Download Latest Version gh-aw-wasm-v0.58.1.tar.gz (4.5 MB)
Email in envelope

Get an email when there's a new version of GitHub Agentic Workflows

Home / v0.58.0
Name Modified Size InfoDownloads / Week
Parent folder
sbom.cdx.json < 24 hours ago 3.0 MB
0
sbom.spdx.json < 24 hours ago 5.3 MB
0
windows-amd64.exe < 24 hours ago 23.6 MB
0
windows-arm64.exe < 24 hours ago 21.6 MB
0
freebsd-arm64 < 24 hours ago 21.2 MB
0
gh-aw-wasm-v0.58.0.tar.gz < 24 hours ago 4.5 MB
0
linux-386 < 24 hours ago 22.2 MB
0
linux-amd64 < 24 hours ago 23.0 MB
0
linux-arm < 24 hours ago 22.1 MB
0
linux-arm64 < 24 hours ago 21.2 MB
0
freebsd-amd64 < 24 hours ago 22.9 MB
0
android-arm64 < 24 hours ago 23.2 MB
0
checksums.txt < 24 hours ago 1.0 kB
0
darwin-amd64 < 24 hours ago 23.4 MB
0
darwin-arm64 < 24 hours ago 21.8 MB
0
freebsd-386 < 24 hours ago 22.0 MB
0
README.md < 24 hours ago 21.1 kB
0
v0.58.0 source code.tar.gz < 24 hours ago 238.5 MB
0
v0.58.0 source code.zip < 24 hours ago 240.5 MB
0
Totals: 19 Items   759.9 MB 0

🌟 Release Highlights

v0.58.0 is a substantial release focused on cross-repo workflow reliability, custom AI endpoint support, and a wave of community-driven bug fixes. 92 PRs merged.

✨ What's New

  • Custom API Endpoints for Agentic Engines — You can now point workflows at custom OpenAI and Anthropic API targets (e.g., Azure OpenAI, proxies, private deployments) via the engine frontmatter. Both the sandbox and engine configuration support custom base_url and authentication settings. (#20730, #20631)

  • Auto-derived Safe Outputs Guard Policy — The safeoutputs guard policy is now automatically derived from the GitHub MCP guard policy, eliminating redundant configuration. Paired with a bump to MCP gateway v0.1.14. (#20467)

  • Redirect Failure Issues to a Different Repo — New safe-outputs.failure-issue-repo frontmatter field lets you route workflow failure issues to a central repository instead of the workflow's own repo. (#20429)

  • Unified Agent Artifact — Agent job artifacts are now merged into a single agent artifact, making it easier to download and inspect workflow outputs. (#20507)

  • APM Artifact Pack/Unpack Support Reimplemented — APM (Artifact Package Manager) dependency workflows now correctly pack and unpack artifacts across jobs. (#20564)

  • Compile-time Warnings for push-to-pull-request-branch — The compiler now emits warnings when push-to-pull-request-branch is configured with target: "*", helping catch potentially unintended broad-scope writes before deployment. (#20580)

  • --skip-secret Flag for add-wizard — A new --skip-secret flag bypasses the API key prompt during gh aw add, useful for CI environments and workflows that manage secrets externally. (#20598)

🐛 Bug Fixes & Improvements

  • Fixed "Exceeded max expression length 21000" — Compiled workflows with large toolsets (e.g., toolsets: [all]) combined with create-pull-request.base-branch no longer fail GitHub Actions YAML validation. (#20751)

  • Cross-repo relay activation checkout — A series of fixes resolves checkout failures in event-driven relay workflows where event_name propagation caused the wrong repo/ref to be checked out. (#20583)

  • dispatch_workflow now honors target-repo — Cross-repo relay workflows using dispatch_workflow correctly dispatch to the configured target-repo instead of always targeting context.repo. (#20708)

  • submit_pull_request_review cross-repo support — Added target-repo support to submit_pull_request_review so review submissions work correctly in cross-repo workflows. (#20678)

  • gh aw logs actionable errors — Fixed a bug where an invalid path field in gh run list caused errors to be misclassified as authentication failures. The CLI now surfaces the real cause. (#20684)

  • Codex web search disabled by default — Codex no longer uses web search unless the web-search tool is explicitly configured, preventing unintended external lookups. (#20607)

  • Fixed push-to-pull-request-branch default max: 1 — The default value was incorrectly set to 0 instead of the documented 1. (#20582)

  • Fixed git fetch auth after clean_git_credentials.shpush_to_pull_request_branch no longer fails with authentication errors after credential cleanup. (#20581, #20524)

  • Fixed PR creation fallback statuscreate-pull-request no longer incorrectly reports a PR as created when it fell back to creating a review issue instead. (#20602)

  • Improved merge conflict failure issues — When create_pull_request or push_to_pull_request_branch fail due to merge conflicts, the resulting failure issue now includes actionable context. (#20421)

  • reply_to_pull_request_review_comment registered in config — The tool was missing from config.json, preventing it from being used. (#20525)

  • Custom safe-output job types now recognized — Fixed a regression where custom safe-output job types were not recognized in the safe_outputs job. (#20682)

  • Artifact name prefix for workflow_call — Prevents artifact name collisions when multiple callers invoke the same reusable workflow concurrently. (#20685)

  • actionlint integration failures distinguished from lint findingsgh aw compile --actionlint now correctly differentiates tool failures (non-zero exit with no findings) from actual lint errors. (#20637)

📚 Documentation

  • Debug logging troubleshooting guide — Added a common-issues page section on using DEBUG=* to diagnose workflow problems. (#20725)

  • allowed-files clarified as exclusive allowlist — Documented that allowed-files is a strict allowlist, not an additive exception list. (#20606)

  • Dedicated APM Dependencies reference page — Added a reference page covering APM dependency workflows and configuration. (#20674)

🌍 Community Contributions

A huge thank you to the community members who reported issues that were resolved in this release:

For complete details, see CHANGELOG.

Generated by Release

What's Changed

Full Changelog: https://github.com/github/gh-aw/compare/v0.57.2...v0.58.0

Source: README.md, updated 2026-03-13