chore: bump gh-aw pin to v0.71.5#142
Merged
Merged
Conversation
v0.71.1 was removed from the github/gh-aw release page, breaking the pre-commit job's `Install gh-aw` step on every PR. v0.71.5 is the current Latest stable release. The pin is duplicated in three places that all need to agree: - Makefile (`make setup` / `make compile` for local dev) - .github/workflows/pre-commit.yml (CI install step) - scripts/run-gh-aw-compile.sh (pre-commit local hook guard) Lock files under .github/workflows/gh-aw-*.lock.yml still reference v0.71.1 in their manifest comments, but those are only regenerated when a gh-aw .md source changes (the `compile-workflows` hook is file-scoped), so they refresh organically on the next workflow edit. Co-authored-by: Cursor <cursoragent@cursor.com>
`pre-commit/action@v3.0.1` defaults to `--all-files`, so the `compile-workflows` hook re-runs `gh aw compile` against every `gh-aw-*.md` source on every PR. With v0.71.5 the regenerated `.lock.yml` outputs differ from the v0.71.1 ones checked in (setup action SHA, info-version envs, additional env vars), so the hook flags the diff and CI fails. Bumping the compiler version requires committing the regenerated lock files alongside the pin. Co-authored-by: Cursor <cursoragent@cursor.com>
Member
|
@cotti Need to test our workflows on 0.71.5 — they didn't work on 0.71.4. |
Contributor
Author
|
@theletterf ah, good to know. Thanks! |
Member
|
Tested in https://github.com/theletterf/gh-aw-skill-smoke-test/actions/runs/25506869373 — we're safe to proceed. |
theletterf
approved these changes
May 7, 2026
3 tasks
Member
theletterf
added a commit
that referenced
this pull request
May 8, 2026
PR #142 missed this file when bumping the gh-aw pin from v0.71.1 to v0.71.5. The v0.71.1 release was deleted upstream, so the next weekly run of this workflow would fail at "gh extension install" the same way this PR's pre-commit did before the rebase. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
theletterf
added a commit
that referenced
this pull request
May 8, 2026
* Bump the github-actions group across 2 directories with 2 updates Bumps the github-actions group with 2 updates in the / directory: [elastic/oblt-actions](https://github.com/elastic/oblt-actions) and [tj-actions/changed-files](https://github.com/tj-actions/changed-files). Bumps the github-actions group with 2 updates in the /.github/workflows directory: [elastic/oblt-actions](https://github.com/elastic/oblt-actions) and [tj-actions/changed-files](https://github.com/tj-actions/changed-files). Updates `elastic/oblt-actions` from 1.39.0 to 1.39.2 - [Release notes](https://github.com/elastic/oblt-actions/releases) - [Changelog](https://github.com/elastic/oblt-actions/blob/main/docs/RELEASE.md) - [Commits](elastic/oblt-actions@v1.39.0...v1.39.2) Updates `tj-actions/changed-files` from 47.0.5 to 47.0.6 - [Release notes](https://github.com/tj-actions/changed-files/releases) - [Commits](tj-actions/changed-files@v47.0.5...v47.0.6) Updates `elastic/oblt-actions` from 1.39.0 to 1.39.2 - [Release notes](https://github.com/elastic/oblt-actions/releases) - [Changelog](https://github.com/elastic/oblt-actions/blob/main/docs/RELEASE.md) - [Commits](elastic/oblt-actions@v1.39.0...v1.39.2) Updates `tj-actions/changed-files` from 47.0.5 to 47.0.6 - [Release notes](https://github.com/tj-actions/changed-files/releases) - [Commits](tj-actions/changed-files@v47.0.5...v47.0.6) --- updated-dependencies: - dependency-name: elastic/oblt-actions dependency-version: 1.39.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: tj-actions/changed-files dependency-version: 47.0.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: elastic/oblt-actions dependency-version: 1.39.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: tj-actions/changed-files dependency-version: 47.0.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com> * Bump check-aw-updates.yml gh-aw pin to v0.71.5 PR #142 missed this file when bumping the gh-aw pin from v0.71.1 to v0.71.5. The v0.71.1 release was deleted upstream, so the next weekly run of this workflow would fail at "gh extension install" the same way this PR's pre-commit did before the rebase. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Fabrizio Ferri-Benedetti <fabri.ferribenedetti@elastic.co> Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
theletterf
added a commit
that referenced
this pull request
May 8, 2026
The existing token-policy-elastic-docs-actions is bound to check-aw-updates.yml@refs/heads/main, so the OIDC workflow_ref claim from this workflow's pull_request runs (different file, different ref) won't validate. Switches to the dedicated, narrower policy added in elastic/catalog-info#3784, bound to recompile-aw-on-bump.yml@*. Also bumps: - GH_AW_VERSION v0.71.1 → v0.71.5 (parity with #142) - elastic/oblt-actions/github/create-token v1.38.1 → v1.39.2 (parity with the rest of the repo) Depends on elastic/catalog-info#3784 merging first. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
v0.71.1was removed from thegithub/gh-awrelease page, breaking the pre-commit job'sInstall gh-awstep on every PR (e.g. https://github.com/elastic/docs-actions/actions/runs/25502343088/job/74838433118).v0.71.5, which is the currentLateststable release.Makefile(used bymake setup/make compilefor local dev).github/workflows/pre-commit.yml(CI install step)scripts/run-gh-aw-compile.sh(pre-commit local hook guard)The
.github/workflows/gh-aw-*.lock.ymlfiles still mentionv0.71.1in their manifest comments, but thecompile-workflowspre-commit hook only fires when a gh-aw.mdsource changes, so those refresh organically the next time a workflow source is edited. Keeping this PR minimal so it can land fast and unblock open PRs (#140 in particular).Test plan
pre-commit run --files Makefile .github/workflows/pre-commit.yml scripts/run-gh-aw-compile.shpasses locallypre-commitjob passes on this PR (will exercise the new pin end-to-end)Made with Cursor