[docs] Update documentation for features from 2026-02-25#18254
Merged
Conversation
…cedence - Add `validate` command section to setup/cli.md (Building section, after compile). The command was added in #18191 but was missing from the main CLI reference page; only the compilation-process.md reference table had been updated. - Add NOTE callout to reference/threat-detection.md clarifying that an explicit `threat-detection: false` in a workflow takes precedence over imported fragments, documenting the behaviour fixed in #18231. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
github-actions
bot
added
automation
documentation
pelikhan
deleted the
docs/2026-02-25-validate-command-b39a885a76f438df
branch
Contributor
There was a problem hiding this comment.
Pull request overview
This PR updates the documentation to reflect two features that were merged in the last 24 hours: the new gh aw validate command (from #18191) and the clarified import precedence behavior for threat-detection: false (from #18231).
Changes:
- Added complete
validatecommand section to the CLI reference documentation - Added a NOTE callout clarifying that explicit
threat-detection: falsetakes precedence over imported fragments
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| docs/src/content/docs/setup/cli.md | Added validate command section under Building, documenting usage, options, and equivalence to compile --validate --no-emit --zizmor --actionlint --poutine |
| docs/src/content/docs/reference/threat-detection.md | Added NOTE callout explaining that explicit threat-detection: false in a workflow takes precedence over imported fragments that configure safe outputs |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
|
||
| **Options:** `--engine/-e`, `--dir/-d`, `--strict`, `--json/-j`, `--fail-fast`, `--stats`, `--no-check-update` | ||
|
|
||
| All linters (`zizmor`, `actionlint`, `poutine`), `--validate`, and `--no-emit` are always-on defaults and cannot be disabled. Accepts the same workflow ID format as `compile`. |
There was a problem hiding this comment.
The phrase "always-on defaults and cannot be disabled" is slightly contradictory - "defaults" typically implies configurability, but "cannot be disabled" states the opposite. Consider rephrasing to "are always enabled and cannot be disabled" or "are enforced and cannot be disabled" for clearer communication.
Suggested change
| All linters (`zizmor`, `actionlint`, `poutine`), `--validate`, and `--no-emit` are always-on defaults and cannot be disabled. Accepts the same workflow ID format as `compile`. | |
| All linters (`zizmor`, `actionlint`, `poutine`), `--validate`, and `--no-emit` are always enabled and cannot be disabled. Accepts the same workflow ID format as `compile`. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Documentation Updates - 2026-02-25
This PR updates the documentation based on features merged in the last 24 hours.
Features Documented
gh aw validatecommand (from feat: addgh aw validatecommand #18191)threat-detection: falseimport precedence behaviour (from fix: imported safe-output fragments no longer override explicitthreat-detection: false#18231)Changes Made
docs/src/content/docs/setup/cli.mdto add a fullvalidatecommand section under Building (aftercompile). PR feat: addgh aw validatecommand #18191 added the command and updated thecompilation-process.mdreference table, but the primary CLI commands page was missing the entry.docs/src/content/docs/reference/threat-detection.mdto add a NOTE callout clarifying that an explicitthreat-detection: falsein a workflow takes precedence over imported shared fragments — documenting the behaviour fixed in fix: imported safe-output fragments no longer override explicitthreat-detection: false#18231.Merged PRs Referenced
gh aw validatecommand #18191 — feat: addgh aw validatecommandthreat-detection: false#18231 — fix: imported safe-output fragments no longer override explicitthreat-detection: false.github/aw/prompt file references (internal help text; no external docs gap)gonetwork preset #18214 — fix(code-simplifier): allow Go module proxy domains viagonetwork preset (goecosystem identifier already documented inreference/network.md)Notes
No other merged PRs from the last 24 hours required external documentation updates. Internal fixes, test improvements, and infrastructure changes (#18253, #18234, #18224, #18216, #18215, #18208, #18206, #18205, #18197, #18194) were either non-user-facing or already accompanied by inline documentation in their respective PRs.