ci: support configurable go-version-file by strawgate · Pull Request #675 · elastic/ai-github-actions

strawgate · 2026-03-12T14:20:29Z

Add go-version-file input to performance profiler workflow. Use this input in runtime setup for the Setup Go step. Fall back to go.mod when no input is provided. This allows repositories with go.mod that aren't in the root directory to specify a custom version file path.

Summary

Validation

make compile          # sync triggers + compile to lock files
make lint             # run all linters

Pre-Completion Checklist

Re-read the issue or request and confirmed this PR directly addresses it
Reviewed all changed files for correctness
Ran make compile and make lint with no errors
Verified no unrelated files were modified

Add `go-version-file` input to performance profiler workflow. Use this input in runtime setup for the Setup Go step. Fall back to `go.mod` when no input is provided. This allows repositories with `go.mod` that aren't in the root directory to specify a custom version file path. Signed-off-by: Marc Lopez Rubio <marc5.12@outlook.com>

coderabbitai · 2026-03-12T14:28:44Z

📝 Walkthrough

Walkthrough

This pull request parameterizes Go setup across 50+ GitHub Actions workflows by replacing hardcoded go.mod references with a configurable inputs['go-version-file'] input parameter (defaulting to go.mod). It updates the actions/setup-go action from v5 to v6, conditionally gates Go setup on the resolved version file's presence, and regenerates corresponding lock file metadata hashes. The changes introduce workflow-level flexibility for specifying alternative Go version files while preserving existing behavior when no input is provided.

Possibly related PRs

Rename estc-downstream-health to internal-downstream-health #515: Modifies gh-aw-estc-downstream-health workflow (renamed to internal-downstream-health) with overlapping changes to setup-go action reference and go-version-file input handling.
Add mention-in-issue and mention-in-pr variants with sandbox disabled #367: Adds the gh-aw-mention-in-issue-no-sandbox workflow, which receives the same go-version-file parameterization and actions/setup-go v6 upgrade in this PR.

Suggested labels

medium_boom

✨ Finishing Touches

🧪 Generate unit tests (beta)

Create PR with unit tests
Post copyable unit tests in a comment

🛠️ Update Documentation: Commit on current branch
🛠️ Update Documentation: Create PR

📝 Coding Plan for PR comments

Generate coding plan

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

coderabbitai

Actionable comments posted: 4

Note

Due to the large number of review comments, Critical severity comments were prioritized as inline comments.

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

.github/workflows/gh-aw-flaky-test-investigator.lock.yml (1)
45-77: ⚠️ Potential issue | 🟠 Major

Add go-version-file input to workflow_call.inputs in the source .md file.

The generated lockfile at lines 567–572 references inputs['go-version-file'], but this input is not declared in workflow_call.inputs of the source .md. This breaks the intended configurability—callers cannot pass a custom version file path.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-flaky-test-investigator.lock.yml around lines 45 -
77, The workflow_call.inputs block is missing the go-version-file input
referenced elsewhere; add an inputs entry named go-version-file under
workflow_call.inputs (e.g., key: go-version-file) with a sensible default (like
".go-version" or empty string), a brief description (e.g., "Path to Go version
file"), required: false, and type: string so callers can pass
inputs['go-version-file'] as expected; update the same inputs mapping where
other inputs (model, title-prefix) are declared to keep format consistent.

🟠 Major comments (32)

.github/workflows/gh-aw-estc-actions-resource-not-accessible-detector.lock.yml-550-555 (1)
550-555: ⚠️ Potential issue | 🟠 Major

Declare go-version-file in workflow_call.inputs, or this stays non-configurable.

Lines 550-555 now read inputs['go-version-file'], but the reusable workflow interface at Lines 45-85 never declares that input. Callers therefore cannot pass a custom path, so this workflow still only works via the go.mod fallback and does not deliver the new feature.
Suggested fix in the source workflow definition
  workflow_call:
    inputs:
+      go-version-file:
+        default: "go.mod"
+        description: Path to the Go version file used by setup-go
+        required: false
+        type: string
       additional-instructions:
         default: ""
         description: Repo-specific instructions appended to the agent prompt
         required: false
         type: string
Based on learnings, .lock.yml files in this repository are generated by gh aw compile, so this fix should be applied in the corresponding source .md/fragment rather than editing the lockfile directly.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In
@.github/workflows/gh-aw-estc-actions-resource-not-accessible-detector.lock.yml
around lines 550 - 555, The workflow references inputs['go-version-file'] when
configuring actions/setup-go but the reusable workflow interface
(workflow_call.inputs) does not declare go-version-file; add a declaration for
go-version-file under workflow_call.inputs (matching the type/string and default
'go.mod' or left empty) in the source workflow definition (the .md/fragment that
generates the .lock.yml) so callers can pass a custom path; update the metadata
where workflow_call.inputs is defined rather than editing the generated
.lock.yml.
.github/workflows/gh-aw-plan.lock.yml-515-520 (1)
515-520: ⚠️ Potential issue | 🟠 Major

Add missing go-version-file input declaration to the source workflow.

Lines 515 and 520 reference inputs['go-version-file'], but this input is not declared in workflow_call.inputs (lines 44–75). Without it, the expression always defaults to 'go.mod', preventing callers from customizing the path.

Update the source .md file to include:
go-version-file:
  default: "go.mod"
  description: Path to the go.mod file for Go version detection
  required: false
  type: string
Then recompile with gh aw compile.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-plan.lock.yml around lines 515 - 520, Add a new
workflow input named go-version-file to the workflow_call.inputs so
inputs['go-version-file'] is declared and customizable: add the entry
"go-version-file:" with default: "go.mod", description: "Path to the go.mod file
for Go version detection", required: false, and type: string in the source
workflow inputs block (where workflow_call.inputs is defined) and then recompile
with gh aw compile to ensure the actions/setup-go step that references
inputs['go-version-file'] uses the declared input.
.github/workflows/gh-aw-mention-in-issue-by-id.lock.yml-508-513 (1)
508-513: ⚠️ Potential issue | 🟠 Major

Declare go-version-file on workflow_call so callers can use the new configurability.

This step now references inputs['go-version-file'], but the input is not declared in the source .md file's workflow_call.inputs section (lines 25–59). Without the input declaration, consumers of this workflow cannot pass a non-root version file. Add the input to the source .md and recompile.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-mention-in-issue-by-id.lock.yml around lines 508 -
513, The workflow references inputs['go-version-file'] but the
workflow_call.inputs section in the source .md is missing that input; add a new
input named go-version-file to the workflow_call.inputs block (with a sensible
default like 'go.mod' and appropriate description), update any related
documentation fields in the same .md, then recompile/generate the .yml so the
step that uses inputs['go-version-file'] can accept caller-supplied values.
Ensure the input name exactly matches "go-version-file" so the conditional
hashFiles(inputs['go-version-file'] || 'go.mod') resolves correctly.
.github/workflows/gh-aw-ux-design-patrol.lock.yml-608-613 (1)
608-613: ⚠️ Potential issue | 🟠 Major

Add go-version-file to the workflow_call.inputs section in the source .md file.

The lock file references inputs['go-version-file'] at lines 608 and 613, but this input is not declared in on.workflow_call.inputs (lines 48–83 of the lock file, which corresponds to the source). Callers cannot pass a custom Go version file without this declaration.

Modify the source .md file, not the lock file—the lock file is auto-generated by gh aw compile.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-ux-design-patrol.lock.yml around lines 608 - 613,
Add a new workflow input named "go-version-file" to the source workflow's
on.workflow_call.inputs block in the .md source (the section currently covering
inputs passed to callers), so callers can pass a custom Go version file; update
the inputs declaration to include go-version-file with an appropriate type
(string) and default (e.g., "go.mod") and description so gh aw compile will
regenerate the lock file with the referenced inputs['go-version-file'] used by
Setup Go.
.github/workflows/gh-aw-issue-triage.lock.yml-556-561 (1)
556-561: ⚠️ Potential issue | 🟠 Major

Declare go-version-file in the source workflow's workflow_call.inputs, then recompile.

The lockfile references inputs['go-version-file'] (lines 556, 561), but this input is not declared in either the source .md file's workflow_call.inputs or the generated lockfile. While the || 'go.mod' fallback preserves current behavior, callers cannot pass a custom Go version file path because the input is not exposed. Add go-version-file to the source workflow's input declarations, then run gh aw compile to regenerate the lockfile.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-issue-triage.lock.yml around lines 556 - 561, Add a
new workflow input named "go-version-file" to the source workflow's
workflow_call.inputs declaration so callers can pass a custom Go version file;
ensure the input has a sensible default (e.g., "go.mod") and appropriate
type/description, then run "gh aw compile" to regenerate the lockfile so the
lock references inputs['go-version-file'] correctly; update any docs or examples
that call the workflow to show the new input.
.github/workflows/gh-aw-create-pr-from-issue.lock.yml-490-495 (1)
490-495: ⚠️ Potential issue | 🟠 Major

Add go-version-file input to the source workflow.

The compiled step at lines 490–495 now references inputs['go-version-file'], but this input is not declared in .github/workflows/gh-aw-create-pr-from-issue.md. Add the go-version-file input declaration to the source .md file under on.workflow_call.inputs, then run gh aw compile to regenerate the .lock.yml file.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-create-pr-from-issue.lock.yml around lines 490 -
495, Add a new workflow input named go-version-file to the source workflow's
on.workflow_call.inputs (the source .md referenced by the compiled lock) so
inputs['go-version-file'] is declared; then re-run the workflow compiler (gh aw
compile) to regenerate the .lock.yml. Ensure the input name exactly matches
"go-version-file" and provide a sensible default or description as appropriate
so the actions/setup-go usage (which reads inputs['go-version-file'] ||
'go.mod') resolves correctly.
.github/workflows/gh-aw-pr-ci-detective.lock.yml-513-518 (1)
513-518: ⚠️ Potential issue | 🟠 Major

Missing go-version-file input declaration.

inputs['go-version-file'] is referenced at lines 513 and 518 but not declared in the workflow's inputs: section. Callers cannot provide a custom value via workflow_call—the fallback 'go.mod' will always be used. Update the source .md file to include this input declaration so it compiles into the lock file.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-pr-ci-detective.lock.yml around lines 513 - 518, Add
a new workflow input named "go-version-file" to the workflow's inputs (the
source .md used to generate the lock) so callers using workflow_call can
override the default; declare inputs['go-version-file'] with a sensible default
value of "go.mod" and a short description so the compiled lock file includes the
input referenced by hashFiles(inputs['go-version-file'] || 'go.mod') in the
Setup Go step. Ensure the input name exactly matches "go-version-file" and is
documented in the source .md so the generated
.github/workflows/gh-aw-pr-ci-detective.lock.yml contains the input declaration.
.github/workflows/gh-aw-pr-ci-detective.lock.yml-515-515 (1)
515-515: ⚠️ Potential issue | 🟠 Major

Review breaking changes in actions/setup-go v6 upgrade.

v6 introduces three breaking changes:

Node.js runtime bumped to v24 — requires GitHub Actions Runner v2.327.1+. Self-hosted runners or restricted environments on Node 20 will fail.

Go toolchain selection behavior changed — now prefers toolchain directive in go.mod over go. Verify this aligns with your Go version pinning strategy.

Cache key behavior changed — Go modules cache now defaults to go.mod instead of go.sum. If go.sum-based caching is required, set cache-dependency-path.

Ensure your runners and workflow configuration are compatible with these changes before merging.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-pr-ci-detective.lock.yml at line 515, The workflow
upgrade to actions/setup-go v6 (reference: the uses: actions/setup-go@4b7346...
line) introduces breaking changes—Node runtime bumped to v24, toolchain
selection now prefers the go.mod toolchain directive, and cache key defaults to
go.mod—so either pin the action back to a v5 release or update the workflow and
runners: ensure GitHub Actions Runner >= v2.327.1 (or document self-hosted
runner upgrade), explicitly set cache behavior by adding the
cache-dependency-path input to use go.sum if you rely on that, and explicitly
provide the desired Go version (or update go.mod toolchain) to avoid unexpected
toolchain selection (target symbols to edit: the actions/setup-go usage line and
add inputs like cache-dependency-path and go-version/toolchain handling).
.github/workflows/gh-aw-code-simplifier.lock.yml-514-519 (1)
514-519: ⚠️ Potential issue | 🟠 Major

Add go-version-file input to the source workflow definition.

The Setup Go step uses inputs['go-version-file'], but this input is not declared in the workflow's workflow_call.inputs block. Consumers cannot pass a custom Go version file path until the input is declared.

Since .lock.yml files are auto-generated from .md sources, update .github/workflows/gh-aw-code-simplifier.md:
Add input declaration
   workflow_call:
     inputs:
+      go-version-file:
+        default: go.mod
+        description: Path to the file used by Setup Go to resolve the Go version
+        required: false
+        type: string
       model:
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-code-simplifier.lock.yml around lines 514 - 519, Add
a declared input for go-version-file to the workflow_call.inputs in the source
workflow so inputs['go-version-file'] is defined; update the source workflow's
inputs block to include a string input named go-version-file with a sensible
description and a default of "go.mod" so the Setup Go step (which references
inputs['go-version-file']) can accept a custom path.
.github/workflows/gh-aw-update-pr-body.lock.yml-573-578 (1)
573-578: ⚠️ Potential issue | 🟠 Major

Add go-version-file to reusable workflow inputs.

Lines 573–578 consume inputs['go-version-file'], but this input is not declared under workflow_call.inputs. Callers cannot provide a custom Go version file path, so the new capability doesn't work. Add the input declaration to the source .md file.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-update-pr-body.lock.yml around lines 573 - 578, The
workflow consumes inputs['go-version-file'] but that input is not declared; add
a workflow_call.inputs entry named go-version-file (type: string, default:
'go.mod', with a short description) in the reusable workflow's inputs section so
callers can pass a custom Go version file; this will make the usage in the Setup
Go step (the actions/setup-go invocation that sets go-version-file: ${{
inputs['go-version-file'] || 'go.mod' }}) work correctly.
.github/workflows/gh-aw-stale-issues-remediator.lock.yml-430-435 (1)
430-435: ⚠️ Potential issue | 🟠 Major

Add go-version-file input to the source workflow.

The imported fragment gh-aw-fragments/runtime-setup.md references inputs['go-version-file'], but this input is not declared in the source workflow's on.workflow_call.inputs. Callers cannot pass custom version-file paths.

Add the input to .github/workflows/gh-aw-stale-issues-remediator.md, then recompile:
go-version-file:
  description: "Path to the Go version file"
  type: string
  required: false
  default: go.mod
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-stale-issues-remediator.lock.yml around lines 430 -
435, The source workflow is missing the inputs['go-version-file'] declaration
referenced by the imported fragment (gh-aw-fragments/runtime-setup.md); add a
new workflow_call input named go-version-file under on.workflow_call.inputs with
type: string, required: false, default: "go.mod" and a brief description ("Path
to the Go version file"), then recompile the workflow so the actions/setup-go
step can read inputs['go-version-file'] correctly.
.github/workflows/gh-aw-fragments/runtime-setup.md-5-5 (1)
5-5: ⚠️ Potential issue | 🟠 Major

Review setup-go v6 breaking changes before merging.

actions/setup-go@v6 introduces breaking changes from v5:

Cache key behavior changed: now uses go.mod instead of go.sum by default. Existing cache entries won't match, causing performance regression until new caches accumulate. If caching matters for CI speed, verify this impact or configure cache-dependency-path if needed.

Go toolchain support: v6 now respects the toolchain directive in go.mod (if present), which can silently change the Go version installed compared to v5.

Runner requirement: GitHub Actions Runner v2.327.1+ needed (usually satisfied by GitHub-hosted runners, but relevant for self-hosted).

Ensure the CI environment supports these changes and acceptable with the cache reset.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-fragments/runtime-setup.md at line 5, The workflow
currently uses actions/setup-go@v6 which has breaking changes; review and decide
whether to (a) pin back to actions/setup-go@v5, (b) explicitly set cache
behavior via the cache-dependency-path input to restore previous caching
semantics, and/or (c) ensure the desired Go version by adding an explicit
toolchain directive or specifying the Go version input so v6 doesn't pick a
different toolchain from go.mod; also confirm runners meet the v2.327.1+
requirement for v6 if using self-hosted runners.
.github/workflows/gh-aw-project-summary.lock.yml-558-563 (1)
558-563: ⚠️ Potential issue | 🟠 Major

Declare go-version-file as a reusable workflow input.

Lines 558–563 reference inputs['go-version-file'], but this input is not declared in on.workflow_call.inputs. Reusable workflows require all referenced inputs to be declared; callers will fail validation if they attempt to pass an undeclared input.

Add the input declaration to the source .md file (or the imported fragment), then re-run gh aw compile to regenerate the .lock.yml:
Example declaration
go-version-file:
  type: string
  description: Path to the Go version file for setup-go; falls back to go.mod when unset
  required: false
  default: ""
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-project-summary.lock.yml around lines 558 - 563, The
reusable workflow references inputs['go-version-file'] but that input is not
declared in on.workflow_call.inputs; add a declaration named go-version-file
(type: string, required: false, default: "" and a short description like "Path
to the Go version file; falls back to go.mod") to the source workflow inputs
(the .md fragment or imported inputs) and then re-run `gh aw compile` to
regenerate the .lock.yml so the Setup Go step (uses: actions/setup-go) has a
valid declared input.
.github/workflows/gh-aw-refactor-opportunist.lock.yml-612-617 (1)
612-617: ⚠️ Potential issue | 🟠 Major

Add cache-dependency-path to setup-go in the runtime-setup fragment.

The Setup Go step in gh-aw-fragments/runtime-setup.md uses go-version-file: ${{ inputs['go-version-file'] || 'go.mod' }} to read the Go version from a configurable file, but omits cache-dependency-path. Without it, actions/setup-go@v6 defaults to a root-level dependency file for its cache key, causing cache misses or incorrect restoration for non-root version files.

Add cache-dependency-path: ${{ inputs['go-version-file'] || 'go.mod' }} to the with: block to align caching behavior with the version file location.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-refactor-opportunist.lock.yml around lines 612 -
617, The Setup Go step (uses: actions/setup-go@4b73464...) is missing the
cache-dependency-path input, which causes the action to compute a cache key from
the repository root instead of the configurable go-version file; update the
runtime Setup Go step to add cache-dependency-path: ${{
inputs['go-version-file'] || 'go.mod' }} inside the with: block alongside
go-version-file to ensure the cache key is derived from the same file used for
version selection.
.github/workflows/gh-aw-small-problem-fixer.lock.yml-518-523 (1)
518-523: ⚠️ Potential issue | 🟠 Major

Declare go-version-file in workflow_call.inputs or this imported runtime setup stays unusable.

The .github/workflows/gh-aw-fragments/runtime-setup.md fragment (imported on line 6 of the main workflow) uses inputs['go-version-file'] at lines 4 and 7, but gh-aw-small-problem-fixer.md never declares that input in workflow_call.inputs. When compiled, the .lock.yml inherits this gap. Any caller trying to pass go-version-file will be rejected as an invalid input.
Proposed fix
   workflow_call:
     inputs:
+      go-version-file:
+        description: Path to the Go version file used by Setup Go
+        required: false
+        type: string
       setup-commands:
Add this input to .github/workflows/gh-aw-small-problem-fixer.md, then re-run gh aw compile to regenerate the .lock.yml.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-small-problem-fixer.lock.yml around lines 518 - 523,
The workflow is missing a declaration for the input key go-version-file
referenced by runtime-setup.md via workflow_call.inputs, causing callers to be
rejected; fix by adding a workflow_call.inputs entry named go-version-file
(string, optional or with a default like 'go.mod' as appropriate) to the
gh-aw-small-problem-fixer workflow manifest so inputs['go-version-file'] is
valid, then re-run the workflow compiler (gh aw compile) to regenerate the
.lock.yml.
.github/workflows/gh-aw-product-manager-impersonator.lock.yml-638-643 (1)
638-643: ⚠️ Potential issue | 🟠 Major

Declare go-version-file input in the source .md file.

The Setup Go step at line 643 references inputs['go-version-file'], but this input is not declared in the workflow's on.workflow_call.inputs block. Add the go-version-file input to .github/workflows/gh-aw-product-manager-impersonator.md so callers can override the path. Since .lock.yml files are generated by gh aw compile, make the change in the source .md file.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-product-manager-impersonator.lock.yml around lines
638 - 643, Add a new workflow_call input named "go-version-file" to the source
markdown workflow (.github/workflows/gh-aw-product-manager-impersonator.md) by
updating the on.workflow_call.inputs block to declare go-version-file (default
"go.mod") so callers can override the go version file; do this change in the .md
source (not the generated .lock.yml) so subsequent gh aw compile will regenerate
the lock file and the actions/setup-go step that references
inputs['go-version-file'] will be valid.
.github/workflows/agent-deep-dive.lock.yml-540-545 (1)
540-545: ⚠️ Potential issue | 🟠 Major

Add go-version-file to agent-deep-dive.md workflow inputs.

The compiled workflow (lines 540-545) uses inputs['go-version-file'], but the source agent-deep-dive.md only declares target-workflow and run-count. Add the input to the source workflow's workflow_dispatch section alongside run-count, then recompile the lockfile via gh aw compile.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/agent-deep-dive.lock.yml around lines 540 - 545, The
compiled workflow references inputs['go-version-file'] but the source workflow
agent-deep-dive.md doesn't declare it; update agent-deep-dive.md's
workflow_dispatch inputs to add a go-version-file input alongside run-count
(e.g., name: go-version-file, with a sensible default like 'go.mod' or empty),
save the file, then recompile the lockfile by running gh aw compile to
regenerate .github/workflows/agent-deep-dive.lock.yml so the compiled workflow
and source inputs stay in sync.
.github/workflows/gh-aw-pr-labeler.lock.yml-413-418 (1)
413-418: ⚠️ Potential issue | 🟠 Major

Declare go-version-file input in workflow_call.

The imported fragment gh-aw-fragments/runtime-setup.md uses inputs['go-version-file'], but this reusable workflow never declares that input in on.workflow_call.inputs. Callers therefore cannot pass a custom path, making the setup-go configurability inaccessible. Add the input declaration to .github/workflows/gh-aw-pr-labeler.md:
go-version-file:
  description: "Path to the Go version file"
  type: string
  required: false
  default: "go.mod"
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-pr-labeler.lock.yml around lines 413 - 418, The
workflow uses inputs['go-version-file'] in the runtime-setup fragment but never
declares it in on.workflow_call.inputs, so add a new input named go-version-file
with description "Path to the Go version file", type: string, required: false
and default: "go.mod" under the workflow_call inputs to make the value
configurable; this will ensure the setup-go step (which reads
inputs['go-version-file'] or 'go.mod') can accept a caller-provided path.
.github/workflows/gh-aw-performance-profiler.md-54-58 (1)
54-58: ⚠️ Potential issue | 🟠 Major

Thread go-version-file through the profiling instructions.

The input only reaches toolchain setup. Lines 104 and 122 still hardcode root-level go.mod detection and go test -bench=... execution, so repositories with nested modules will be misdetected or profiled from the wrong directory.
Suggested follow-up
-   - Check for `go.mod`, `package.json`, `pyproject.toml`, `Gemfile`, `Cargo.toml`, `pom.xml`, `build.gradle`, or similar.
+   - Check for `${{ inputs['go-version-file'] }}`, `package.json`, `pyproject.toml`, `Gemfile`, `Cargo.toml`, `pom.xml`, `build.gradle`, or similar.
...
- - **Go**: Run benchmarks with `go test -bench=. -benchmem -cpuprofile=cpu.prof -memprofile=mem.prof -count=5`. Use `go tool pprof` to identify top functions. If no benchmarks exist, write a minimal benchmark for the identified hot path.
+ - **Go**: Derive the module directory from `${{ inputs['go-version-file'] }}` and run Go discovery and benchmarks there, for example by `cd "$(dirname "${{ inputs['go-version-file'] }}")"` before `go test -bench=. -benchmem -cpuprofile=cpu.prof -memprofile=mem.prof -count=5`. Use `go tool pprof` to identify top functions. If no benchmarks exist, write a minimal benchmark for the identified hot path.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-performance-profiler.md around lines 54 - 58, The
workflow currently hardcodes root-level go.mod when detecting module and running
benchmarks; thread the existing input "go-version-file" through the remaining
steps so the detection and benchmark steps use that path instead of a hardcoded
"go.mod". Update the module-detection step to resolve the actual module
directory by locating the nearest go.mod at the path given by "go-version-file"
(or falling back to repository root) and export that directory (e.g., as
MODULE_DIR), then change the steps that run "go test -bench=..." to cd into the
resolved MODULE_DIR (or set working-directory) so tests/benchmarks run in the
correct nested module. Ensure all references to "go.mod" in detection and
benchmark steps are replaced by the input variable "go-version-file" and the
resolved MODULE_DIR.
.github/workflows/gh-aw-branch-actions-detective.lock.yml-513-518 (1)
513-518: ⚠️ Potential issue | 🟠 Major

Declare go-version-file in this reusable workflow's inputs.

The setup-go step (lines 513-518) references inputs['go-version-file'], but this workflow never declares it under on.workflow_call.inputs. Callers cannot pass a custom Go version file because the input doesn't exist for them to set. Add go-version-file to the input definitions in the source .md file and recompile the lockfile.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-branch-actions-detective.lock.yml around lines 513 -
518, The reusable workflow references inputs['go-version-file'] in the Setup Go
step but that input is not declared under on.workflow_call.inputs; add a new
input named go-version-file to the workflow's inputs (the source .md that
generates the workflow) with an appropriate description and default ('go.mod'),
update any schema/usage docs, then recompile/regenerate the lockfile so the
compiled .yml includes go-version-file and callers can pass a custom Go version
file; ensure the Setup Go step still uses inputs['go-version-file'] and any
hashFiles guard remains correct.
.github/workflows/gh-aw-pr-review-addresser.lock.yml-549-554 (1)
549-554: ⚠️ Potential issue | 🟠 Major

Add go-version-file to workflow_call.inputs in the source .md file.

Lines 549-554 use inputs['go-version-file'], but this input is not declared in the workflow's workflow_call.inputs block. Callers cannot pass this input, making the fallback behavior permanent. Add the input declaration to the source .md file and regenerate the .lock.yml via gh aw compile.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-pr-review-addresser.lock.yml around lines 549 - 554,
The workflow uses inputs['go-version-file'] in the compiled lock file but the
source workflow's workflow_call.inputs block is missing the go-version-file
declaration; update the source .md workflow definition to add a
workflow_call.inputs entry named go-version-file (with an appropriate type and
default or description) so callers can pass it, then regenerate the lockfile by
running gh aw compile to produce the updated
.github/workflows/gh-aw-pr-review-addresser.lock.yml; look for the Setup Go step
and the inputs['go-version-file'] reference to validate the change.
.github/workflows/gh-aw-stale-issues-investigator.lock.yml-606-611 (1)
606-611: ⚠️ Potential issue | 🟠 Major

Declare go-version-file input in the source .md file.

Lines 606–611 reference inputs['go-version-file'], but this input is not declared in workflow_call.inputs (lines 46–81). Without the declaration, callers cannot customize the Go version file path.

Add to .github/workflows/gh-aw-stale-issues-investigator.md:
Required source change
+      go-version-file:
+        description: "Path to the Go version file used by Setup Go"
+        type: string
+        required: false
+        default: ""
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-stale-issues-investigator.lock.yml around lines 606
- 611, Add a missing workflow input declaration for inputs['go-version-file'] so
callers can override the Go version file path: update the workflow_call.inputs
section (the declaration block referenced in the PR) in the source
.github/workflows/gh-aw-stale-issues-investigator.md to include a
go-version-file input (name: go-version-file, description, required: false, and
a default like "go.mod"), ensuring the lock/workflow can safely reference
inputs['go-version-file'] in the Setup Go step.
.github/workflows/gh-aw-autonomy-atomicity-analyzer.lock.yml-589-594 (1)
589-594: ⚠️ Potential issue | 🟠 Major

Add the missing go-version-file input to the source .md file.

Lines 589-594 of the lock file reference inputs['go-version-file'], but this input is not declared in the source .md file's workflow_call.inputs block (lines 22-52). Callers cannot provide a custom Go version file path, making the Go setup unusable for non-root go.mod scenarios.

Add the following to the inputs: section of .github/workflows/gh-aw-autonomy-atomicity-analyzer.md:
+      go-version-file:
+        default: ""
+        description: Path to the Go version file used by Setup Go
+        required: false
+        type: string
The .lock.yml file will be automatically regenerated when gh aw compile is run.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-autonomy-atomicity-analyzer.lock.yml around lines
589 - 594, Add a new workflow_call input named "go-version-file" to the inputs:
block in the source .github/workflows/gh-aw-autonomy-atomicity-analyzer.md so
callers can supply a custom Go version file path; update the inputs section (the
workflow_call.inputs block referenced in lines 22-52) to include the
go-version-file entry (with an appropriate description and default, e.g.,
'go.mod'), and then run "gh aw compile" to regenerate the .lock.yml so the lock
file's reference to inputs['go-version-file'] is valid.
.github/workflows/gh-aw-newbie-contributor-fixer.lock.yml-501-506 (1)
501-506: ⚠️ Potential issue | 🟠 Major

Add go-version-file to workflow_call.inputs in the source .md file.

The lock file's Setup Go step (lines 501-506) references inputs['go-version-file'], but this input is never declared in the source workflow's workflow_call.inputs block. Update .github/workflows/gh-aw-newbie-contributor-fixer.md to expose this input:
Required source change
      draft-prs:
        description: "Whether to create pull requests as drafts"
        type: boolean
        required: false
        default: true
+     go-version-file:
+       description: "Path to the Go version file"
+       type: string
+       required: false
+       default: "go.mod"
    secrets:
      COPILOT_GITHUB_TOKEN:
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-newbie-contributor-fixer.lock.yml around lines 501 -
506, Add an input named go-version-file to the workflow_call.inputs block in the
source workflow metadata so the locked workflow can reference it; specifically,
declare an input key "go-version-file" (type: string, default: "go.mod", with a
short description) under workflow_call.inputs in the source .md workflow
definition so that uses of inputs['go-version-file'] resolve correctly at
runtime.
.github/workflows/gh-aw-breaking-change-detector.lock.yml-591-596 (1)
591-596: ⚠️ Potential issue | 🟠 Major

Add go-version-file input to the workflow definition.

The imported runtime-setup.md fragment uses inputs['go-version-file'], but the workflow's workflow_call.inputs section never declares it. Add the input definition to the source .md file, then recompile.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-breaking-change-detector.lock.yml around lines 591 -
596, The workflow imports runtime-setup.md but never declares the
go-version-file input referenced as inputs['go-version-file']; update the
runtime-setup.md fragment to add a workflow_call.inputs entry for
go-version-file (e.g., name: go-version-file, description and optional/default
as appropriate) so the action can reference inputs['go-version-file'] safely,
then recompile the workflow to regenerate
.github/workflows/gh-aw-breaking-change-detector.lock.yml; look for the
workflow_call.inputs block in runtime-setup.md and add the new input there.
.github/workflows/gh-aw-internal-gemini-cli-web-search.lock.yml-520-525 (1)
520-525: ⚠️ Potential issue | 🟠 Major

The go-version-file input is missing from the source workflow.

The .md source file must declare workflow_call.inputs.go-version-file before the compiled .lock.yml can properly reference it. The runtime-setup.md fragment uses this input, but it's not declared in .github/workflows/gh-aw-internal-gemini-cli-web-search.md. Add the input declaration to the source and re-run gh aw compile.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-internal-gemini-cli-web-search.lock.yml around lines
520 - 525, Add a missing workflow input declaration for "go-version-file" to the
source workflow so the compiled lock file can reference it; in the
workflow_call.inputs section add an entry named go-version-file (e.g., type:
string and a default like "go.mod" or leave empty if you prefer) so
runtime-setup.md can use inputs['go-version-file'], then re-run "gh aw compile"
to regenerate the .lock.yml.
.github/workflows/gh-aw-internal-gemini-cli.lock.yml-525-530 (1)
525-530: ⚠️ Potential issue | 🟠 Major

Add the go-version-file input to the workflow definition.

The lockfile at line 530 references inputs['go-version-file'], but this input is not declared in the source .md file's workflow_call.inputs section. Callers cannot pass a custom Go version file path until the input is formally declared. Update the source .md file to add the input definition, then recompile with gh aw compile.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-internal-gemini-cli.lock.yml around lines 525 - 530,
The workflow references inputs['go-version-file'] but that input is not
declared; update the workflow_call.inputs in the source .md file to add a
go-version-file input (matching the key used in the lockfile) with an
appropriate type/default/description, then recompile the workflow with the
command gh aw compile so the lockfile
(.github/workflows/gh-aw-internal-gemini-cli.lock.yml) is regenerated; look for
and edit the workflow_call.inputs block in the source .md and ensure the input
name exactly matches "go-version-file".
.github/workflows/gh-aw-estc-docs-patrol-external.lock.yml-590-595 (1)
590-595: ⚠️ Potential issue | 🟠 Major

Add go-version-file input to workflow interface.

Line 595 uses inputs['go-version-file'], but this input is not declared in the workflow_call.inputs block of the source .md file. Callers cannot provide this parameter. Add it to the source workflow and regenerate the lockfile.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-estc-docs-patrol-external.lock.yml around lines 590
- 595, Add a new workflow input named "go-version-file" to the
workflow_call.inputs section in the source workflow (.md) so callers can pass
that parameter; update the inputs block to declare go-version-file (with a
sensible default like "go.mod" or leave optional) and then regenerate the
workflow lockfile (.github/workflows/...lock.yml) so the changed input is
reflected (this fixes the references to inputs['go-version-file'] used by the
Setup Go step).
.github/workflows/gh-aw-mention-in-issue.lock.yml-560-565 (1)
560-565: ⚠️ Potential issue | 🟠 Major

Add go-version-file input to the source workflow.

The source .md file imports gh-aw-fragments/runtime-setup.md, which references inputs['go-version-file'] in its Setup Go step. However, workflow_call.inputs in .github/workflows/gh-aw-mention-in-issue.md doesn't declare this input. Add it following the pattern from gh-aw-performance-profiler.md:
go-version-file:
  description: "Path to the Go version file"
  type: string
  required: false
  default: "go.mod"
Then recompile to regenerate the .lock.yml file.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-mention-in-issue.lock.yml around lines 560 - 565,
Add a new workflow_call input named go-version-file to the source workflow
(.github/workflows/gh-aw-mention-in-issue.md) so that inputs['go-version-file']
referenced by gh-aw-fragments/runtime-setup.md is declared; follow the pattern
used in gh-aw-performance-profiler.md (description, type: string, required:
false, default: "go.mod"), commit the change and re-run the workflow compilation
step to regenerate the updated .lock.yml file.
.github/workflows/gh-aw-pr-review.lock.yml-560-565 (1)
560-565: ⚠️ Potential issue | 🟠 Major

Declare go-version-file input before using it in setup-go.

The source workflow imports gh-aw-fragments/runtime-setup.md which references inputs['go-version-file'] in the setup-go step, but workflow_call.inputs in gh-aw-pr-review.md does not declare this input. Callers attempting to pass go-version-file will be rejected by GitHub as using an undeclared reusable-workflow input. Add the input definition to the source .md file and recompile.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-pr-review.lock.yml around lines 560 - 565, The
workflow uses inputs['go-version-file'] in the setup-go step (actions/setup-go)
but that input isn't declared on the reusable workflow interface; add a new
workflow_call.inputs entry named go-version-file in the source reusable-workflow
(the gh-aw-pr-review.md workflow definition referenced by
gh-aw-fragments/runtime-setup.md) so callers can pass it; ensure the input has a
sensible default (e.g., 'go.mod') and correct type/description, then recompile
the fragment file gh-aw-fragments/runtime-setup.md to include the declared
input.
.github/workflows/upgrade-check.lock.yml-541-546 (1)
541-546: ⚠️ Potential issue | 🟠 Major

Add cache-dependency-path to wire caching to the configurable Go version file.

The Go setup step supports non-root go.mod via go-version-file input, but actions/setup-go@v6 caches against the repo-root by default. When a non-root path is used, the cache will miss unless cache-dependency-path is also set to match. Add cache-dependency-path: ${{ inputs['go-version-file'] || 'go.mod' }} to ./.github/workflows/gh-aw-fragments/runtime-setup.md.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/upgrade-check.lock.yml around lines 541 - 546, The "Setup
Go" step (uses: actions/setup-go@v6) uses the go-version-file input but doesn't
set cache-dependency-path, which causes cache misses when go.mod is not at repo
root; update the "Setup Go" step in
./.github/workflows/gh-aw-fragments/runtime-setup.md to add
cache-dependency-path: ${{ inputs['go-version-file'] || 'go.mod' }} alongside
the existing with block (where go-version-file and cache are set) so the
actions/setup-go cache keys include the configured go.mod path.
.github/workflows/gh-aw-pr-actions-fixer.lock.yml-514-519 (1)
514-519: ⚠️ Potential issue | 🟠 Major

Expose go-version-file as a workflow input.

Lines 514-519 reference inputs['go-version-file'], but the workflow's on.workflow_call.inputs block does not declare this input. Callers cannot pass a custom Go version file; it will always fall back to go.mod. Add go-version-file to the source workflow's input definitions, then recompile.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-pr-actions-fixer.lock.yml around lines 514 - 519,
The workflow references inputs['go-version-file'] but that input is not declared
in the workflow's on.workflow_call.inputs block; add a new input named
go-version-file to on.workflow_call.inputs (with an appropriate description and
default of 'go.mod' or empty as desired) so callers can pass a custom file, then
recompile the workflow to update the lock file; ensure the new input name
exactly matches inputs['go-version-file'] used in the Setup Go step.

🟡 Minor comments (4)

.github/workflows/gh-aw-docs-drift.lock.yml-604-609 (1)
604-609: ⚠️ Potential issue | 🟡 Minor

Missing go-version-file input declaration. The workflow references inputs['go-version-file'] on lines 604 and 609, but this input is not declared in the inputs section (lines 53-88). The undefined input will always fall back to 'go.mod', making the pattern functionally equivalent to hardcoded 'go.mod' but with misleading code that suggests configurable behavior.

Add the input to restore clarity:
Suggested input declaration
go-version-file:
  default: go.mod
  description: Path to go.mod or other Go version file
  required: false
  type: string
Alternatively, remove the pattern and hardcode 'go.mod' if this workflow does not need to support custom Go version files.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-docs-drift.lock.yml around lines 604 - 609, The
workflow references inputs['go-version-file'] in the conditional and setup-go
step but that input is not declared; either declare a new input named
go-version-file (set type: string, required: false, default: "go.mod", and
provide a description like "Path to go.mod or other Go version file") in the
workflow inputs block, or simplify the steps to use the hardcoded 'go.mod' value
and remove the inputs['go-version-file'] pattern; update the inputs section or
the conditional/with keys accordingly to keep names consistent with the existing
uses.
.github/workflows/gh-aw-agent-suggestions.lock.yml-585-590 (1)
585-590: ⚠️ Potential issue | 🟡 Minor

Source .md file should declare go-version-file input for the imported fragment.

The lock file correctly shows the Go setup step because gh-aw-agent-suggestions.md imports runtime-setup.md, which references inputs['go-version-file'] on line 4 of the fragment. However, the source .md file does not declare this input in its inputs section (lines 47-77). When a workflow imports a fragment that uses workflow inputs, those inputs must be declared in the calling workflow.

Add the go-version-file input to the source .md file's inputs section if this workflow should allow callers to customize the Go version file path.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-agent-suggestions.lock.yml around lines 585 - 590,
The workflow fragment import uses inputs['go-version-file'] but the source
markdown's inputs section lacks a declaration for go-version-file; add an inputs
entry named go-version-file (type: string) to the source .md's inputs block (the
same inputs section currently at lines ~47-77) with a sensible default such as
"go.mod" and a short description so callers can customize the Go version file
path referenced by the runtime-setup fragment.
.github/workflows/gh-aw-information-architecture.lock.yml-592-592 (1)
592-592: ⚠️ Potential issue | 🟡 Minor

Consider using a modern v6.x.x release instead of the legacy major-version tag.

The SHA 4b73464bb391d4059bd26b0524d20df3927bd417 is valid for the v6 tag, but it's the legacy major-version release line, not the modern semantic-versioned releases (v6.0.0, v6.1.0, etc.) available on the Releases page. Using a specific v6.x.x version or v6 with a more recent commit would provide better stability and ensure access to bug fixes from the modern release line.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-information-architecture.lock.yml at line 592,
Update the GitHub Action step that pins setup-go to the legacy SHA
`actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417` and instead
reference a modern semantic v6 release (e.g., `actions/setup-go@v6.1.0` or the
latest `v6.x.x`) or the floating `v6` tag pointing at a recent commit; change
the `uses:` value in the step using `actions/setup-go` so the workflow uses the
semantic-versioned v6 release line for improved stability and access to current
fixes.
.github/workflows/gh-aw-mention-in-issue-no-sandbox.lock.yml-556-561 (1)
556-561: ⚠️ Potential issue | 🟡 Minor

Input go-version-file referenced but not declared in workflow inputs.

The Go setup block (line 561) references inputs['go-version-file'], but this input isn't defined in the input schema (lines 48-78). Callers cannot customize the Go version file; it always falls back to 'go.mod'.

If configurable Go version files are intended, add the input definition to the source .md file before regenerating the .lock.yml.

The actions/setup-go@v6 SHA is correct.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-mention-in-issue-no-sandbox.lock.yml around lines
556 - 561, The workflow references an undeclared input inputs['go-version-file']
in the conditional and the actions/setup-go block, preventing callers from
customizing the Go version file; add a new workflow input named go-version-file
(e.g., in the inputs section currently around the top of the workflow's source
.md) with a sensible default like "go.mod" and regenerate the .lock.yml so the
conditional if: hashFiles(inputs['go-version-file'] || 'go.mod') and the with:
go-version-file: ${{ inputs['go-version-file'] || 'go.mod' }} correctly use the
declared input when provided; ensure the input name exactly matches
inputs['go-version-file'] and update any documentation in the source .md
accordingly before locking.

🧹 Nitpick comments (2)

.github/workflows/gh-aw-code-quality-audit.lock.yml (1)
604-609: Expose go-version-file on the reusable workflow or this stays go.mod-only.

workflow_call.inputs in this file does not declare go-version-file. GitHub only exposes inputs defined in the reusable workflow, and missing properties evaluate empty, so callers still cannot pass a custom version file here and this expression collapses to go.mod. If this workflow is meant to support the new behavior too, add the input in its source .md and recompile. (docs.github.com)

Based on learnings, .lock.yml files in this repo are generated by gh aw compile; update the corresponding source .md file, not the lockfile directly.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/gh-aw-code-quality-audit.lock.yml around lines 604 - 609,
The reusable workflow does not declare the workflow_call.inputs property for
go-version-file so callers cannot pass a custom file and the expression defaults
to 'go.mod'; to fix, add an input named go-version-file under
workflow_call.inputs in the source reusable-workflow markdown (declare type:
string and a sensible default or make it optional), update any usage docs in
that same .md, then regenerate the lockfile by running the repository's
generator (gh aw compile) so the compiled .lock.yml includes the new input and
the conditional using inputs['go-version-file'] will work as intended.
.github/workflows/agent-efficiency.lock.yml (1)
506-511: Verify the inputs context on scheduled runs.

This workflow runs on schedule, but GitHub documents inputs as available only in reusable workflows or runs triggered by workflow_dispatch. Please confirm inputs['go-version-file'] || 'go.mod' is valid on the scheduled path here; otherwise keep the literal go.mod or add a dispatch input in the source workflow. (docs.github.com)

Based on learnings, .lock.yml files in this repo are generated by gh aw compile; update the corresponding source .md file, not the lockfile directly.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/agent-efficiency.lock.yml around lines 506 - 511, The
scheduled-run branch incorrectly relies on inputs['go-version-file'] (used in
the condition and the with: go-version-file value); because inputs are only
present for reusable workflows or workflow_dispatch triggers, change the
setup-go step to use a literal 'go.mod' for scheduled runs (e.g., replace
inputs['go-version-file'] || 'go.mod' with 'go.mod'), or alternatively add a
workflow_dispatch input in the source workflow so inputs['go-version-file'] is
defined; since this .lock.yml is generated, make the change in the source .md
that gh aw compile uses (update the source workflow definition to provide the
input or to default to 'go.mod') rather than editing the lockfile directly.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: cbda2f91-a802-4869-9e5b-7ca3b3626814

📥 Commits

Reviewing files that changed from the base of the PR and between 3347822 and 167a535.

📒 Files selected for processing (70)

.github/aw/actions-lock.json
.github/workflows/agent-deep-dive.lock.yml
.github/workflows/agent-efficiency.lock.yml
.github/workflows/gh-aw-agent-suggestions.lock.yml
.github/workflows/gh-aw-autonomy-atomicity-analyzer.lock.yml
.github/workflows/gh-aw-branch-actions-detective.lock.yml
.github/workflows/gh-aw-breaking-change-detect.lock.yml
.github/workflows/gh-aw-breaking-change-detector.lock.yml
.github/workflows/gh-aw-bug-exterminator.lock.yml
.github/workflows/gh-aw-bug-hunter.lock.yml
.github/workflows/gh-aw-code-duplication-detector.lock.yml
.github/workflows/gh-aw-code-duplication-fixer.lock.yml
.github/workflows/gh-aw-code-quality-audit.lock.yml
.github/workflows/gh-aw-code-simplifier.lock.yml
.github/workflows/gh-aw-create-pr-from-issue.lock.yml
.github/workflows/gh-aw-deep-research.lock.yml
.github/workflows/gh-aw-dependency-review.lock.yml
.github/workflows/gh-aw-docs-drift.lock.yml
.github/workflows/gh-aw-docs-patrol.lock.yml
.github/workflows/gh-aw-estc-actions-resource-not-accessible-detector.lock.yml
.github/workflows/gh-aw-estc-docs-patrol-external.lock.yml
.github/workflows/gh-aw-estc-docs-pr-review.lock.yml
.github/workflows/gh-aw-estc-downstream-health.lock.yml
.github/workflows/gh-aw-estc-newbie-contributor-patrol-external.lock.yml
.github/workflows/gh-aw-estc-pr-buildkite-detective.lock.yml
.github/workflows/gh-aw-flaky-test-investigator.lock.yml
.github/workflows/gh-aw-fragments/runtime-setup.md
.github/workflows/gh-aw-framework-best-practices.lock.yml
.github/workflows/gh-aw-information-architecture.lock.yml
.github/workflows/gh-aw-internal-gemini-cli-web-search.lock.yml
.github/workflows/gh-aw-internal-gemini-cli.lock.yml
.github/workflows/gh-aw-issue-fixer.lock.yml
.github/workflows/gh-aw-issue-triage.lock.yml
.github/workflows/gh-aw-mention-in-issue-by-id.lock.yml
.github/workflows/gh-aw-mention-in-issue-no-sandbox.lock.yml
.github/workflows/gh-aw-mention-in-issue.lock.yml
.github/workflows/gh-aw-mention-in-pr-by-id.lock.yml
.github/workflows/gh-aw-mention-in-pr-no-sandbox.lock.yml
.github/workflows/gh-aw-mention-in-pr.lock.yml
.github/workflows/gh-aw-newbie-contributor-fixer.lock.yml
.github/workflows/gh-aw-newbie-contributor-patrol.lock.yml
.github/workflows/gh-aw-performance-profiler.lock.yml
.github/workflows/gh-aw-performance-profiler.md
.github/workflows/gh-aw-plan.lock.yml
.github/workflows/gh-aw-pr-actions-detective.lock.yml
.github/workflows/gh-aw-pr-actions-fixer.lock.yml
.github/workflows/gh-aw-pr-ci-detective.lock.yml
.github/workflows/gh-aw-pr-labeler.lock.yml
.github/workflows/gh-aw-pr-review-addresser.lock.yml
.github/workflows/gh-aw-pr-review.lock.yml
.github/workflows/gh-aw-product-manager-impersonator.lock.yml
.github/workflows/gh-aw-project-summary.lock.yml
.github/workflows/gh-aw-refactor-opportunist.lock.yml
.github/workflows/gh-aw-release-update.lock.yml
.github/workflows/gh-aw-scheduled-audit.lock.yml
.github/workflows/gh-aw-scheduled-fix.lock.yml
.github/workflows/gh-aw-small-problem-fixer.lock.yml
.github/workflows/gh-aw-stale-issues-investigator.lock.yml
.github/workflows/gh-aw-stale-issues-remediator.lock.yml
.github/workflows/gh-aw-stale-issues.lock.yml
.github/workflows/gh-aw-test-coverage-detector.lock.yml
.github/workflows/gh-aw-test-improvement.lock.yml
.github/workflows/gh-aw-test-improver.lock.yml
.github/workflows/gh-aw-text-auditor.lock.yml
.github/workflows/gh-aw-text-beautifier.lock.yml
.github/workflows/gh-aw-update-pr-body.lock.yml
.github/workflows/gh-aw-ux-design-patrol.lock.yml
.github/workflows/internal-downstream-health.lock.yml
.github/workflows/upgrade-check.lock.yml
.github/workflows/workflow-patrol.lock.yml

coderabbitai · 2026-03-12T14:28:48Z

.github/workflows/gh-aw-breaking-change-detect.lock.yml

+      - if: hashFiles(inputs['go-version-file'] || 'go.mod') != ''
        name: Setup Go
-        uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5
+        uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6
        with:
          cache: true
-          go-version-file: go.mod
+          go-version-file: ${{ inputs['go-version-file'] || 'go.mod' }}


⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash # Verify that go-version-file input is missing from workflow inputs echo "=== Checking workflow inputs section ===" rg -n 'go-version-file' .github/workflows/gh-aw-breaking-change-detect.lock.yml || echo "Input 'go-version-file' not found in file" echo "" echo "=== Listing all declared inputs ===" sed -n '/^ inputs:/,/^ outputs:/p' .github/workflows/gh-aw-breaking-change-detect.lock.yml | head -60

Repository: elastic/ai-github-actions

Length of output: 1324

🏁 Script executed:

# Find the source .md file corresponding to the .lock.yml file fd -t f 'gh-aw-breaking-change-detect.md' .github/workflows/

Repository: elastic/ai-github-actions

Length of output: 51

🏁 Script executed:

# Check if the source .md file exists and examine its inputs section if [ -f ".github/workflows/gh-aw-breaking-change-detect.md" ]; then echo "=== Source file found. Checking inputs section ===" sed -n '/^### Inputs/,/^###/p' ".github/workflows/gh-aw-breaking-change-detect.md" | head -100 fi

Repository: elastic/ai-github-actions

Length of output: 51

🏁 Script executed:

# Also check git status to see if the .md file was modified in this PR git diff --name-only HEAD~1..HEAD 2>/dev/null | grep -E 'gh-aw-breaking-change-detect' || echo "Git info unavailable"

Repository: elastic/ai-github-actions

Length of output: 89

🏁 Script executed:

# List all files in .github/workflows/ directory ls -la .github/workflows/ | grep -E '\.(md|lock\.yml)$'

Repository: elastic/ai-github-actions

Length of output: 10765

🏁 Script executed:

# Check the full directory structure find .github/workflows/ -type f -name '*.md' -o -name '*.lock.yml' | sort

Repository: elastic/ai-github-actions

Length of output: 8509

🏁 Script executed:

# Check git log for the lock file (if available) git log --oneline .github/workflows/gh-aw-breaking-change-detect.lock.yml 2>/dev/null | head -10 || echo "Git log unavailable"

Repository: elastic/ai-github-actions

Length of output: 117

🏁 Script executed:

# Check if go-version-file is declared in the source .md file grep -n "go-version-file" .github/workflows/gh-aw-breaking-change-detector.md

Repository: elastic/ai-github-actions

Length of output: 51

🏁 Script executed:

# Check the inputs section of the source .md file sed -n '/^### Inputs/,/^###/p' .github/workflows/gh-aw-breaking-change-detector.md | head -100

Repository: elastic/ai-github-actions

Length of output: 51

🏁 Script executed:

# Compare the two lock files - check if one is a copy/orphan wc -l .github/workflows/gh-aw-breaking-change-detect.lock.yml .github/workflows/gh-aw-breaking-change-detector.lock.yml

Repository: elastic/ai-github-actions

Length of output: 209

🏁 Script executed:

# Check if the .md file exists and show its size stat .github/workflows/gh-aw-breaking-change-detector.md

Repository: elastic/ai-github-actions

Length of output: 113

🏁 Script executed:

# Search for "setup-go" or "go-version" in both source .md files to understand context echo "=== In detector.md ===" grep -n "setup-go\|go-version" .github/workflows/gh-aw-breaking-change-detector.md | head -20 echo "" echo "=== Check if detect.lock.yml has a corresponding source (shouldn't) ===" ls -la .github/workflows/gh-aw-breaking-change-detect.md 2>&1

Repository: elastic/ai-github-actions

Length of output: 261

🏁 Script executed:

# List all "breaking-change" related files to clarify ls -1 .github/workflows/ | grep -i breaking

Repository: elastic/ai-github-actions

Length of output: 217

🏁 Script executed:

# Search for inputs section in the detector.md file sed -n '1,100p' .github/workflows/gh-aw-breaking-change-detector.md | head -50

Repository: elastic/ai-github-actions

Length of output: 1704

🏁 Script executed:

# Check if detect.lock.yml references a non-existent source head -20 .github/workflows/gh-aw-breaking-change-detect.lock.yml

Repository: elastic/ai-github-actions

Length of output: 861

🏁 Script executed:

# Compare both files more closely - check the workflow names grep "name:" .github/workflows/gh-aw-breaking-change-detect.lock.yml | head -1 grep "name:" .github/workflows/gh-aw-breaking-change-detector.lock.yml | head -1

Repository: elastic/ai-github-actions

Length of output: 162

🏁 Script executed:

# Check if the detector.md (correct source) has go-version-file input grep -A 5 "go-version-file:" .github/workflows/gh-aw-breaking-change-detector.md

Repository: elastic/ai-github-actions

Length of output: 51

🏁 Script executed:

# Check the detector.lock.yml (correct generated file) for the input declaration sed -n '/^ inputs:/,/^ outputs:/p' .github/workflows/gh-aw-breaking-change-detector.lock.yml | grep -A 10 "go-version-file"

Repository: elastic/ai-github-actions

Length of output: 51

🏁 Script executed:

# Read lines 590-610 from the detector.lock.yml to see the setup-go step sed -n '590,610p' .github/workflows/gh-aw-breaking-change-detector.lock.yml

Repository: elastic/ai-github-actions

Length of output: 1049

🏁 Script executed:

# Check the full inputs section of detector.lock.yml sed -n '/^ inputs:/,/^ outputs:/p' .github/workflows/gh-aw-breaking-change-detector.lock.yml | head -80

Repository: elastic/ai-github-actions

Length of output: 1099

Missing go-version-file input declaration prevents configuration.

The referenced workflow file is a deprecated backwards-compatibility copy. However, the same issue exists in the current file (gh-aw-breaking-change-detector.lock.yml): both files reference inputs['go-version-file'] at the setup-go step, but this input is not declared in the workflow_call.inputs section.

Without the input definition, callers cannot provide a custom go-version-file path—the fallback to 'go.mod' will always be used. Add the input to the source file gh-aw-breaking-change-detector.md:

go-version-file: default: "go.mod" description: Path to go.mod or .go-version file for Go version detection required: false type: string

Then regenerate both lock files with gh aw compile.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed. In @.github/workflows/gh-aw-breaking-change-detect.lock.yml around lines 596 - 601, The workflow references inputs['go-version-file'] in the Setup Go step but that input is not declared in workflow_call.inputs; add a new workflow input named go-version-file (type: string, required: false, default: "go.mod", description: Path to go.mod or .go-version file for Go version detection) to the gh-aw-breaking-change-detector.md workflow inputs so callers can override it, then regenerate the lock files (both gh-aw-breaking-change-detect.lock.yml and gh-aw-breaking-change-detector.lock.yml) by running gh aw compile.

coderabbitai · 2026-03-12T14:28:48Z

.github/workflows/gh-aw-estc-pr-buildkite-detective.lock.yml

+      - if: hashFiles(inputs['go-version-file'] || 'go.mod') != ''
        name: Setup Go
-        uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5
+        uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6
        with:
          cache: true
-          go-version-file: go.mod
+          go-version-file: ${{ inputs['go-version-file'] || 'go.mod' }}


⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash # Check if go-version-file input is defined in any workflow files echo "=== Checking for go-version-file input definition in this workflow ===" rg -n 'go-version-file' .github/workflows/gh-aw-estc-pr-buildkite-detective.lock.yml | head -20 echo "" echo "=== Checking inputs section for this workflow ===" rg -A 50 '^ inputs:' .github/workflows/gh-aw-estc-pr-buildkite-detective.lock.yml | head -60 echo "" echo "=== Checking if other workflows define go-version-file input ===" rg -l 'go-version-file:' .github/workflows/*.yml 2>/dev/null | head -10

Repository: elastic/ai-github-actions

Length of output: 2563

🏁 Script executed:

#!/bin/bash echo "=== Looking for source .md file corresponding to the lock file ===" # The lock file is gh-aw-estc-pr-buildkite-detective.lock.yml # The source should be gh-aw-estc-pr-buildkite-detective.md find .github/workflows -name "*estc-pr-buildkite-detective*" -type f | sort echo "" echo "=== Checking if source .md file has the go-version-file input reference ===" if [ -f ".github/workflows/gh-aw-estc-pr-buildkite-detective.md" ]; then rg -n 'go-version-file' .github/workflows/gh-aw-estc-pr-buildkite-detective.md else echo "Source .md file not found" fi echo "" echo "=== Checking if .md file defines go-version-file as an input ===" if [ -f ".github/workflows/gh-aw-estc-pr-buildkite-detective.md" ]; then rg -A 100 '^## Inputs' .github/workflows/gh-aw-estc-pr-buildkite-detective.md | head -80 fi

Repository: elastic/ai-github-actions

Length of output: 452

🏁 Script executed:

#!/bin/bash echo "=== Reading the source .md file (full content) ===" cat -n .github/workflows/gh-aw-estc-pr-buildkite-detective.md echo "" echo "=== Checking for 'setup-go' in the .md file ===" rg -n 'setup-go' .github/workflows/gh-aw-estc-pr-buildkite-detective.md

Repository: elastic/ai-github-actions

Length of output: 13624

Lock file is out of sync with source .md—do not edit lock files directly.

The lock file references inputs['go-version-file'] on lines 540 and 545, but this input is not declared in the workflow. However, the underlying issue is more fundamental: the entire Go setup step (lines 540–545) does not exist in the corresponding source .md file at all.

Lock files are auto-generated from .md sources via gh aw compile. This mismatch indicates either:

The lock file was manually edited (violates the expected workflow)

The lock file is stale and needs regeneration after source edits

If the Go setup step should be part of this workflow, add it to the source .github/workflows/gh-aw-estc-pr-buildkite-detective.md file and recompile with gh aw compile. Do not edit the .lock.yml file directly.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed. In @.github/workflows/gh-aw-estc-pr-buildkite-detective.lock.yml around lines 540 - 545, The lock file contains a stale/manual Go setup snippet referencing inputs['go-version-file'] that is not declared in the workflow source; do not edit the lock directly—open the authoritative source markdown (the workflow .md) and either add the Go setup step (including declaring the input 'go-version-file' and the actions/setup-go usage) or remove that step from the source if it shouldn't exist, then re-run gh aw compile to regenerate the .lock.yml so inputs['go-version-file'] is declared consistently and the action block (actions/setup-go) is present or absent in both source and lock.

coderabbitai · 2026-03-12T14:28:48Z

.github/workflows/gh-aw-plan.lock.yml

+      - if: hashFiles(inputs['go-version-file'] || 'go.mod') != ''
        name: Setup Go
-        uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5
+        uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6


⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🌐 Web query:

actions/setup-go v6 release SHA

💡 Result:

actions/setup-go v6.0.0 points to commit SHA:

44694675825211faa026b3c33043df3e48a5fa00 [1][2]

Update actions/setup-go SHA to match the official v6 release.

The SHA 4b73464bb391d4059bd26b0524d20df3927bd417 does not correspond to actions/setup-go v6.0.0. The official v6.0.0 release SHA is 44694675825211faa026b3c33043df3e48a5fa00. Update the pinned SHA to match the official release.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed. In @.github/workflows/gh-aw-plan.lock.yml at line 517, Update the pinned commit SHA for the GitHub Action usage of actions/setup-go to the official v6 release: replace the current SHA "4b73464bb391d4059bd26b0524d20df3927bd417" with the official v6.0.0 SHA "44694675825211faa026b3c33043df3e48a5fa00" in the uses entry referencing actions/setup-go (the line containing "uses: actions/setup-go@...") so the workflow uses the correct v6 release.

coderabbitai · 2026-03-12T14:28:48Z

.github/workflows/gh-aw-test-coverage-detector.lock.yml

+      - if: hashFiles(inputs['go-version-file'] || 'go.mod') != ''
        name: Setup Go
-        uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5
+        uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6
        with:
          cache: true
-          go-version-file: go.mod
+          go-version-file: ${{ inputs['go-version-file'] || 'go.mod' }}


⚠️ Potential issue | 🔴 Critical

Missing go-version-file input declaration — feature won't work.

The workflow references inputs['go-version-file'] (lines 650, 655), but this input is not declared in the workflow inputs section (lines 48-83). Since this is a workflow_call reusable workflow, callers cannot pass an undeclared input, so the fallback to go.mod will always be used.

The fix needs to be applied to the source .md file (not this auto-generated .lock.yml). Add the input declaration:

inputs: go-version-file: default: "go.mod" description: Path to go.mod or other Go version file required: false type: string

Based on learnings: "files under .github/workflows with the .lock.yml extension are auto-generated by running gh aw compile from corresponding .md source files."

#!/bin/bash # Verify go-version-file is not in the inputs section of this workflow echo "=== Checking if go-version-file input is declared ===" rg -n 'go-version-file' .github/workflows/gh-aw-test-coverage-detector.lock.yml | head -20 echo "" echo "=== Workflow inputs section ===" sed -n '48,90p' .github/workflows/gh-aw-test-coverage-detector.lock.yml

What is the latest version of actions/setup-go and is v6 released?

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed. In @.github/workflows/gh-aw-test-coverage-detector.lock.yml around lines 650 - 655, The workflow references inputs['go-version-file'] but that input is not declared in the reusable-workflow source .md, so add an inputs entry named go-version-file (default: "go.mod", description: "Path to go.mod or other Go version file", required: false, type: string) to the workflow_call inputs in the source .md (the file that generates .github/workflows/gh-aw-test-coverage-detector.lock.yml), then re-run the generator (gh aw compile) to regenerate the .lock.yml; also check the actions/setup-go usage (the uses entry referencing actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417) and replace the commit SHA with a released tag (e.g., actions/setup-go@v4 or the latest released tag) or verify v6 is actually released before pinning to `@v6`.

coderabbitai bot reviewed Mar 12, 2026

View reviewed changes

strawgate closed this Mar 14, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ci: support configurable go-version-file#675

ci: support configurable go-version-file#675
strawgate wants to merge 1 commit intoelastic:mainfrom
marclop:f/use-latest-go-setup-and-allow-non-root-go.mod

strawgate commented Mar 12, 2026

Uh oh!

coderabbitai bot commented Mar 12, 2026

Walkthrough

Possibly related PRs

Suggested labels

Uh oh!

coderabbitai bot left a comment

Uh oh!

coderabbitai bot Mar 12, 2026

Uh oh!

coderabbitai bot Mar 12, 2026

Uh oh!

coderabbitai bot Mar 12, 2026

Uh oh!

coderabbitai bot Mar 12, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

strawgate commented Mar 12, 2026

Summary

Validation

Pre-Completion Checklist

Uh oh!

coderabbitai bot commented Mar 12, 2026

Walkthrough

Possibly related PRs

Suggested labels

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

coderabbitai bot Mar 12, 2026

Choose a reason for hiding this comment

Uh oh!

coderabbitai bot Mar 12, 2026

Choose a reason for hiding this comment

Uh oh!

coderabbitai bot Mar 12, 2026

Choose a reason for hiding this comment

Uh oh!

coderabbitai bot Mar 12, 2026

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants