Skip to content

chore(ci): bump gh-aw setup action to v0.74.8#9358

Draft
polmichel wants to merge 2 commits into
stablefrom
pmi-20260526-gh-aw-update
Draft

chore(ci): bump gh-aw setup action to v0.74.8#9358
polmichel wants to merge 2 commits into
stablefrom
pmi-20260526-gh-aw-update

Conversation

@polmichel
Copy link
Copy Markdown
Contributor

@polmichel polmichel commented May 26, 2026
edited
Loading

Summary

Notes

  • The dependabot.yml reformatting (dropping the # yamllint disable rule:truthy and section comments, reflowing quotes) is enforced by gh aw compile — manual edits get overwritten on the next run.

Test plan

  • Confirm dependabot still runs against github-actions on Mondays after merge.
  • Confirm gh aw compile produces no diff after this lands (i.e. lock state is stable).

🤖 Generated with Claude Code

Summary by cubic

Bump github/gh-aw-actions/setup to v0.74.8 and normalize Dependabot config to the gh-aw managed format. This stabilizes gh aw compile output and prevents Dependabot from bumping compiler-managed actions.

  • Dependencies
    • .github/aw/actions-lock.json: github/gh-aw-actions/setup v0.71.5 → v0.74.8 (sha updated).
    • .github/dependabot.yml: reformatted to gh-aw shape and added ignore for github/gh-aw-actions/**; schedule, labels, and target branch unchanged.

Written for commit 9a7f34e. Summary will update on new commits. Review in cubic

@github-actions github-actions Bot added the group/ci Issue related to the CI pipeline label May 26, 2026
cubic-dev-ai[bot]
cubic-dev-ai Bot reviewed May 26, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@cubic-dev-ai cubic-dev-ai Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 2 files

Confidence score: 5/5

  • Automated review surfaced no issues in the provided summaries.
  • No files require special attention.

Shadow auto-approve: would auto-approve. This is a low-risk CI chore that bumps a pinned GitHub action version from v0.71.5 to v0.74.8 and normalizes the Dependabot config to match the gh aw compile tooling, with no changes to business logic, production infrastructure, or critical paths.

Re-trigger cubic

@polmichel @claude
Revert: bug pipeline approval-label gating (#9319)
253a417 
Removes `min-integrity: approved` and `approval-labels: [state/ai-pipeline-ready]`
from the four bug-agent workflow frontmatters and regenerates the lock.yml files
via `gh aw compile` (pinned to v0.71.5 to match the compiler version recorded
in `.github/aw/actions-lock.json`). Restores the pre-#9319 behavior where the
bug pipeline is not gated behind the approval label.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@polmichel polmichel force-pushed the pmi-revert-pipeline-auth-approver-label branch from 71dba19 to 253a417 Compare May 26, 2026 15:11
@polmichel @claude
chore(ci): bump gh-aw to v0.74.8
565c705 
Upgrades `gh aw` (the GitHub CLI extension that compiles agentic workflows)
from v0.71.5 to v0.74.8 and regenerates the lock files via `gh aw compile`:

- `.github/aw/actions-lock.json`: `github/gh-aw-actions/setup` v0.71.5 → v0.74.8.
- `.github/workflows/bug-agent-*.lock.yml`: recompiled at v0.74.8.
- `.github/dependabot.yml`: reformatted into the gh-aw-managed shape with a
  new ignore rule for `github/gh-aw-actions/**` (version-locked to the gh-aw
  compiler; do not bump via dependabot).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@polmichel polmichel force-pushed the pmi-20260526-gh-aw-update branch from 9a7f34e to 565c705 Compare May 26, 2026 15:12
Base automatically changed from pmi-revert-pipeline-auth-approver-label to stable May 26, 2026 17:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cubic-dev-ai cubic-dev-ai[bot] cubic-dev-ai[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

group/ci Issue related to the CI pipeline

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@polmichel