Skip to content

Bump github/gh-aw from 0.65.0 to 0.65.2#521

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/github_actions/github/gh-aw-0.65.2
Open

Bump github/gh-aw from 0.65.0 to 0.65.2#521
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/github_actions/github/gh-aw-0.65.2

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 1, 2026

Bumps github/gh-aw from 0.65.0 to 0.65.2.

Release notes

Sourced from github/gh-aw's releases.

v0.65.2

🌟 Release Highlights

This patch release brings a new configurability option for pull request workflows, a reliable fix for external-repository checkout scenarios, and a round of CLI consistency improvements — plus three community-reported issues resolved.

✨ What's New

  • Configurable create-pull-request auto-close behavior — The create-pull-request safe-output now lets you control whether the triggering issue is automatically closed when the PR is merged. Previously this was always-on; now it can be tuned per workflow. (Requested by the community — see #23736)

🐛 Bug Fixes & Improvements

  • Restore actions/setup after external root checkout — When a workflow checks out an external repository to the workspace root (no path: specified), actions/checkout was overwriting $GITHUB_WORKSPACE and deleting the locally checked-out actions/setup directory, causing a post-step failure (Can't find 'action.yml'). The compiler now appends a Restore actions folder step (if: always()) in dev mode when this pattern is detected. (#23751)

  • CLI consistency improvements — Addressed redundant flags, unexplained jargon, and discrepancies between help text and documentation to make the CLI more approachable. (#23750)

  • MCP table output routingmcp list-tools and mcp inspect now route table output through explicit console.RenderTable() calls with unambiguous stdout routing, aligning with the established pattern in mcp list. (#23752)

  • WASM golden files updated for firewall v0.25.5 (#23743)

  • Release tooling — New releases are now created as pre-releases by default, preventing automated releases from being promoted to "latest" without explicit maintainer action. (#23754)

🌍 Community Contributions

@abillingsley

@Rubyj

@strawgate

For complete details, see CHANGELOG.

Generated by Release

What's Changed

... (truncated)

Commits
  • 6e45e1e fix: restore actions/setup after external root checkout in agent job (#23751)
  • 3803e52 chore: mark releases as pre-release and not latest (#23754)
  • 7966fc1 Migrate MCP list/inspect table output to explicit console.RenderTable() with ...
  • a30e9ff fix: address CLI consistency issues - redundant flags, unexplained jargon, an...
  • f3b265f fix(slides): correct mcp-servers allowed field syntax to use array form (#23749)
  • 3505b9d Make create-pull-request auto-close issue behavior configurable (#23738)
  • 756f67d fix: reduce docs-noob-tester scope to prevent timeout (#23742)
  • 9bb415d fix: update WASM golden files for firewall version v0.25.5 (#23743)
  • bca8c30 fix: close @​mention neutralization bypass via U+200E/200F/00AD/034F invisible...
  • 57eb079 Remove unused integrityLevelOrder variable to fix lint (#23721)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump github/gh-aw from 0.65.0 to 0.65.2
99a46b6 
Bumps [github/gh-aw](https://github.com/github/gh-aw) from 0.65.0 to 0.65.2.
- [Release notes](https://github.com/github/gh-aw/releases)
- [Commits](github/gh-aw@v0.65.0...v0.65.2)

---
updated-dependencies:
- dependency-name: github/gh-aw
  dependency-version: 0.65.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Apr 1, 2026
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud bot commented Apr 1, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants