diff --git a/.github/agents/agentic-workflows.agent.md b/.github/agents/agentic-workflows.agent.md index 138ba4fbf21..7c3daeea29a 100644 --- a/.github/agents/agentic-workflows.agent.md +++ b/.github/agents/agentic-workflows.agent.md @@ -16,6 +16,7 @@ This is a **dispatcher agent** that routes your request to the appropriate speci - **Debugging workflows**: Routes to `debug` prompt - **Upgrading workflows**: Routes to `upgrade-agentic-workflows` prompt - **Creating shared components**: Routes to `create-shared-agentic-workflow` prompt +- **Fixing Dependabot PRs**: Routes to `dependabot` prompt — use this when Dependabot opens PRs that modify generated manifest files (`.github/workflows/package.json`, `.github/workflows/requirements.txt`, `.github/workflows/go.mod`). Never merge those PRs directly; instead update the source `.md` files and rerun `gh aw compile --dependabot` to bundle all fixes Workflows may optionally include: @@ -96,6 +97,16 @@ When you interact with this agent, it will: - "Wrap the Slack MCP server as a reusable component" - "Design a shared workflow for database queries" +### Fix Dependabot PRs +**Load when**: User needs to close or fix open Dependabot PRs that update dependencies in generated manifest files (`.github/workflows/package.json`, `.github/workflows/requirements.txt`, `.github/workflows/go.mod`) + +**Prompt file**: https://github.com/github/gh-aw/blob/main/.github/aw/dependabot.md + +**Use cases**: +- "Fix the open Dependabot PRs for npm dependencies" +- "Bundle and close the Dependabot PRs for workflow dependencies" +- "Update @playwright/test to fix the Dependabot PR" + ## Instructions When a user interacts with you: diff --git a/.github/workflows/smoke-macos-arm64.lock.yml b/.github/workflows/smoke-macos-arm64.lock.yml index 0c7cc2494b6..8b605c64f19 100644 --- a/.github/workflows/smoke-macos-arm64.lock.yml +++ b/.github/workflows/smoke-macos-arm64.lock.yml @@ -431,8 +431,6 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.411 - - name: Install Docker on macOS - run: bash /opt/gh-aw/actions/install_docker_macos.sh - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.20.2 - name: Determine automatic lockdown mode for GitHub MCP Server diff --git a/docs/src/content/docs/reference/faq.md b/docs/src/content/docs/reference/faq.md index 7ba63675bf1..ab0d62231c3 100644 --- a/docs/src/content/docs/reference/faq.md +++ b/docs/src/content/docs/reference/faq.md @@ -318,7 +318,7 @@ This approach maintains security while allowing CI to run after PR creation. See ## Platform Support -### Why don't agentic workflows support macOS runners? +### Why are macOS runners not supported? Agentic workflows require Docker for the [Agent Workflow Firewall](/gh-aw/reference/sandbox/) (Squid proxy + agent containers), the MCP Gateway, and containerized MCP servers. GitHub-hosted macOS runners are themselves virtual machines (`Apple M1 (Virtual)`) that do not support nested virtualization, making it impossible to run Docker — Docker Desktop, colima, and QEMU all fail with `Virtualization is not available on this hardware`. Until GitHub offers macOS runners with Docker support or a non-Docker container runtime becomes viable, agentic workflows require Linux (`ubuntu-*`) runners.