From 2d8e3652eb22ecacad4f2a986a6591bb97bd035f Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sat, 4 Apr 2026 10:54:27 +0000 Subject: [PATCH] Sync github-agentic-workflows.md with v0.66.1 Document two changes since v0.66.1 release: - add-comment: document reply_to_id field for discussion thread replies - steps/post-steps: document secrets expression restriction (strict mode error) Co-Authored-By: Claude Sonnet 4.6 --- .github/aw/github-agentic-workflows.md | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/.github/aw/github-agentic-workflows.md b/.github/aw/github-agentic-workflows.md index 9759db520c..fe52b228b6 100644 --- a/.github/aw/github-agentic-workflows.md +++ b/.github/aw/github-agentic-workflows.md @@ -199,8 +199,8 @@ The YAML frontmatter supports these fields: - **`if:`** - Conditional execution expression (string) - **`run-name:`** - Custom workflow run name (string) - **`name:`** - Workflow name (string) -- **`steps:`** - Custom workflow steps before AI execution (object). **Security Notice**: Custom steps run OUTSIDE the firewall sandbox with standard GitHub Actions security but NO network egress controls. Use only for deterministic data preparation, not agentic compute. -- **`post-steps:`** - Custom workflow steps after AI execution (object). **Security Notice**: Post-execution steps run OUTSIDE the firewall sandbox. Use only for deterministic cleanup, artifact uploads, or notifications—not agentic compute or untrusted AI execution. +- **`steps:`** - Custom workflow steps before AI execution (object). **Security Notice**: Custom steps run OUTSIDE the firewall sandbox with standard GitHub Actions security but NO network egress controls. Use only for deterministic data preparation, not agentic compute. **Secrets restriction**: Using `${{ secrets.* }}` expressions (other than `secrets.GITHUB_TOKEN`) in custom steps is an error in strict mode and a warning otherwise — move secret-dependent operations to a separate job outside the agent job. +- **`post-steps:`** - Custom workflow steps after AI execution (object). **Security Notice**: Post-execution steps run OUTSIDE the firewall sandbox. Use only for deterministic cleanup, artifact uploads, or notifications—not agentic compute or untrusted AI execution. Same secrets restriction applies as for `steps:`. - **`environment:`** - Environment that the job references for protection rules (string or object) - **`container:`** - Container to run job steps in (string or object) - **`services:`** - Service containers that run alongside the job (object) @@ -585,6 +585,12 @@ The YAML frontmatter supports these fields: **Hide Older Comments**: Set `hide-older-comments: true` to minimize previous comments from the same workflow before posting new ones. Useful for status updates. Allowed reasons: `spam`, `abuse`, `off_topic`, `outdated` (default), `resolved`. + **Discussion Thread Replies**: Agents can include `reply_to_id` in their output to post a threaded reply within a GitHub Discussion (requires `discussions: true`): + + ```json + {"type": "add_comment", "body": "Thread reply text", "reply_to_id": 12345} + ``` + When using `safe-outputs.add-comment`, the main job does **not** need `issues: write` or `pull-requests: write` permissions since comment creation is handled by a separate job with appropriate permissions. - `create-pull-request:` - Safe pull request creation with git patches