feat: add release highlights generator agentic workflow #197
Conversation
| description: Generate an engaging release highlights summary for new releases | ||
| on: | ||
| release: | ||
| types: [published] | ||
| workflow_dispatch: | ||
| permissions: | ||
| contents: read | ||
| issues: read | ||
| pull-requests: read | ||
| tools: | ||
| github: | ||
| toolsets: [default] | ||
| bash: | ||
| - "git log:*" | ||
| - "git diff:*" | ||
| - "git tag:*" | ||
| - "git show:*" | ||
| safe-outputs: | ||
| update-release: | ||
| max: 1 | ||
| timeout-minutes: 10 |
There was a problem hiding this comment.
This release highlights generator should be combined with the current release pipeline. Check out https://github.com/githubnext/gh-aw/blob/main/.github/workflows/release.md for inspiration
There was a problem hiding this comment.
Combined the release highlights generator with the release pipeline in commit 81002e8. The release.md now includes:
jobs:with the full build/release processsteps:to prepare release data for the agent- Prompt section for AI-generated highlights
update-releasesafe output to prepend highlights
The pattern now matches the gh-aw reference workflow.
There was a problem hiding this comment.
@copilot looks good to me can you add a dry run option to this workflow so that I can test it out?
There was a problem hiding this comment.
Added dry_run option in commit ac7eb3f. You can now test the workflow via manual dispatch with "Dry run mode" enabled. In dry run mode:
- Docker images are built but NOT pushed
- Signing/SBOM steps are skipped
- Release notes are previewed in the logs but no release is created
- AI agent step is skipped (no release to update)
All artifacts are still uploaded for inspection.
Test Coverage Report
Coverage ThresholdsThe project has the following coverage thresholds configured:
Coverage report generated by `npm run test:coverage` |
|
💥 WHOOSH! Smoke Claude springs into action on this pull request! [Panel 1 begins...] |
|
📰 BREAKING: Smoke Copilot is now investigating this pull request. Sources say the story is developing... |
Smoke Test ResultsLast 2 merged PRs:
Test Results:
Overall Status: PASS
|
Smoke Test Results (Claude Engine)Last 2 merged PRs:
Test Results:
Overall Status: FAIL (Playwright connectivity issues)
|
GitHub's default CodeQL setup was attempting to analyze Python code, but this repository only contains JavaScript/TypeScript and GitHub Actions. The false detection was caused by a Python file in node_modules (flatted/python/flatted.py). This explicit workflow: - Only analyzes javascript-typescript and actions languages - Replaces the default setup with controlled configuration - Prevents "no source code found" errors for Python - Runs on PR, push to main, weekly schedule, and manual dispatch Fixes the CodeQL failure in PR #197. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
|
💥 WHOOSH! Smoke Claude springs into action on this pull request! [Panel 1 begins...] |
|
📰 BREAKING: Smoke Copilot is now investigating this pull request. Sources say the story is developing... |
Smoke Test ResultsGitHub MCP: ✅ #225, #224 Status: PASS
|
Smoke Test Results (Claude Engine)Last 2 merged PRs:
Test Results:
Overall Status: FAIL (Playwright connectivity issue)
|
Co-authored-by: Mossaka <5447827+Mossaka@users.noreply.github.com>
Co-authored-by: Mossaka <5447827+Mossaka@users.noreply.github.com>
Co-authored-by: Mossaka <5447827+Mossaka@users.noreply.github.com>
Adds a validation step that checks package.json version matches the git tag version before building. This prevents the issue where a tag is created on a commit with the wrong version number, which caused the v0.9.0 release to initially fail smoke tests. The validation step provides clear error messages and remediation steps when a mismatch is detected. Resolves the root cause of workflow run 21004691307 failure.
GitHub's default CodeQL setup was attempting to analyze Python code, but this repository only contains JavaScript/TypeScript and GitHub Actions. The false detection was caused by a Python file in node_modules (flatted/python/flatted.py). This explicit workflow: - Only analyzes javascript-typescript and actions languages - Replaces the default setup with controlled configuration - Prevents "no source code found" errors for Python - Runs on PR, push to main, weekly schedule, and manual dispatch Fixes the CodeQL failure in PR #197. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Mossaka
force-pushed
the
copilot/add-release-highlights-generator
branch
from
9dd0757 to
5ac3a47
Compare
|
📰 BREAKING: Smoke Copilot is now investigating this pull request. Sources say the story is developing... |
|
💫 TO BE CONTINUED... Smoke Claude failed! Our hero faces unexpected challenges... |
Smoke Test ResultsLast 2 Merged PRs:
Test Results:
Overall Status: PASS
|
PR #706 hid /tmp/gh-aw/mcp-logs/ from agent containers using tmpfs mounts but missed /tmp/gh-aw/mcp-config/, which may contain MCP server configuration with tokens and credentials (CVE-003 from issue #197). Apply the same tmpfs hiding pattern for mcp-config in both normal and chroot modes. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Pentest Findings Follow-UpPR #716 addresses the remaining gap from this pentest report. Here's the status of all findings:
CVE-004 NoteDNS tunneling remains a known limitation. The |
gh aw compileDry Run Mode
The workflow now supports a
dry_runinput option when triggered manually viaworkflow_dispatch. In dry run mode:This allows testing the full build pipeline without making any external changes.
Original prompt
💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.