Summary
All 5 agentic workflow lock files need recompilation from gh-aw v0.65.4 to v0.68.1 to fix two distinct failures tracked in #1261.
Root Cause Analysis
Failure 1: Git sparse-checkout error (run 23866300813)
The dependency-pr-review workflow's on.pull_request.paths includes glob patterns (**/requirements.txt, **/pyproject.toml). The old gh-aw compiler (v0.65.4) merged these patterns into the git sparse-checkout set command in the generated agent job's checkout step. Git sparse-checkout in cone mode rejects ** glob patterns:
fatal: specify directories rather than patterns.
If your directory really has any of '*?[]\' in it, pass --skip-checks
The agent job failed with exit code 128 before the Copilot engine ever started.
Failure 2: MCP servers blocked by policy (20+ runs across multiple PRs)
All subsequent runs reported "No Safe Outputs Generated." The agent log shows:
! 2 MCP servers were blocked by policy: 'github', 'safeoutputs'
The lock files were compiled with gh-aw v0.65.4 (AWF v0.25.6, MCP Gateway v0.2.14). The runtime environment upgraded to newer Copilot CLI versions that enforce stricter MCP server policies incompatible with the older gateway configuration. The agent completes its review analysis but cannot call any safe-output tools (submit_pull_request_review, add_comment, noop) because the MCP servers are blocked.
One run (24266607033) also showed an engine failure where the agent tried to use submit_pull_request_review as a direct tool call because the MCP tools were unavailable:
✗ submit_pull_request_review pull-request-number: "1314", event: "COMMENT"...
└ Tool 'submit_pull_request_review' does not exist.
✗ missing_tool tool_name: "submit_pull_request_review"...
└ Tool 'missing_tool' does not exist.
Fix
Recompile all 5 agentic workflow lock files with gh aw compile (v0.68.1):
| Component |
Before |
After |
| gh-aw compiler |
v0.65.4 |
v0.68.1 |
| AWF (firewall) |
v0.25.6 |
v0.25.18 |
| MCP Gateway |
v0.2.14 |
v0.2.17 |
| Setup action |
v0.65.6 |
v0.68.1 |
actions/github-script |
v8 |
v9 |
Files changed
.github/aw/actions-lock.json.github/workflows/dependency-pr-review.lock.yml.github/workflows/doc-update-check.lock.yml.github/workflows/issue-implement.lock.yml.github/workflows/issue-triage.lock.yml.github/workflows/pr-review.lock.yml
Security review
The new action github/gh-aw-actions/setup@2fe53acc038ba01c3bbdc767d4b25df31ca5bdfc (v0.68.1) is the official gh-aw setup action from GitHub, replacing the previous version @536ea1bad8c6715d098a9dc1afea8d403733acfe (v0.65.6). This is a routine version bump of a trusted first-party action. No new secrets are introduced.
Validation
gh aw compile --strict
# ✓ Compiled 5 workflow(s): 0 error(s), 5 warning(s)
# Warnings are all "safe update mode detected unapproved changes" for the new setup action SHA.
gh aw status
# All 5 workflows: compiled=Yes, status=active
Related
Summary
All 5 agentic workflow lock files need recompilation from gh-aw v0.65.4 to v0.68.1 to fix two distinct failures tracked in #1261.
Root Cause Analysis
Failure 1: Git sparse-checkout error (run 23866300813)
The
dependency-pr-reviewworkflow'son.pull_request.pathsincludes glob patterns (**/requirements.txt,**/pyproject.toml). The old gh-aw compiler (v0.65.4) merged these patterns into thegit sparse-checkout setcommand in the generatedagentjob's checkout step. Git sparse-checkout in cone mode rejects**glob patterns:The
agentjob failed with exit code 128 before the Copilot engine ever started.Failure 2: MCP servers blocked by policy (20+ runs across multiple PRs)
All subsequent runs reported "No Safe Outputs Generated." The agent log shows:
The lock files were compiled with gh-aw v0.65.4 (AWF v0.25.6, MCP Gateway v0.2.14). The runtime environment upgraded to newer Copilot CLI versions that enforce stricter MCP server policies incompatible with the older gateway configuration. The agent completes its review analysis but cannot call any safe-output tools (
submit_pull_request_review,add_comment,noop) because the MCP servers are blocked.One run (24266607033) also showed an engine failure where the agent tried to use
submit_pull_request_reviewas a direct tool call because the MCP tools were unavailable:Fix
Recompile all 5 agentic workflow lock files with
gh aw compile(v0.68.1):actions/github-scriptFiles changed
.github/aw/actions-lock.json.github/workflows/dependency-pr-review.lock.yml.github/workflows/doc-update-check.lock.yml.github/workflows/issue-implement.lock.yml.github/workflows/issue-triage.lock.yml.github/workflows/pr-review.lock.ymlSecurity review
The new action
github/gh-aw-actions/setup@2fe53acc038ba01c3bbdc767d4b25df31ca5bdfc(v0.68.1) is the official gh-aw setup action from GitHub, replacing the previous version@536ea1bad8c6715d098a9dc1afea8d403733acfe(v0.65.6). This is a routine version bump of a trusted first-party action. No new secrets are introduced.Validation
Related
fix/1254-recursive-npm-path-filters)