v0.64.4
π Release Highlights
This release delivers safe-output tooling improvements, sibling import resolution, and enhanced runner flexibility β driven largely by community feedback from @j-srodka.
β¨ What's New
runs-on-slimfor compile-stable jobs β Override the runner forcompile-stableframework jobs using the newruns-on-slimkey, giving you precise control over job execution environments (#23490)- Compile-time validation of safe-output job ordering β The compiler now validates
needs:ordering on custom safe-output jobs at compile time, catching dependency misconfigurations before they reach runtime (#23486) - DIFC proxy feature flag β The new
difc-proxyfeature flag gates DIFC proxy emission, enabling opt-in integrity enforcement for supported environments (#23471)
π Bug Fixes & Improvements
- Sibling nested imports resolved correctly β
./file.mdimports now resolve relative to the parent file's directory, fixing broken modular workflow imports (#23475) - Custom tools included in
<safe-output-tools>prompt β Custom jobs, scripts, and actions are now surfaced in the<safe-output-tools>prompt block so agents are aware of all available safe-output mechanisms (#23487) - Repo-memory concurrency scope tightened β Push concurrency keys are now scoped to the actual branch target, eliminating unnecessary serialization across unrelated branches (#23489)
- MCP error message clarity β Docker-unavailable error messages now use correct parameter syntax for MCP compatibility (#23515)
π Documentation
- MemoryOps guide streamlined for better readability (#23506)
- Broken anchor link in safe-outputs specification fixed (#23474)
π Community Contributions
A huge thank you to the community members who reported issues that were resolved in this release!
@j-srodka
- Generated jobs lack a compile-stable runner override/inheritance mechanism (direct issue)
- Compiled (safe-output-tools) can omit custom safe-output tools/jobs (direct issue)
- Custom safe-output jobs cannot declare needs / ordering relative to generated jobs (direct issue)
- Compiler-generated repo-memory push concurrency is broader than the actual write surface (direct issue)
For complete details, see CHANGELOG.
Generated by Release
What's Changed
- [docs] Self-healing documentation fixes from issue analysis - 2026-03-29 by @github-actions[bot] in #23460
- fix: add Node.js 24 runtime to daily-multi-device-docs-tester by @Copilot in #23464
- feat: guard DIFC proxy emission with
difc-proxyfeature flag by @Copilot in #23471 - Fix broken anchor link in safe-outputs-specification TOC by @Copilot in #23474
- ci-cleaner: add protected-files fallback-to-issue by @Copilot in #23472
- [docs] Update documentation for features from 2026-03-29 by @github-actions[bot] in #23481
- fix: resolve sibling nested imports (./file.md) relative to parent file's directory by @Copilot in #23475
- Add DIFC proxy sh integration test to ci.yml by @Copilot in #23476
- [log] Add debug logging to workflow pkg files lacking coverage by @github-actions[bot] in #23492
- Fix: include custom jobs, scripts, and actions in
<safe-output-tools>prompt block by @Copilot in #23487 - feat: compile-time validation of needs: ordering on custom safe-output jobs by @Copilot in #23486
- fix: tighten repo-memory push concurrency key to actual branch targets by @Copilot in #23489
- feat: add
runs-on-slimfor compile-stable framework job runner override by @Copilot in #23490 - [docs] Update documentation for features from 2026-03-30 by @github-actions[bot] in #23503
- Add CI repro test for GH_HOST proxy/PR checkout mismatch (issue #23461) by @Copilot in #23496
- [docs] docs: unbloat MemoryOps guide by @github-actions[bot] in #23506
- bump gh-aw-firewall to v0.25.4 by @Copilot in #23514
- fix: use parameter syntax in Docker-unavailable error message for MCP compatibility by @Copilot in #23515
- chore: update MCP Gateway to v0.2.9 by @Copilot in #23513
Full Changelog: v0.64.3...v0.64.4