Skip to content

[specs] Update layout specification - 2026-02-23 #17860

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
pelikhan merged 1 commit into from
Feb 23, 2026
+22 −17
Merged

[specs] Update layout specification - 2026-02-23 #17860

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
39 changes: 22 additions & 17 deletions scratchpad/layout.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,18 +1,18 @@
# GitHub Actions Workflow Layout Specification

> Auto-generated specification documenting patterns used in compiled `.lock.yml` files.
> Last updated: 2026-02-16
> Last updated: 2026-02-23

## Overview

This document catalogs all file paths, folder names, artifact names, and other patterns used across our compiled GitHub Actions workflows (`.lock.yml` files). It serves as a comprehensive reference for developers working with the gh-aw codebase.

**Statistics:**
- **Lock files analyzed**: 154
- **Unique GitHub Actions**: 28
- **Artifact patterns**: 17
- **Lock files analyzed**: 158
- **Unique GitHub Actions**: 26
- **Artifact patterns**: 19
- **Job name patterns**: 22
- **File path references**: 35
- **File path references**: 36

## GitHub Actions

Expand All @@ -32,17 +32,16 @@ Common GitHub Actions used across compiled workflows:
| `actions/cache` | `0057852...` | Caches dependencies | Used for caching npm, pip, go modules |
| `actions/cache/restore` | `0057852...` | Restores cached dependencies | Explicit cache restore action |
| `actions/cache/save` | `0057852...` | Saves dependencies to cache | Explicit cache save action |
| `actions/ai-inference` | `a380166...` | AI inference action | Used for AI model invocation |
| `docker/setup-buildx-action` | `8d2750c...` | Sets up Docker Buildx | Used for multi-platform Docker builds |
| `docker/build-push-action` | `10e90e3...` | Builds and pushes Docker images | Used in release workflows |
| `docker/login-action` | `c94ce9f...` | Logs in to Docker registry | Used before pushing Docker images |
| `docker/metadata-action` | `c299e40...` | Extracts Docker metadata | Used for tagging Docker images |
| `astral-sh/setup-uv` | `d4b2f3b...` | Sets up uv package manager | Used for Python package management |
| `anchore/sbom-action` | `28d7154...` | Generates SBOM | Used for security and compliance |
| `super-linter/super-linter` | `2bdd90e...` | Runs super-linter | Used for code quality checks |
| `github/stale-repos` | `3477b64...` | Manages stale repositories | Used for repository maintenance |
| `super-linter/super-linter` | `61abc07...` | Runs super-linter | Used for code quality checks |
| `github/stale-repos` | `a21e55...` | Manages stale repositories | Used for repository maintenance |
| `./actions/setup` | N/A (local) | Custom setup action | Copies JavaScript and shell scripts to `/tmp/gh-aw/actions` |
| `github/gh-aw/actions/setup` | `c4e0918...` | Remote setup action | Same as local `./actions/setup` but referenced remotely |
| `github/gh-aw/actions/setup` | `a70c5ea...` | Remote setup action | Same as local `./actions/setup` but referenced remotely |

## Artifact Names

Expand All @@ -54,12 +53,14 @@ Artifacts uploaded/downloaded between workflow jobs:
| `agent-artifacts` | Agent job | Detection job, conclusion job | Additional artifacts from agent execution |
| `agent_outputs` | Agent job | Safe-output jobs | Alternative name for agent outputs |
| `safe-output` | Safe-output jobs | Conclusion job | Safe output results (PR creation, commenting, etc.) |
| `safe-output-items` | Safe-output jobs | Conclusion job | Individual safe output item payloads (JSONL format) |
| `safe-outputs-assets` | Safe-output jobs | Conclusion job | Assets generated by safe-output tools |
| `cache-memory` | Agent job, update_cache_memory job | Next workflow run | Persistent data across workflow runs |
| `cache-memory-focus-areas` | Agent job | Next workflow run | Focused cache data for specific areas |
| `cache-memory-repo-audits` | Agent job | Next workflow run | Repository audit cache data |
| `repo-memory-default` | Agent job | Next workflow run | Default repository memory data |
| `repo-memory-campaigns` | Agent job | Next workflow run | Campaign-specific repository memory |
| `prompt` | Activation job | Agent job | Rendered prompt file used for agent invocation |
| `python-source-and-data` | Agent job | Upload assets job | Python scripts and data files |
| `trending-source-and-data` | Agent job | Upload assets job | Trending analysis source and data |
| `trending-charts` | Agent job | Upload assets job | Charts generated from trending data |
Expand Down Expand Up @@ -135,6 +136,9 @@ Common file paths referenced in workflow files:
| `/tmp/gh-aw/python/data/*` | Files | Python data files | Data files used by Python scripts |
| `/opt/gh-aw/actions` | Directory | Setup action scripts | Destination for copied JavaScript and shell scripts |
| `/opt/gh-aw/safe-jobs/` | Directory | Safe job definitions | Safe output job definitions and handlers |
| `/opt/gh-aw/gh-aw` | File | gh-aw binary | The gh-aw CLI binary copied for use in safe-output jobs |
| `/opt/gh-aw/prompts/` | Directory | Built-in prompts | System prompt files included in agent context |
| `/opt/gh-aw/safeoutputs/` | Directory | Safe outputs runtime | Safe outputs MCP server, config, and output files |
| `${{ env.GH_AW_AGENT_OUTPUT }}` | Environment var | Agent output path | Dynamic path to agent output file |
| `${{ env.GH_AW_SAFE_OUTPUTS }}` | Environment var | Safe outputs path | Dynamic path to safe outputs directory |

Expand Down Expand Up @@ -191,15 +195,15 @@ const SafeOutputsMCPServerID = "safeoutputs"
const SafeInputsMCPServerID = "safeinputs"
const AgenticWorkflowsMCPServerID = "agenticworkflows"
````

### Default Versions
````go
const DefaultCopilotVersion Version = "0.0.410"
const DefaultClaudeCodeVersion Version = "2.1.42"
const DefaultCodexVersion Version = "0.101.0"
const DefaultCopilotVersion Version = "0.0.414"
const DefaultClaudeCodeVersion Version = "2.1.50"
const DefaultCodexVersion Version = "0.104.0"
const DefaultGeminiVersion Version = "0.29.0"
const DefaultGitHubMCPServerVersion Version = "v0.31.0"
const DefaultFirewallVersion Version = "v0.18.0"
const DefaultMCPGatewayVersion Version = "v0.1.4"
const DefaultFirewallVersion Version = "v0.20.2"
const DefaultMCPGatewayVersion Version = "v0.1.5"
const DefaultPlaywrightMCPVersion Version = "0.0.68"
const DefaultMCPSDKVersion Version = "1.24.0"
const DefaultBunVersion Version = "1.1"
Expand Down Expand Up @@ -236,6 +240,7 @@ const DefaultMCPInspectorPort = 3001
const ClaudeLLMGatewayPort = 10000
const CodexLLMGatewayPort = 10001
const CopilotLLMGatewayPort = 10002
const GeminiLLMGatewayPort = 10003
````

### URLs
Expand Down Expand Up @@ -354,8 +359,8 @@ This specification is automatically maintained by the **Layout Specification Mai
4. Updates this document with findings
5. Creates a PR with the changes

**Last extraction run**: 2026-02-16
**Lock files analyzed**: 154
**Last extraction run**: 2026-02-23
**Lock files analyzed**: 158
**Patterns documented**: 200+

---
Expand Down