π Daily Status Report β 2026-03-19
π Latest Release
v0.62.0 β Released today (2026-03-19)
β
Today's Merged Commits (20 commits)
| # |
Summary |
| #21750 |
slides: add Software Engineer β Agentic Engineer content and Mermaid diagrams |
| #21747 |
Fix build-wasm: update golden files for mcpg v0.1.19 |
| #21746 |
fix: use %q to safely quote user-controlled expressions in validation error messages |
| #21737 |
chore: update gh-aw-mcpg to v0.1.19 |
| #21731 |
docs: document safe-outputs scripts and guard policy repos default |
| #21718 |
fix: default github.repos to all when omitted from guard policy |
| #21717 |
Remove experimental warning for tools.github guard policy (repos/min-integrity) |
| #21694 |
Add FAQ link to "GitHub Actions not permitted to create or approve pull requests" diagnostics |
| #21692 |
fix(audit): misleading "failed with 0 error(s)" message and wrong workflow_name for pre-activation failures |
| #21712 |
fix(smoke): remove redundant title-prefix from smoke-update-cross-repo-pr |
| #21705 |
Replace github.lockdown with github.repos/min-integrity guard policies in create prompt |
| #21682 |
Deprecate needs.activation.outputs.*; update docs to use steps.sanitized.outputs.* |
| #21691 |
fix: add docs/.npmrc to resolve astro-mermaid peer dep conflict with Astro v6 |
| #21681 |
Add DIFC_FILTERED event support to gateway log parsing |
| #21582 |
Add support for defined custom safe-output scripts |
| #21677 |
Use <details> element for GitHub MCP guard policy step summary |
| #21683 |
Sync github-agentic-workflows.md with v0.40.1 timeout docs |
| #21673 |
fix: correct default timeout docs from 360 to 20 minutes |
| #21672 |
chore: upgrade gh-aw-firewall from v0.24.2 to v0.24.3 |
| #21646 |
Fix asset URLs to work with private repos (use ?raw=true blob URL format) |
π Open Pull Requests (4)
| PR |
Title |
Author |
| #21752 |
feat: mount custom GitHub Actions as safe output tools via safe-outputs.actions |
Copilot |
| #21751 |
Add remove_label field to label_command to disable automatic label removal |
Copilot |
| #21749 |
Add GitHub Guard DIFC filtered items notice to workflow footer |
Copilot |
| #21687 |
Add env support to dependencies configuration and upgrade microsoft/apm to v0.8.2 |
Copilot |
β οΈ Issues Needing Attention
| Issue |
Description |
| #21722 |
[aw] jsweep - JavaScript Unbloater workflow failed |
| #21719 |
[aw] Smoke Claude workflow failed |
| #21710 |
[aw] Daily Issues Report Generator workflow failed |
| #21629 |
[aw] PR Triage Agent workflow failed |
| #21644 |
Pipeline reports failure when Copilot CLI hits rate limit after successful completion (reported by @Mossaka) |
| #21545 |
[deps] Pending safe patch dependency updates (2 updates) |
π Summary
| Metric |
Count |
| Commits merged today |
20 |
| Open PRs |
4 |
| Failing workflows |
4 |
| Open user-reported issues |
1 |
| Latest release |
v0.62.0 |
Key themes today:
- π Security hardening: Guard policy improvements (
github.repos, min-integrity), deprecation of needs.activation.outputs.*, safer expression quoting
- π§ Dependency bumps: mcpg v0.1.19, firewall v0.24.3
- π Documentation fixes: Corrected timeout defaults (20 min vs 360 min), custom safe-outputs scripts
- π Bug fixes: Asset URLs for private repos, audit command messaging, smoke test cleanup
Attention needed: Several automated workflows are failing (jsweep, Smoke Claude, PR Triage, Daily Issues Report). The rate limit issue (#21644) from @Mossaka may warrant investigation.
Generated by Dev Β· β·
