chore(deps): update github/gh-aw action to v0.62.0#271
Merged
mergify[bot] merged 1 commit intomainfrom Mar 19, 2026
Merged
Conversation
 |
|
Overall Grade |
Security Reliability Complexity Hygiene |
Code Review Summary
| Analyzer | Status | Updated (UTC) | Details |
|---|---|---|---|
| Python |  |
Mar 19, 2026 10:02a.m. | Review ↗ |
| Secrets | |
Mar 19, 2026 10:02a.m. | Review ↗ |
|
Contributor
Merge Queue Status
This pull request spent 13 seconds in the queue, with no time running CI. Required conditions to merge
|
Contributor
|
Thank you for your contribution @renovate[bot]! Your pull request has been merged. |
Code Review SummaryStatus: No Issues Found | Recommendation: Merge Files Reviewed (2 files)
Review NotesThis is a straightforward dependency update that upgrades the
Both DeepSource and SonarQube have already approved this PR with no issues found. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v0.61.2→v0.62.0Release Notes
github/gh-aw (github/gh-aw)
v0.62.0Compare Source
🌟 Release Highlights
This release promotes the GitHub MCP guard policy to general availability, adds inline custom safe-output scripts, and ships several quality-of-life improvements for diagnostics and documentation.
✨ What's New
Custom safe-output scripts — Define inline JavaScript handlers in
safe-outputs.scriptsthat run inside the consolidated safe-outputs job, without creating a separate GitHub Actions job. This gives you lightweight extensibility right where you need it. (#21582)GitHub MCP guard policy is now GA — The
tools.githubrepos/min-integrityguard policy is out of experimental status. The noisy "experimental feature" warning has been removed for cleaner workflow logs. (#21717)Collapsible guard policy step summary — The GitHub MCP guard policy step now uses a
<details>element for its summary, reducing visual noise in the Actions UI while keeping details accessible. (#21677)🐛 Bug Fixes & Improvements
Guard policy defaults fixed — Specifying only
min-integrityundertools.githubwithout areposfield no longer raises a hard validation error; it now correctly defaults torepos: all. (#21718)Audit diagnostics improved — The
gh aw auditcommand no longer shows the contradictory "failed with 0 error(s)" message, and correctly reportsworkflow_namefor pre-activation failures (cancelled runs, infrastructure-level failures). (#21692)Better PR permission error guidance — When PR creation fails due to missing GitHub Actions permissions, diagnostics now include a direct link to the relevant FAQ entry to speed up resolution. (#21694)
Corrected default timeout documentation — The documented default timeout was incorrectly listed as 360 minutes; it is 20 minutes. (#21673)
📚 Documentation
steps.sanitized.outputs.*is now the canonical form — All documentation has been updated to use$\{\{ steps.sanitized.outputs.text/title/body }}instead of the deprecated$\{\{ needs.activation.outputs.* }}form. The compiler still accepts the old form (with a deprecation warning) for backward compatibility. (#21682)🌍 Community Contributions
A huge thank you to the community members who reported issues that were resolved in this release:
@dsymefor correct default timeout docs from 360 to 20 minutes (#21663)For complete details, see CHANGELOG.
What's Changed
<details>element for GitHub MCP guard policy step summary by @Copilot in #21677needs.activation.outputs.*in workflow markdown; update all docs to usesteps.sanitized.outputs.*by @Copilot in #21682github.repostoallwhen omitted from guard policy by @Copilot in #21718Full Changelog: github/gh-aw@v0.61.2...v0.62.0
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.