Bump github/gh-aw from 0.76.1 to 0.79.6

[dependabot]

Bumps github/gh-aw from 0.76.1 to 0.79.6.

Release notes

Sourced from github/gh-aw's releases.

v0.79.6

🌟 Release Highlights

This release focuses on observability improvements, Windows CLI reliability, and security hardening for the AWF firewall runtime — keeping your agentic workflows stable and easier to debug.

✨ What's New

• AI Credit Observability — gh-aw.aic is now emitted as a doubleValue on OTLP conclusion spans, fixing Sentry EAP type inference and ensuring AI credit cap attributes appear consistently even when INPUT_JOB_NAME is absent. Richer data means faster cost diagnosis. (#38550, #38510, #38580)

• Go MCP Server Process Guardrail — A 4-process limit is now enforced on child gh invocations spawned by the Go MCP server, preventing runaway process trees and improving resource safety in constrained runners. (#38544)

• Prefetch Strategy A/B Experiment — The weekly-blog-post-writer workflow gains a prefetch_strategy experiment flag, enabling controlled rollout of prefetch optimizations across agentic runs. (#38622)

• Maintenance Trigger Logging — The first trigger reason for agentics-maintenance generation is now logged, giving operators clear visibility into what kicked off a maintenance cycle. (#38616)

🐛 Bug Fixes & Improvements

• Windows CLI Deadlock Fixed — A process wrapper deadlock in the Windows CLI integration has been resolved, unblocking workflows that stalled when spawning child processes on Windows. (#38592)

• Smarter Failure Titles — The conclusion job now uses failure-specific issue titles and detects the unknown_model_ai_credits failure mode, making auto-filed failure issues more actionable. (#38615, #38610)

• Windows Test Coverage Expanded — The Windows CLI integration test suite is restructured into a scenario matrix covering shell, environment, path, and chaos scenarios for broader coverage. (#38526)

🔒 Security & Reliability

• AWF 0.27.2 Update — Upgraded to the latest AWF firewall runtime, incorporating upstream security and stability fixes. (#38660)

• Digest Pinning Restored — Container image digest pinning for AWF 0.27.0 firewall sidecar images has been restored, and the release pipeline now gates on resolved SHA pins before pushing tags — ensuring supply chain integrity. (#38595, #38608)

📚 Documentation

• LLM/Agent Discovery — Replaced starlight-llms-txt with a custom llms.txt/agents.txt that points directly to .github/aw/*.md workflow sources, making this repo more discoverable by LLM-based tooling. (#38630)

• copilot-requests: write Permission Guidance — Instruction docs now recommend the copilot-requests: write permission for Copilot-targeted workflows. (#38410)

Generated by 🚀 Release · 107.7 AIC · ⊞ 28.8K

---

What's Changed

• Replace remaining sort.Slice call sites with type-safe slices.SortFunc by @​Copilot in github/gh-aw#38498
• [jsweep] Clean write_large_content_to_file.cjs by @​github-actions[bot] in github/gh-aw#38504
• Ensure gh-aw.aic is emitted on conclusion spans when INPUT_JOB_NAME is missing by @​Copilot in github/gh-aw#38510
• Restructure Windows CLI integration into scenario matrix with missing shell/env/path/chaos coverage by @​Copilot in github/gh-aw#38526
• Add AI credit cap observability attributes to OTLP conclusion spans by @​Copilot in github/gh-aw#38550
• [instructions] Sync instruction files with release v0.79.4 by @​github-actions[bot] in github/gh-aw#38567
• [docs] Update documentation for features from 2026-06-11 by @​github-actions[bot] in github/gh-aw#38593
• [docs] Update glossary - daily scan by @​github-actions[bot] in github/gh-aw#38585

... (truncated)

Commits

• 9c481b8 updated to awf 0.27.2 (#38660)
• 867cc5e docs: replace starlight-llms-txt with custom llms.txt/agents.txt pointing to ...
• a332ba8 Add prefetch_strategy A/B experiment to weekly-blog-post-writer (#38622)
• 92bb513 Use failure-specific issue titles in conclusion job (#38615)
• 1a95104 Detect unknown_model_ai_credits failure in conclusion job (#38610)
• 75f3975 Log first trigger reason for agentics-maintenance generation (#38616)
• 288fd9f Add a 4-process guardrail for Go MCP server child gh invocations (#38544)
• eb8ab77 fix: always emit gh-aw.aic as doubleValue to fix Sentry EAP type inference (#...
• 8a80afd Restore digest pinning for AWF 0.27.0 firewall sidecar images (#38595)
• da81c26 release: gate on resolved container SHA pins before push_tag (#38608)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #26.