Sourced from github/gh-aw's releases.

v0.67.1

🌟 Release Highlights

This release delivers a major OpenTelemetry observability overhaul, a new report_incomplete safe output signal, Claude Code 1.0.0 compatibility, and a wave of security hardening — all driven in part by community-reported issues.

✨ What's New

🔭 OpenTelemetry Observability (Multiple PRs)

A substantial series of improvements makes distributed tracing production-ready:

• Accurate span names — job lifecycle spans now use the actual job name (e.g. gh-aw.agent.conclusion) instead of the generic gh-aw.job.conclusion, making traces immediately readable in Grafana/Honeycomb/Datadog.
• Real job duration — conclusion spans now record actual execution time (previously always reported 2–5 ms due to a missing startMs).
• OTLP payload sanitization — sensitive values (token, secret, key, auth, etc.) in span attributes are automatically redacted before sending to any OTLP collector.
• OTLP headers masking — OTEL_EXPORTER_OTLP_HEADERS is masked with ::add-mask:: in every job, preventing auth tokens from leaking in GitHub Actions debug logs.
• MCP Gateway OpenTelemetry — the MCP Gateway now receives opentelemetry config derived from observability.otlp frontmatter and the actions/setup trace IDs, correlating all MCP tool-call traces under the workflow root trace.
• New resource attributes — service.version, github.repository, github.run_id, github.event_name, github.ref, github.sha, github.actions.run_url, deployment.environment, gh-aw.staged, gh-aw.run.attempt enriching all spans.
• Observability job summary auto-enabled — the job summary step is now rendered automatically whenever OTLP is configured; the observability.job-summary opt-in field is removed (auto-detected).
• Real OTLP trace ID in the observability job summary (was incorrectly showing the workflow_call_id).
• GitHub API rate limit analytics — gh aw audit, gh aw logs, and gh aw audit diff now show GitHub API quota consumed per run, per resource.

🛡️ report_incomplete Safe Output

A new first-class signal for agents to surface infrastructure or tool failures without being misclassified as successful runs. When an agent emits report_incomplete, the safe-outputs handler activates failure handling regardless of agent exit code — preventing "tool-failure comment disguised as a success" scenarios. Can be configured with create-issue, title-prefix, and labels, just like missing_tool.

✅ checks as a First-Class MCP Tool

The checks tool is now registered in the gh-aw MCP server, returning a normalized CI verdict (success, failed, pending, no_checks, policy_blocked). Review workflows no longer need to shell out to gh aw checks.

🔐 Security Hardening

• Token/secret injection prevention — 422 instances of $\{\{ secrets.* }} interpolated directly into run: blocks have been moved to env: mappings across 181 lock files and hand-authored CI workflows, preventing shell injection if a token contains metacharacters.
• runner-guard added to static analysis — the static-analysis-report workflow now runs Vigilant-LLC's runner-guard scanner alongside zizmor, poutine, and actionlint.

🔍 Pre-Activation Visibility

When a workflow activation is denied (bot gate, role gate, stop-after, skip-if-match, etc.), the activation job now writes a $GITHUB_STEP_SUMMARY explaining the exact reason and providing remediation guidance — no more silently skipping PRs with no visible indicator.

🤖 Claude Code 1.0.0 Compatibility

The --disable-slash-commands flag has been removed from the Claude CLI args builder. Claude Code 1.0.0 dropped this flag as a breaking change; the compiler was unconditionally injecting it, causing all Claude-engine workflows to fail at startup.

🐛 Bug Fixes & Improvements

• Fix Octokit .endpoint proxy — pre_activation check scripts were failing with route.endpoint is not a function due to the rate-limit-aware github proxy stripping Octokit's .endpoint decorator; fixed with a Proxy wrapper.
• Fix OTLP span kind — job lifecycle spans now use SPAN_KIND_INTERNAL (was SPAN_KIND_SERVER), preventing false RED-metric pollution in observability backends.
• Error message quality — duplicate permission scope hints suppressed, redundant path prefix stripped from single-failure messages, and YAML parse error fallbacks now emit proper IDE-navigable positions.
• Fix daily-issues-report — switched from codex to copilot engine after OpenAI API access restrictions blocked Codex since Mar 24.
• Fix runner-guard v2 module path — corrected go install path to include /v2/ suffix for Go major version convention compliance.
• Fix docs breadcrumb config — removed unrecognized breadcrumbs: true key that was breaking Starlight config.

... (truncated)

• 5a06d31 fix: bump Copilot CLI from v1.0.20 to v1.0.21 (#25689)
• cc56642 Doc: document firewall-audit-logs artifact name for downstream consumers (#...
• 5b9e980 feat: add engine.bare frontmatter field to suppress automatic context loading...
• 17dff22 fix: set supportsNativeAgentFile=false for Codex and Gemini engines; remove a...
• a0803a5 fix(cli): address 7 CLI consistency issues across help text and flag behavior...
• e61c83d security: fix agent-stdio.log world-readable exposure and MCP gateway token l...
• 314d821 refactor: centralize close-flow logic into shared createCloseEntityHandler ...
• 7b2108a fix(smoke-gemini): trigger on "smoke" label instead of "water" (#25639)
• c144ee3 test: add regression coverage for .github/agents/ root-relative import path...
• a8dedce chore: remove dead functions — 5 functions removed (#25630)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)