Skip to content

ci: bump githubnext/gh-aw from 0.37.22 to 0.39.2 #14

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dependabot wants to merge 1 commit into from
Closed

ci: bump githubnext/gh-aw from 0.37.22 to 0.39.2 #14

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 2, 2026

Bumps githubnext/gh-aw from 0.37.22 to 0.39.2.

Release notes

Sourced from githubnext/gh-aw's releases.

v0.39.2

🌟 Release Highlights

Maintenance release with updated MCP gateway container for improved stability and compatibility.

🔧 Infrastructure Updates

  • MCP Gateway v0.0.90 - Updated the default MCP gateway container version from v0.0.88 to v0.0.90, bringing the latest improvements to workflows using MCP server integrations. All 148 workflow lock files have been recompiled to reference the new image.

Ahoy! This treasure was crafted by 🏴‍☠️ Release

What's Changed

Full Changelog: github/gh-aw@v0.39.1...v0.39.2

v0.39.1

🌟 Release Highlights

This maintenance release focuses on stability improvements, fixing critical issues with MCP gateway configuration, workflow validation, and Safe Outputs tool registration.

🐛 Bug Fixes & Improvements

  • Fixed Safe Outputs MCP server reliability - Resolved critical issue where dispatch_workflow tool wasn't properly registered in the HTTP server, preventing workflow dispatches from working correctly (#13179)
  • Improved workflow validation performance - Replaced CLI execution with JavaScript-based hash computation, significantly reducing validation overhead (#13168)
  • Fixed expression errors in custom engine workflows - Resolved validation errors for workflows using custom engines without the validate-secret step (#13157)
  • Enhanced MCP Gateway configuration - Added payloadDir field with absolute path validation for better payload management (#13178, #13183)
  • Corrected GitHub MCP toolsets - Removed references to non-existent tools, ensuring accurate toolset mappings (#13169)
  • Fixed project handler type detection - Resolved issue where project handlers were incorrectly flagged as standalone steps (#13161)
  • Stabilized frontmatter hash computation - Removed version numbers from hash calculation to prevent unnecessary workflow recompilations (#13174)
  • Improved build reliability - Added Go module caching and retry logic to prevent proxy 403 failures during CI builds (#13155)

📦 Dependency Updates

  • Updated Claude Code to 2.1.29 - Latest improvements and bug fixes
  • Updated MCP Gateway to v0.0.88 - Enhanced stability and performance

🔧 Code Quality

  • Standardized discussion category naming - Consistent lowercase plural forms across the codebase (#13156)

For complete details, see CHANGELOG.

Ahoy! This treasure was crafted by 🏴‍☠️ Release

... (truncated)

Commits
  • 5e17757 Update MCP gateway container to v0.0.90 (#13197)
  • ff734b3 Fix dispatch_workflow tool registration in Safe Outputs MCP HTTP server (#13179)
  • a2bc819 Add absolute path validation for MCP gateway payloadDir field (#13183)
  • de3b6ad Remove version numbers from frontmatter hash computation (#13174)
  • e1d9638 Add payloadDir field to MCP Gateway configuration (#13178)
  • 35effa8 Replace gh aw CLI execution with JavaScript hash computation in workflow vali...
  • 981d99a Remove non-existent tools from GitHub MCP toolsets mapping (#13169)
  • afc2a57 Update Claude Code to 2.1.29 and MCP Gateway to v0.0.88 (#13170)
  • 35fb90e Add Go module caching and retry logic to prevent proxy 403 failures (#13155)
  • 8ee47a5 Fix expression errors for custom engine workflows missing validate-secret ste...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
ci: bump githubnext/gh-aw from 0.37.22 to 0.39.2
fe02ade 
Bumps [githubnext/gh-aw](https://github.com/githubnext/gh-aw) from 0.37.22 to 0.39.2.
- [Release notes](https://github.com/githubnext/gh-aw/releases)
- [Changelog](https://github.com/githubnext/gh-aw/blob/main/CHANGELOG.md)
- [Commits](github/gh-aw@afac8d0...5e17757)

---
updated-dependencies:
- dependency-name: githubnext/gh-aw
  dependency-version: 0.39.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@github-actions
Copy link

github-actions bot commented Feb 2, 2026

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
actions/githubnext/gh-aw/actions/setup 5e17757d240b76c0e8b4af4510ac9f26cf6bab86 UnknownUnknown

Scanned Files

  • .github/workflows/issue-triage.lock.yml

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Feb 9, 2026

Superseded by #18.

@dependabot dependabot bot closed this Feb 9, 2026
@dependabot dependabot bot deleted the dependabot/github_actions/githubnext/gh-aw-0.39.2 branch February 9, 2026 10:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies github-actions

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants