Skip to content

Bump github/gh-aw from 0.65.0 to 0.65.2#521

Merged
karianna merged 1 commit intomainfrom
dependabot/github_actions/github/gh-aw-0.65.2
Apr 2, 2026
Merged

Bump github/gh-aw from 0.65.0 to 0.65.2#521
karianna merged 1 commit intomainfrom
dependabot/github_actions/github/gh-aw-0.65.2

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 1, 2026

Bumps github/gh-aw from 0.65.0 to 0.65.2.

Release notes

Sourced from github/gh-aw's releases.

v0.65.2

🌟 Release Highlights

This patch release brings a new configurability option for pull request workflows, a reliable fix for external-repository checkout scenarios, and a round of CLI consistency improvements — plus three community-reported issues resolved.

✨ What's New

  • Configurable create-pull-request auto-close behavior — The create-pull-request safe-output now lets you control whether the triggering issue is automatically closed when the PR is merged. Previously this was always-on; now it can be tuned per workflow. (Requested by the community — see #23736)

🐛 Bug Fixes & Improvements

  • Restore actions/setup after external root checkout — When a workflow checks out an external repository to the workspace root (no path: specified), actions/checkout was overwriting $GITHUB_WORKSPACE and deleting the locally checked-out actions/setup directory, causing a post-step failure (Can't find 'action.yml'). The compiler now appends a Restore actions folder step (if: always()) in dev mode when this pattern is detected. (#23751)

  • CLI consistency improvements — Addressed redundant flags, unexplained jargon, and discrepancies between help text and documentation to make the CLI more approachable. (#23750)

  • MCP table output routingmcp list-tools and mcp inspect now route table output through explicit console.RenderTable() calls with unambiguous stdout routing, aligning with the established pattern in mcp list. (#23752)

  • WASM golden files updated for firewall v0.25.5 (#23743)

  • Release tooling — New releases are now created as pre-releases by default, preventing automated releases from being promoted to "latest" without explicit maintainer action. (#23754)

🌍 Community Contributions

@abillingsley

@Rubyj

@strawgate

For complete details, see CHANGELOG.

Generated by Release

What's Changed

... (truncated)

Commits
  • 6e45e1e fix: restore actions/setup after external root checkout in agent job (#23751)
  • 3803e52 chore: mark releases as pre-release and not latest (#23754)
  • 7966fc1 Migrate MCP list/inspect table output to explicit console.RenderTable() with ...
  • a30e9ff fix: address CLI consistency issues - redundant flags, unexplained jargon, an...
  • f3b265f fix(slides): correct mcp-servers allowed field syntax to use array form (#23749)
  • 3505b9d Make create-pull-request auto-close issue behavior configurable (#23738)
  • 756f67d fix: reduce docs-noob-tester scope to prevent timeout (#23742)
  • 9bb415d fix: update WASM golden files for firewall version v0.25.5 (#23743)
  • bca8c30 fix: close @​mention neutralization bypass via U+200E/200F/00AD/034F invisible...
  • 57eb079 Remove unused integrityLevelOrder variable to fix lint (#23721)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump github/gh-aw from 0.65.0 to 0.65.2
99a46b6 
Bumps [github/gh-aw](https://github.com/github/gh-aw) from 0.65.0 to 0.65.2.
- [Release notes](https://github.com/github/gh-aw/releases)
- [Commits](github/gh-aw@v0.65.0...v0.65.2)

---
updated-dependencies:
- dependency-name: github/gh-aw
  dependency-version: 0.65.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Apr 1, 2026
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud bot commented Apr 1, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@karianna karianna merged commit b892400 into main Apr 2, 2026
16 checks passed
@dependabot dependabot bot deleted the dependabot/github_actions/github/gh-aw-0.65.2 branch April 2, 2026 02:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@karianna karianna karianna approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@karianna