regen ado-aw

[jamesadevine]

Summary

Test plan

[github-actions]

🔍 Rust PR Review

Summary: Auto-generated regeneration — looks good, no logic issues found.

Note: This PR was already merged. This review is for informational purposes.

Findings

✅ What Looks Good

• Consistent version bumps across all 26 .lock.yml files: ado-aw 0.30.1→0.31.1, Copilot CLI 1.0.47→1.0.48, AWF 0.25.44→0.25.48, MCPG 0.3.7→0.3.12. No stragglers.
• New runtime-import mechanism is correctly sequenced: {{#runtime-import ...}} marker is written to agent-prompt.md before import.js resolves it, which runs before the AWF agent stage.
• Checksum verification for ado-script.zip is present (grep ... checksums.txt | sha256sum -c -), mitigating supply-chain tampering.
• condition: succeeded() on NodeTool, ado-script download, and import resolution steps ensures a broken import chain fails loudly rather than silently passing an unresolved {{#runtime-import ...}} string to the agent.
• All 26 aw_info.json blocks are valid JSON with the full required field set.
• NodeTool + ado-script steps are Stage 1 only — correctly absent from the detection (Stage 2) and safe-outputs (Stage 3) jobs.

⚠️ Suggestions

• tests/safe-outputs/*.lock.yml — ado-script download uses hardcoded version instead of ${COMPILER_VERSION}: The ado-aw binary download step correctly uses COMPILER_VERSION="0.31.1" as a variable, but the new ado-script download step hard-codes v0.31.1 in the URLs. Since these are generated files this is never wrong at generation time, but using the variable in the compiler template would be more consistent:

  # template suggestion
  curl -fsSL "(redacted)
  

  Low priority.

• model: gpt-5-mini appears in all aw_info.json metadata blocks (sourced from engine.model in the .md fixtures). Not a generated-YAML issue, but worth confirming this model identifier is valid in the runtime environment.

Generated by Rust PR Reviewer for issue #861 · sonnet46 2.4M · ◷