Bump github/gh-aw from 0.50.6 to 0.52.0

[dependabot]

Bumps github/gh-aw from 0.50.6 to 0.52.0.

Release notes

Sourced from github/gh-aw's releases.

v0.52.0

🌟 Release Highlights

v0.52.0 focuses on strengthening cross-repository security, improving the agentic maintenance workflow, and polishing safe-output footers.

🔒 Security Fixes

• Cross-repository allowlist validation — Five safe-output handler files (dynamic_checkout.cjs, extra_empty_commit.cjs, and others) now call validateTargetRepo before performing cross-repo operations. This closes SEC-005 and USE-001 gaps where operations could bypass repository allowlists. (#19333)

✨ What's New

• Maintenance workflow workflow_dispatch operations — You can now trigger the agentic maintenance workflow via workflow_dispatch with an explicit operation input (disable, enable, update, upgrade). A unified run_operation job ensures only the intended operation runs, and all other unrelated jobs are automatically skipped. (#19308, #19374)
• History links (◷) in safe-output footers — The add_comment, update_issue, and update_pull_request handlers now include the clock-symbol history link in their generated footers, matching the behavior already present in create_issue, create_pull_request, and create_discussion. (#19344)

🐛 Bug Fixes

• Cross-repo update-issue safe-outputs — Fixed two bugs: the update handler factory was bypassing resolveAndValidateRepo, and the validateRepo helper incorrectly rejected wildcard (*) values for the default repository. Cross-repo issue updates now route and validate correctly. (#19354)
• Maintenance workflow staging filter — The run_operation job staging filter now correctly excludes all files under .github/workflows/ (both .md and .yml/.yaml), preventing the GitHub Actions actor from attempting to commit workflow files it has no permission to change. (#19355)

🌍 Community Contributions

A huge thank you to the community members who reported issues that were resolved in this release:

• @chrizbo for Bug: Cross-repo update-issue safe-outputs broken — repo missing from tool schema + wildcard validation fails (#19347)

---

For complete details, see CHANGELOG.

Generated by Release

---

What's Changed

• fix(SEC-005): add cross-repository allowlist validation to five handler files by @​Copilot in github/gh-aw#19333
• Add workflow_dispatch operation input and unified run_operation job to agentic maintenance workflow by @​Copilot in github/gh-aw#19308
• Add history link (◷) to add_comment, update_issue, and update_pull_request footers by @​Copilot in github/gh-aw#19344
• fix(maintenance): exclude all .github/workflows/ files from staging in update/upgrade by @​Copilot in github/gh-aw#19355
• [fp-enhancer] Improve pkg/cli: replace imperative slice-building with sliceutil.Map by @​github-actions[bot] in github/gh-aw#19376
• [aw] Updates available by @​github-actions[bot] in github/gh-aw#19375
• Disable non-operation jobs in agentic maintenance when workflow_dispatch operation is set by @​Copilot in github/gh-aw#19374
• Fix cross-repo update-issue safe-outputs: routing bypass and wildcard validation failure by @​Copilot in github/gh-aw#19354

Full Changelog: github/gh-aw@v0.51.8...v0.52.0

v0.51.8

🌟 Release Highlights

This release delivers a notable breaking change with a smooth migration path, a quality-of-life CLI improvement, and enhanced traceability in generated workflow outputs.

... (truncated)

Commits

• 8b915d2 Fix cross-repo update-issue safe-outputs: routing bypass and wildcard valid...
• b75f455 Disable non-operation jobs in agentic maintenance when workflow_dispatch oper...
• 093d3b4 [aw] Updates available (#19375)
• a271875 [fp-enhancer] Improve pkg/cli: replace imperative slice-building with sliceut...
• cfbdc61 fix(maintenance): exclude all .github/workflows/ files from staging in update...
• 6c015e1 Add history link (◷) to add_comment, update_issue, and update_pull_request fo...
• f7eab32 Add workflow_dispatch operation input and unified run_operation job to agenti...
• df5d006 fix(SEC-005): add cross-repository allowlist validation to five handler files...
• b93e105 chore: delete zombie test files from pkg/workflow/ (batch 2 of 2) (#19335)
• e9c50c9 Delete zombie test files from pkg/workflow/ (batch 1 of 2) (#19334)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #3763.