 3). - -Sort gaps by priority. Limit to **top 5 gaps** per run to keep changes reviewable. - -If no gaps found: report "No actionable gaps identified. Reference files are current." and skip to Phase 9. - -If `--dry-run`: report the gap list and **stop** (skip Phases 5-8). - ---- - -## Phase 5: Issue Creation - -For each gap (up to 5): - -1. Check for existing open issue with matching title: -```bash -EXISTING=$(gh search issues "[aw-daily]" --repo zircote/github-agentic-workflows --state open --json title -q ".[].title" | grep -c "GAP-{NNN}") -``` -2. If no existing issue, create one: -```bash -gh issue create \ - --repo zircote/github-agentic-workflows \ - --title "[aw-daily] GAP-{NNN}: {short description}" \ - --body "## Gap Details - -**Type:** {incorrect|outdated|missing} -**File:** \`{path}\` -**Section:** {section heading} - -## Current Content -{excerpt of current content} - -## Expected Content -{what should change based on research} - -## Source -{URL or GitHub activity reference} - -## Intelligence Report -{link to today's Discussion} - ---- -_Automated by /aw-daily on {TODAY}_" \ - --label "automated,reference-update" -``` - -Store issue numbers for PR linking. - -If `--skip-implementation`: report issue list and **stop** (skip Phases 6-8). - -**Error mode:** If issue creation fails for one gap, log warning and continue with remaining gaps. - ---- - -## Phase 6: Implementation - -1. Switch to develop and create feature branch: -```bash -git checkout develop -git pull origin develop -git checkout -b daily-intelligence-{TODAY} -``` - -2. For each gap, ordered by priority: - - Read the target file - - Locate the section using header text as anchor (NOT line numbers) - - Apply the edit: - - **Version updates**: Find exact old string, replace with new - - **New sections**: Insert after the appropriate parent section - - **Deprecation notices**: Insert after the feature heading - - **New table rows**: Append to the table body - - **Corrections**: Replace incorrect content - - If an edit fails, revert that file: `git checkout -- {file}` and continue - -3. Check if `.claude/` mirror exists for any edited file. If so, apply the same change there. - -4. Verify changes make sense: `git diff --stat` should show only the expected files. - -5. Stage and commit: -```bash -git add skills/ .claude/skills/ -git commit -m "docs(references): daily intelligence update {TODAY} - -{bullet per gap addressed} - -Closes {#issue1}, {#issue2}, ... - -Automated by /aw-daily" -``` - -6. Push: -```bash -git push -u origin daily-intelligence-{TODAY} -``` - -If `--dry-run`: show the diff but do not commit or push. - -**Error mode:** If commit fails, leave branch for manual inspection. Switch back to `ORIGINAL_BRANCH`. - ---- - -## Phase 7: PR Creation - -```bash -gh pr create \ - --draft \ - --repo zircote/github-agentic-workflows \ - --base develop \ - --head daily-intelligence-{TODAY} \ - --title "docs(references): daily intelligence update {TODAY}" \ - --body "## Summary - -Automated reference file updates from daily intelligence sweep. - -## Gaps Addressed - -{list with issue links using 'Closes #NNN' syntax} - -## Intelligence Report - -{DISCUSSION_URL} - -## Changes - -{git diff --stat output} - ---- -_Automated by /aw-daily_" -``` - -Store the PR URL and number. - -When running as a gh-aw workflow, `post-steps` handles marking the draft PR ready for review automatically. When running locally via `/aw-daily`, mark it ready: -```bash -gh pr ready {PR_NUMBER} -``` - -Phase 8 handles review monitoring, remediation, and merge. Do NOT merge here. - -**Error mode:** If PR creation fails, report error. Leave branch for manual inspection. Switch back to `ORIGINAL_BRANCH`. - ---- - -## Phase 8: PR Review Monitoring & Remediation - -After the PR is created and marked ready, request Copilot review and monitor for feedback. This phase runs a review-fix loop until the PR is approved or the loop limit is reached. - -### Step 8.1: Request Copilot Review - -```bash -gh pr edit {PR_NUMBER} --repo zircote/github-agentic-workflows --add-reviewer "@copilot" 2>/dev/null || echo "Copilot reviewer not available" -``` - -### Step 8.2: Wait for Review - -Poll for review completion. Check every 30 seconds, up to 10 minutes: - -```bash -REVIEW_STATE=$(gh pr view {PR_NUMBER} --repo zircote/github-agentic-workflows --json reviews --jq '.reviews | map(select(.state != "COMMENTED")) | last | .state // "PENDING"') -``` - -States: `APPROVED` (proceed to 8.5), `CHANGES_REQUESTED` (proceed to 8.3), `PENDING` (keep polling). - -If no review after 10 minutes, log "Review timeout — PR left open for async review" and skip to Phase 9. - -### Step 8.3: Fetch and Triage Review Comments - -Fetch all inline code review comments: - -```bash -gh api repos/zircote/github-agentic-workflows/pulls/{PR_NUMBER}/comments --paginate -``` - -For each comment, assess: -- Is the suggestion correct? (Check against the referenced code) -- Is the fix safe? (Localized change, no cascading effects) -- Confidence score: high (>= 95%) = auto-accept, low = skip with explanation - -### Step 8.4: Apply Fixes, Reply, Push, Resolve - -For each accepted comment: -1. Read the target file -2. Apply the fix using section headers as anchors -3. If the file has a `.claude/` mirror (or vice versa), apply the same fix to both copies - -After all fixes: -```bash -git add {changed files} -git commit -m "fix: address Copilot review feedback - -- {bullet per fix} - -Resolves review comments on PR #{PR_NUMBER}" -git push origin daily-intelligence-{TODAY} -``` - -Reply to every comment: -- **Fixed**: `Fixed in {commit-sha-short}.` -- **Rejected**: `Reviewed — not applying because {reason}.` -- **Question**: `{direct answer}` - -Resolve all threads via GraphQL: -```bash -gh api graphql -f query='mutation { resolveReviewThread(input: {threadId: "{THREAD_ID}"}) { thread { isResolved } } }' -``` - -**Loop limit:** Maximum 2 review-fix cycles. If Copilot requests changes a third time, log "Review loop limit reached — PR left for manual review" and proceed to Phase 9. - -### Step 8.5: Merge the PR - -After review is complete (approved, or fixes pushed and all threads resolved), merge the PR: - -```bash -gh pr merge {PR_NUMBER} --repo zircote/github-agentic-workflows --squash --delete-branch -``` - -If direct merge fails (e.g., branch protection requires approvals), fall back to auto-merge: -```bash -gh pr merge {PR_NUMBER} --repo zircote/github-agentic-workflows --squash --auto --delete-branch || echo "Auto-merge enabled — will merge when requirements are met" -``` - -Verify the merge succeeded: -```bash -gh pr view {PR_NUMBER} --repo zircote/github-agentic-workflows --json state -q '.state' -``` - -If state is `MERGED`, the pipeline is complete. If state is still `OPEN` with auto-merge enabled, report that and proceed to Phase 9. - -If `--no-merge` flag was passed, skip this step entirely and report "PR left open per --no-merge flag." - -**Error mode:** If remediation fails for any comment, skip that comment with a reply explaining the issue. Do not block the entire phase on a single comment failure. If merge fails after 2 attempts, leave the PR open and report the error. - ---- - -## Phase 9: Final Summary - -``` -+--------------------------------------------------+ -| /aw-daily complete | -+--------------------------------------------------+ -| Date: {TODAY} | -| Searches: N web + M GitHub activity queries | -| Findings: N items across M domains | -| KB Updates: N new entries | -| Discussion: {DISCUSSION_URL} | -| Gaps Found: N (P incorrect, Q outdated, R new)| -| Issues: N created, M skipped (existing) | -| Files Changed: N | -| PR: {PR_URL} | -| Review: {APPROVED/PENDING/CHANGES_REQ} | -| Fixes Applied: N comments fixed, M rejected | -| Threads: N/M resolved | -| Merge: {MERGED/auto-merge enabled/open} | -+--------------------------------------------------+ -``` - ---- - -## Error Recovery - -If any phase fails mid-execution: -1. Report the phase number, what failed, and why -2. If on a feature branch, switch back to `ORIGINAL_BRANCH` -3. Do NOT delete the feature branch on failure -- leave for inspection -4. Report what succeeded and what needs manual attention - -**Re-run guidance:** -- If Phases 1-3 succeeded but 4+ failed: re-run with `--skip-research` -- If Phases 1-5 succeeded but 6+ failed: re-run with `--skip-research` (idempotency prevents duplicate issues) -- Same-day re-runs are safe -- idempotency checks prevent all duplicate work diff --git a/skills/gh-aw-report/SKILL.md b/skills/gh-aw-report/SKILL.md deleted file mode 100644 index 552078f..0000000 --- a/skills/gh-aw-report/SKILL.md +++ /dev/null @@ -1,191 +0,0 @@ ---- -name: gh-aw-report -description: | - Daily intelligence reporting for the GitHub Agentic Workflows (gh-aw) ecosystem. Executes 8+ targeted web searches, synthesizes findings into a structured Markdown report, updates the persistent knowledge base, and optionally posts to GitHub Discussions. Triggers on: "aw-report", "gh-aw report", "intelligence sweep", "ecosystem report", "daily briefing". ---- - -# gh-aw Ecosystem Intelligence Report - -You are an intelligence analyst for the GitHub Agentic Workflows (gh-aw) ecosystem. Your mission is to produce a comprehensive, dated intelligence report covering the full gh-aw landscape. - -## Covered Domains - -1. **GitHub Agentic Workflows** — `github/gh-aw`, `gh aw` CLI -2. **GitHub Actions AI Features** — AI-powered Actions, deprecations -3. **GitHub Copilot Workspace** — browser-based agentic coding -4. **GitHub Copilot Agent Mode** — IDE and CLI agentic coding -5. **GitHub Models API** — model marketplace and API -6. **GitHub MCP Server** — `github/github-mcp-server` -7. **Claude Code × GitHub** — Claude Code integrations -8. **Agentic CI/CD Community** — patterns, tools, ecosystem - -## Execution Flow - -### Phase 1: Load Context - -1. Read the knowledge base at `skills/gh-aw-report/knowledge-base.md` to understand the current state of knowledge -2. Read `skills/gh-aw-report/references/gh-aw-architecture.md` for stable architecture facts -3. Read `skills/gh-aw-report/references/search-queries.md` for the query library -4. Determine today's date with `date +%Y-%m-%d` - -### Phase 2: Intelligence Sweep - -Execute the **8 primary sweep queries** from `references/search-queries.md` using WebSearch. For each query: - -1. Run the web search -2. Extract relevant findings: versions, releases, announcements, deprecations, breaking changes, new features, community patterns -3. Discard noise (old results, unrelated matches, marketing fluff) -4. Note the source URL for each finding - -If a domain yields particularly rich results, run additional deep-dive queries from the query library. - -### Phase 3: Synthesize Report - -Produce a structured Markdown report with these sections: - -```markdown -# gh-aw Ecosystem Intelligence Report — YYYY-MM-DD - -## Executive Summary - - -## 1. gh-aw Core - - -## 2. GitHub Actions AI - - -## 3. Copilot Workspace - - -## 4. Copilot Agent Mode - - -## 5. GitHub Models API - - -## 6. GitHub MCP Server - - -## 7. Claude Code × GitHub - - -## 8. Agentic CI/CD Community - - -## Deprecation Watch - - -## Recommended Actions - - -## Sources - -``` - -### Phase 4: Save Report - -1. Write the report to `outputs/gh-aw-reports/YYYY-MM-DD.md` -2. If a report for today already exists, append a counter: `YYYY-MM-DD-2.md` - -### Phase 5: Update Knowledge Base - -Review findings for **stable, persistent facts** worth adding to the knowledge base: - -- Version releases (e.g., "gh-aw v0.62.0 released with X feature") -- Deprecation announcements with timelines -- Breaking changes -- Architecture changes -- New ecosystem tools or integrations -- Security advisories - -Append new entries to `skills/gh-aw-report/knowledge-base.md` using the format: - -```markdown -### YYYY-MM-DD — category — Title -Content -``` - -Do NOT add: -- Ephemeral news or rumors -- Speculation about unreleased features -- Duplicate entries (check existing entries first) - -If a finding supersedes an existing entry, mark the old entry with `[SUPERSEDED by YYYY-MM-DD]`. - -### Phase 6: Post to GitHub Discussions - -Post the report to the project's GitHub Discussions for historical record and indexability. - -Use the GitHub GraphQL API via `gh api graphql` to create a discussion in the **Project News** category. - -The known IDs for `zircote/github-agentic-workflows`: -- **Repository ID**: Fetch with `gh api graphql -f query='{ repository(owner:"zircote", name:"github-agentic-workflows") { id } }' -q '.data.repository.id'` -- **Project News Category ID**: `DIC_kwDORSXBr84C61Lr` - -Create the discussion: - -```bash -REPO_ID=$(gh api graphql -f query='{ repository(owner:"zircote", name:"github-agentic-workflows") { id } }' -q '.data.repository.id') - -DISCUSSION_URL=$(gh api graphql -f query=' - mutation($repoId: ID!, $catId: ID!, $title: String!, $body: String!) { - createDiscussion(input: {repositoryId: $repoId, categoryId: $catId, title: $title, body: $body}) { - discussion { url } - } - }' \ - -f repoId="$REPO_ID" \ - -f catId="DIC_kwDORSXBr84C61Lr" \ - -f title="gh-aw Intelligence Report — YYYY-MM-DD" \ - -f body="$(cat outputs/gh-aw-reports/YYYY-MM-DD.md)" \ - -q '.data.createDiscussion.discussion.url') - -echo "Discussion posted: $DISCUSSION_URL" -``` - -If the `gh` CLI version supports `gh discussion create`, that works too: - -```bash -gh discussion create \ - --repo zircote/github-agentic-workflows \ - --category "Project News" \ - --title "gh-aw Intelligence Report — YYYY-MM-DD" \ - --body-file outputs/gh-aw-reports/YYYY-MM-DD.md -``` - -Report the discussion URL in the final summary. - -### Phase 7: Final Summary - -Print a summary to the user: - -``` -┌──────────────────────────────────────────────┐ -│ /aw-report complete │ -├──────────────────────────────────────────────┤ -│ Date: YYYY-MM-DD │ -│ Searches: N queries executed │ -│ Findings: N items across M domains │ -│ KB Updates: N new entries │ -│ Report: outputs/gh-aw-reports/FILE.md │ -│ Discussion: URL │ -└──────────────────────────────────────────────┘ -``` - -## Report Quality Standards - -- Every claim must have a source URL -- Version numbers must be exact (not "latest" or "recent") -- Deprecation timelines must include dates when available -- "No significant changes" is a valid finding — don't fabricate news -- Distinguish between official announcements and community speculation -- Flag anything that requires immediate action in the Executive Summary - -## Copilot Compatibility - -This skill is designed to work with both **Claude Code** and **GitHub Copilot**: - -- **Claude Code**: Uses WebSearch tool for intelligence sweep, Bash for `gh` CLI and file operations -- **GitHub Copilot**: Uses `gh` CLI search capabilities, bash tools for file I/O and discussion posting -- The report format, knowledge base format, and discussion posting use standard tools available to both engines -- The `gh` CLI commands for discussion creation work identically regardless of which AI engine executes them diff --git a/skills/gh-aw-report/knowledge-base.md b/skills/gh-aw-report/knowledge-base.md deleted file mode 100644 index 587a80a..0000000 --- a/skills/gh-aw-report/knowledge-base.md +++ /dev/null @@ -1,160 +0,0 @@ -# gh-aw Knowledge Base - -> Persistent cross-session facts about the GitHub Agentic Workflows ecosystem. -> Updated by each run of the gh-aw-report skill. Entries are dated and append-only. -> Do not remove entries — mark superseded information with `[SUPERSEDED by YYYY-MM-DD]`. - ---- - -## [2026-04-14] Bootstrap Entry — Initial Research - -### gh-aw CLI -- **Technical preview launched**: February 13, 2026 -- **Core repo**: `github/gh-aw` (github.com/github/gh-aw) -- **Docs**: github.github.com/gh-aw/ -- **GitHub Next page**: githubnext.com/projects/agentic-workflows/ -- **Default agent**: GitHub Copilot CLI -- **Alternative agents**: Claude (Anthropic), Codex (OpenAI) -- **Key CLI commands**: `gh aw compile`, `gh aw run`, `gh aw fix --write`, `gh aw upgrade` -- **Issue #10193**: Intermittent Daily News workflow failures (~40% success rate, flagged Feb 2026) -- **MCP updates tracked in gh-aw**: Issue #20042 tracks GitHub MCP Server v0.31.0→v0.32.0 and MCP Gateway v0.1.8→v0.1.9 - -### Breaking Changes / Deprecations ACTIVE as of 2026-04-14 -| Item | Status | Migration | Date | -|------|--------|-----------|------| -| `plugins:` frontmatter field | **DEPRECATED** | Use `dependencies:` field; run `gh aw fix --write` | Early 2026 | -| npm `@modelcontextprotocol/server-github` | **DEPRECATED** | Use Docker or HTTP GitHub MCP Server | April 2025 | -| actions/cache v1-v2 | **REMOVED** | Use v3 or v4 | March 2025 | -| Workflow prompt files managed by CLI | **CHANGED** | Files now resolved from gh-aw repo directly | 2026 | - -### GitHub Actions (as of 2026-04-14) -- Immutable Actions in general use for hosted runners -- Self-hosted runners must allow `pkg.actions.githubusercontent.com` -- Pricing backlash/changes tracked at samexpert.com (check for current state) - -### GitHub MCP Server (as of 2026-04-14) -- **Official repo**: `github/github-mcp-server` -- **Container**: `ghcr.io/github/github-mcp-server` -- ~~npm `@modelcontextprotocol/server-github`~~ DEPRECATED April 2025 -- **Insiders mode**: opt-in via `/insiders` URL or config header for experimental features -- **HTTP mode**: enterprise deployment with per-request OAuth token support -- **Projects toolset**: consolidated — saves ~23,000 tokens (~50% reduction) -- **New tools**: `get_copilot_job_status`, `assign_copilot_to_issue`, `create_pull_request_with_copilot` -- **`base_ref` parameter**: added to Copilot PR tools for stacked PRs / feature branches -- **Changelog entry**: 2026-01-28 — New Projects tools, OAuth scope filtering - -### GitHub Copilot CLI (as of 2026-04-14) -- **GA date**: February 25, 2026 (after ~5 months of public preview from September 2025) -- **Available to**: All paid Copilot subscribers (Pro, Business, Enterprise) -- **Modes**: Plan mode (shows plan first), Autopilot mode (fully autonomous) -- **Background delegation**: prefix prompt with `&` to send to cloud coding agent -- **Sub-agents**: Explore (codebase analysis), Task (build/test), Code Review, Plan -- **Models**: Claude Opus 4.6, Claude Sonnet 4.6, GPT-5.3-Codex, ~~Gemini 3 Pro~~ [SUPERSEDED by 2026-04-15 — deprecated 2026-03-26] -- **January 2026 changelog**: Enhanced agents, context management, new install methods - -### GitHub Copilot Workspace / Agent Mode (as of 2026-04-14) -- **JetBrains GA**: March 11, 2026 (VS Code was earlier) -- **Waitlist removed**: Pro, Business, Enterprise — early 2026 -- **Agentic code review GA**: March 2026 — full context → suggestions → auto-spawn fix PR -- **Issue assignment**: Assign GitHub issue to Copilot → autonomous PR creation -- **Instruction files read**: `CLAUDE.md`, `AGENTS.md`, `COPILOT.md`, custom instruction files, workspace and global scope -- **Custom agents GA** (+ plan agent, sub-agents): GA; **agent hooks**: preview; **auto-approve MCP**: supported -- **April 2026 changelog**: Copilot in Visual Studio — March update (released 2026-04-02) - -### Claude Code / Anthropic GitHub Integration (as of 2026-04-14) -- GitHub MCP Server installation guide for Claude: `github/github-mcp-server/docs/installation-guides/install-claude.md` -- Claude Code connects to GitHub MCP Server via `claude mcp add-json github` (HTTP) or Docker -- `steipete/claude-code-mcp`: Claude Code as a one-shot MCP server ("agent in your agent") -- Copilot natively reads `CLAUDE.md` instruction files in agentic workflows -- Claude can serve as the AI agent in gh-aw workflows (alternative to Copilot CLI) - -### Community / Ecosystem (as of 2026-04-14) -- `githubnext/awesome-continuous-ai`: Curated list of Continuous AI actions and frameworks -- `githubnext/agentics`: Sample pack of gh-aw workflows (community starter kit) -- `0GiS0/github-agentic-workflows`: Community implementation with Daily Status Report bot -- HN thread on gh-aw preview: news.ycombinator.com/item?id=46934107 -- GitHub blog post: "Continuous AI in practice: What developers can automate today" -- InfoQ coverage: "GitHub Agentic Workflows Unleash AI-Driven Repository Automation" (Feb 2026) -- April 2026: GitHub integrates AI for accessibility issue management and feedback triage - -### Architecture Notes (stable) -- gh-aw is NOT a replacement for deterministic CI/CD — it augments it ("Continuous AI") -- Workflows run in isolated containers with read-only repo access by default -- AWF (Agent Workflow Firewall) restricts network egress -- Safe Outputs subsystem handles write operations in separate permission-controlled jobs -- Threat detection job runs per-workflow: prompt injection, credential leaks, malicious code - -## [2026-04-15] Daily Intelligence Update - -### 2026-04-15 -- version -- gh-aw CLI v0.68.3 -Released 2026-04-14. Model-not-supported detection, shared import `checkout`/`env` fields, TBT metric, OTEL token breakdowns, 5 push_signed_commits.cjs fixes. - -### 2026-04-15 -- version -- GitHub MCP Server v0.33.0/v0.33.1 -Released 2026-04-14. Granular PRs/issues toolsets, resolve review threads tool, `list_commits` `path`/`since`/`until` params, configurable server name. - -### 2026-04-15 -- deprecation -- Gemini 3 Pro deprecated -Deprecated 2026-03-26 across all GitHub Copilot experiences. Use Gemini 3 Ultra. - -### 2026-04-15 -- feature -- Agent HQ and model selection -Agent HQ: multi-vendor agents on GitHub. Model selection for Claude/Codex on github.com (2026-04-14). - -### 2026-04-15 -- feature -- Copilot data residency + FedRAMP -US/EU data residency (2026-04-13). FedRAMP Moderate for US gov. `copilot --remote` public preview. - -### 2026-04-15 -- ecosystem -- GitHub Actions April changes -Workflow reruns capped at 50 (2026-04-10). OIDC for Dependabot/code scanning. Code scanning→Issues linking. Async SBOM exports. - ---- - -## [2026-04-16] Daily Intelligence Update - -### 2026-04-16 -- feature -- gh-aw v0.68.3 New Frontmatter Fields -- **`pre-steps:`** — Runs custom steps at job start, **before checkout**. Use for token minting or pre-checkout setup. Outputs accessible via `${{ steps..outputs. }}` for use in `checkout.github-token` to avoid masked-value cross-job boundary issues. Same security restrictions as `steps:`. -- **`run-install-scripts:`** — Boolean (default: `false`). Allows npm pre/post install scripts. Default adds `--ignore-scripts` to all npm install commands (supply chain protection). Setting `true` disables globally; per-runtime scope via `runtimes.node.run-install-scripts`. Compile-time warning (strict mode: error). -- **`on.stale-check:`** — Boolean nested under `on:`, default `true`. When `false`, disables the frontmatter hash check in the activation job. Required for cross-repo org ruleset deployments. -- Source: PR #26607 in github/gh-aw ("Sync github-agentic-workflows.md with v0.68.3") - -### 2026-04-16 -- security -- gh-aw Security Fixes -- **Steganographic injection**: PR #26596 strips markdown link title text to close injection channel -- **XPIA @mentions**: PR #26589 sanitizes @mentions in `create_issue` body -- **cache-memory sanitization**: PR #26587 adds pre-agent working-tree sanitization (neutralizes planted executables/disallowed files) -- **Lock file integrity schema v4**: PR #26594 extends integrity check to detect post-compilation YAML tampering - -### 2026-04-16 -- version -- GitHub MCP Server v0.33.0/v0.33.1 -- **v0.33.0** (2026-04-14): Granular PRs/issues toolsets, `resolve_review_thread` tool, `list_commits` path/since/until params, configurable server name/title via translation strings, OSS HTTP logging adapter -- **v0.33.1** (2026-04-14): Hotfix release - -### 2026-04-16 -- feature -- Claude Code Remote Tasks -- **Remote Tasks** (launched March 20, 2026): Define GitHub repo + prompt + schedule → Claude runs autonomously on Anthropic cloud infrastructure. Supports cron scheduling. -- **Remote Sessions**: Start task, close laptop, session continues on Anthropic infrastructure -- **Open-sourced**: Agent layer at `anthropics/claude-code` -- **v2.1.76** (March 14, 2026): Enhanced MCP elicitation support, improved tool discovery - -### 2026-04-16 -- feature -- Copilot Cloud Agent Per-Org Control -- **Copilot cloud agent per-org control** (April 15, 2026): Can now be enabled for selected organizations via AI Controls page → "Agent" → "Copilot Cloud Agent" -- **REST API version 2026-03-10**: Available with breaking changes to the REST API - ---- - -## [2026-04-17] Daily Intelligence Update - -### 2026-04-17 -- version -- GitHub Copilot CLI v1.0.31 -Latest (2026-04-16). Eight releases since April 13. Key: v1.0.29 adds Claude Opus 4.7 support, remote MCP server `type` field optional (defaults to `http`), `COPILOT_AGENT_SESSION_ID` env var. v1.0.25 adds MCP server install from registry, `/env` command showing loaded environment. v1.0.23 adds `--mode`/`--autopilot`/`--plan` flags. - -### 2026-04-17 -- version -- Claude Code v2.1.112 -Latest (2026-04-16). v2.1.111: Claude Opus 4.7 `xhigh` effort level, interactive `/effort` slider, Auto mode for Max subscribers. v2.1.108: `ENABLE_PROMPT_CACHING_1H` env var (1-hour cache TTL). v2.1.105: PreCompact hook (block compaction with exit code 2), background monitors via `monitors` manifest key, `EnterWorktree` `path` param. v2.1.101: OS CA cert store trust by default. - -### 2026-04-17 -- feature -- Copilot Autopilot Mode + Nested Subagents (April 8, 2026) -**Autopilot mode** (public preview): Agents approve own tool calls, auto-retry, work autonomously to completion. Available Pro/Business/Enterprise, not free. **Nested subagents**: Main agent spawns child agents via `chat.subagents.allowInvocationsFromSubagents`. Configurable thinking effort for Claude Sonnet 4.6 and GPT-5.4. MCP servers in VS Code now sync across Copilot CLI and Claude agent sessions. Weekly stable releases (v1.111–v1.115). - -### 2026-04-17 -- feature -- GitHub Actions IANA Timezone + Environment Deployment Control -**IANA timezone for cron**: Add `timezone` field alongside cron expression. **Environments without deployment**: Use `deployment: false` to access environment without creating a deployment record. **Early April**: Service container `entrypoint`/`command` overrides; Azure VNET failover for hosted runners (public preview). - -### 2026-04-17 -- security -- GitHub MCP Guard Policy GA -`tools.github` repos/min-integrity guard policy out of experimental. DIFC (Decentralized Information Flow Control) guards enforce secrecy/integrity labels per request at MCP Gateway. `gh aw logs --filtered-integrity` flag for filtering runs with DIFC integrity events. MCP remote server connections auto-retry on transient network failures. - -### 2026-04-17 -- deprecation -- gemini-pro model deprecated (reference file gap) -`gemini-pro` (Gemini 3 Pro) deprecated 2026-03-26 across Copilot CLI model selector. `frontmatter-schema.md` models table still lists it without deprecation notice — gap confirmed, fix in today's PR. - ---- - diff --git a/skills/gh-aw-report/references/gh-aw-architecture.md b/skills/gh-aw-report/references/gh-aw-architecture.md deleted file mode 100644 index a090aa4..0000000 --- a/skills/gh-aw-report/references/gh-aw-architecture.md +++ /dev/null @@ -1,107 +0,0 @@ -# gh-aw Architecture Reference - -Stable architectural facts about the GitHub Agentic Workflows ecosystem. Used by the `gh-aw-report` skill to contextualize intelligence findings. - -## Core Components - -### gh-aw CLI Extension -- **Repository**: `github/gh-aw` -- **Install**: `gh extension install github/gh-aw` -- **Purpose**: Compile markdown workflow definitions into GitHub Actions `.lock.yml` files -- **Key commands**: `gh aw compile`, `gh aw validate`, `gh aw upgrade`, `gh aw mcp inspect`, `gh aw mcp list` - -### Workflow File Structure -- **Source**: `.github/workflows/.md` — markdown with YAML frontmatter -- **Compiled**: `.github/workflows/.lock.yml` — generated Actions workflow (never edit directly) -- **Frontmatter**: trigger config, engine, tools, permissions, safe-outputs, network -- **Body**: Prose instructions for the AI agent (H1 heading, context, instructions, edge cases) - -### Engines -- `copilot` — GitHub-native (default), powered by GitHub Models -- `claude` — Anthropic Claude, strong reasoning -- `codex` — OpenAI, code-focused -- `custom` — bring your own engine via MCP or API - -### Safe-Outputs System -- All write operations go through safe-outputs using GitHub App tokens -- The AI agent itself is read-only; safe-outputs are the only write path -- Each safe-output type has configurable constraints (allowlists, max limits, title prefixes) -- Write permissions in `permissions:` block are rejected by the compiler - -### MCP Server Integration -- gh-aw supports MCP (Model Context Protocol) servers as tools -- Container-based servers use `container:` field with Docker image references -- Process-based servers use `command:` with `npx` or `uvx` -- MCP gateway logs at `agent-artifacts/mcp-logs/{server}.log` - -### Dependencies System (Agent Package Manager) - -- **`plugins:` field:** DEPRECATED as of early 2026 -- **`dependencies:` field:** Current replacement, backed by Microsoft APM (Agent Package Manager) -- **Migration:** Run `gh aw fix --write` to auto-migrate existing `plugins:` references -- APM is the package registry for gh-aw workflow plugin dependencies -- Dependencies are resolved at compile time via `gh aw compile` - -## Related GitHub Products - -### GitHub Copilot Workspace -- Browser-based agentic coding environment -- Plan → Implement → Review → PR cycle -- Uses Copilot engine for code generation -- Natively reads `CLAUDE.md`, `AGENTS.md`, `COPILOT.md`, and custom instruction files -- Workspace-scoped and global-scoped instruction files are both respected - -### GitHub Copilot Agent Mode (VS Code / CLI) -- Agentic coding in IDE with tool use -- `@workspace` agent for codebase-wide tasks -- CLI: `gh copilot` for terminal-based agentic coding - -### GitHub Copilot CLI (GA: February 25, 2026) - -- Terminal-native agentic coding environment and default agent runtime for gh-aw -- **Autopilot mode:** Fully autonomous task execution without approval prompts -- **Plan mode:** Displays step-by-step plan before execution for review -- **Background delegation:** Prefix prompt with `&` to delegate to cloud coding agent -- **Specialized sub-agents:** Explore, Task, Code Review, Plan -- **Model support:** Claude Opus 4.6, Claude Sonnet 4.6, GPT-5.3-Codex, ~~Gemini 3 Pro~~ (deprecated 2026-03-26) -- Available to all paid Copilot subscribers (Pro, Business, Enterprise) - -### GitHub Models API -- Model serving platform at `https://models.github.com` -- Hosts multiple LLM providers (OpenAI, Anthropic, Meta, etc.) -- Used by gh-aw engines for inference - -### GitHub MCP Server -- **Repository**: `github/github-mcp-server` -- Provides GitHub API tools via MCP protocol -- Used by Claude Code, Copilot, and other MCP-compatible clients -- **Projects toolset:** Consolidated `projects_list`, `projects_get`, `projects_write` tools (~50% token reduction, ~23,000 tokens saved) -- **New tools:** `get_copilot_job_status`, `assign_copilot_to_issue`, `create_pull_request_with_copilot` -- **`base_ref` parameter:** On Copilot PR tools for stacked PR / feature branch workflows -- **Insiders mode:** Opt-in experimental features via `/insiders` URL or config header -- **HTTP mode:** Enterprise deployment with per-request OAuth token forwarding -- **v0.33.0 (2026-04-14):** Granular PRs/issues toolsets, resolve review threads tool, `list_commits` gets `path`/`since`/`until` params, configurable server name/title via translation strings, OSS HTTP logging adapter, static CLI flags as per-request filter upper bound -- **v0.33.1 (2026-04-14):** Hotfix release -- **MCP Gateway:** Centralized access management for MCP servers (v0.1.9 as of 2026-04-14) - -### Claude Code -- Anthropic's CLI agentic coding tool, integrates with GitHub via MCP servers -- Can serve as the AI engine in gh-aw workflows (alternative to Copilot CLI) -- **Open-sourced** (2026): Agent layer at `anthropics/claude-code` -- **Remote Tasks** (launched March 20, 2026): Define a GitHub repo + prompt + cron schedule → Claude runs autonomously on Anthropic's cloud infrastructure; cron scheduling supported -- **Remote Sessions**: Start a task locally, close laptop; session continues on Anthropic infrastructure -- Directly comparable to gh-aw scheduled workflows for Claude-engine use cases — a native Anthropic alternative that does not require GitHub Actions - -## Ecosystem Integrations - -### CI/CD Patterns -- gh-aw workflows compile to standard GitHub Actions -- Can coexist with traditional `.yml` Actions workflows (with caveats around App token pushes) -- `dispatch-workflow` safe-output enables runtime workflow chaining -- `call-workflow` enables compile-time fan-out (inlined reusable workflows) - -### Security Model -- `strict: true` (default) — restricts network, enforces ecosystem identifiers -- `strict: false` — required for custom domains and untrusted input -- `lockdown` settings for public repositories -- Network firewall with ecosystem identifiers: `defaults`, `github`, `containers`, `node`, `python` diff --git a/skills/gh-aw-report/references/search-queries.md b/skills/gh-aw-report/references/search-queries.md deleted file mode 100644 index d6ee4de..0000000 --- a/skills/gh-aw-report/references/search-queries.md +++ /dev/null @@ -1,97 +0,0 @@ -# Search Query Library - -Curated web search queries for the `gh-aw-report` skill. Organized by domain. - -## Primary Sweep (8 queries — run by default) - -### 1. gh-aw Core -``` -"github agentic workflows" OR "gh-aw" OR "gh aw" release OR update OR changelog -``` -**Targets**: gh-aw CLI releases, version bumps, breaking changes - -### 2. GitHub Actions AI Features -``` -"github actions" AI OR agentic OR copilot OR agent new feature OR update OR announcement -``` -**Targets**: GitHub Actions platform changes affecting agentic workflows - -### 3. GitHub Copilot Workspace -``` -"github copilot workspace" OR "copilot workspace" update OR release OR feature -``` -**Targets**: Copilot Workspace changes, new capabilities - -### 4. GitHub Copilot Agent Mode -``` -"github copilot" "agent mode" OR "agentic" OR "coding agent" update OR release -``` -**Targets**: Copilot agent capabilities in VS Code, CLI, IDE extensions - -### 5. GitHub Models API -``` -"github models" API OR marketplace new model OR update OR deprecation -``` -**Targets**: New models available, API changes, deprecations - -### 6. GitHub MCP Server -``` -"github-mcp-server" OR "github mcp server" release OR update OR feature -``` -**Targets**: MCP server releases, new tools, breaking changes - -### 7. Claude Code + GitHub -``` -"claude code" github OR "mcp" OR "agentic" update OR integration OR release -``` -**Targets**: Claude Code releases, GitHub integration improvements - -### 8. Agentic CI/CD Community -``` -"agentic ci" OR "agentic cd" OR "ai ci/cd" OR "llm github actions" pattern OR workflow OR best practice -``` -**Targets**: Community patterns, blog posts, new tooling in the agentic CI/CD space - -## Deep Dive Queries (run on request or for specific topics) - -### gh-aw Deprecations -``` -"gh-aw" OR "github agentic workflows" deprecated OR breaking OR migration -``` - -### MCP Protocol Updates -``` -"model context protocol" OR "mcp" specification OR update OR "mcp server" new -``` - -### GitHub App Token Changes -``` -"github app" token OR "installation token" OR "fine-grained" change OR update -``` - -### Safe-Outputs Changes -``` -"gh-aw" "safe-outputs" OR "safe outputs" new OR change OR deprecation -``` - -### Engine Updates -``` -"gh-aw" engine OR "copilot engine" OR "claude engine" OR "codex engine" update -``` - -### Security Advisories -``` -"github actions" security advisory OR vulnerability OR CVE agentic OR workflow -``` - -### Competitor Landscape -``` -"ai code review" OR "ai ci" OR "automated pr" tool OR platform launch OR release -``` - -## Query Construction Notes - -- Use `OR` for term alternatives, quotes for exact phrases -- Append `site:github.blog` or `site:github.com` to narrow to official sources -- Append date range filters when available (e.g., `after:YYYY-MM-DD`) -- For GitHub Discussions/Issues: use `gh search issues` or `gh search discussions` via CLI