Release Notes Action Items for awf 0.25.65 → 0.27.2
This issue summarizes upstream release notes for the awf dependency between the previously pinned version (0.25.65) and the new pinned version (0.27.2), highlighting items that may need follow-up in ado-aw.
The companion version-bump PR is titled chore(deps): update AWF_VERSION to 0.27.2.
Releases analyzed
Security fixes
- v0.27.2: WIF/OIDC Anthropic auth regression —
ANTHROPIC_API_KEY leaked to the agent container because Squid blocked the api-proxy OIDC token exchange, causing the raw key to be forwarded instead (v0.27.2). Any pipeline using Anthropic models with WIF/OIDC auth was affected; upgrading to 0.27.2 is recommended promptly.
Notable features for ado-aw to adopt
- v0.25.66: Azure/AWS/GCP OIDC support added to the Copilot adapter (
fix(api-proxy): add Azure/AWS/GCP OIDC support to Copilot adapter). ado-aw could surface cloud-OIDC configuration options in the engine: front-matter block or compiled pipeline for users running on Azure/AWS/GCP (v0.25.66).
- v0.25.66: Budget fields now persisted in
token-usage.jsonl with aligned maxTurns/docs reporting (feat: persist budget fields in token-usage.jsonl and align maxTurns/docs reporting). ado-aw's audit command (src/audit/otel.rs) could surface budget utilisation from this artifact (v0.25.66).
- v0.27.1: AI credits emitted as OTEL span attributes (
feat: emit AI credits as OTEL span attributes). ado-aw's OTel stats parser (src/agent_stats.rs) could be extended to read and display credit usage alongside token counts (v0.27.1).
- v0.27.1: Redacted resolved AWF config persisted as an audit artifact (
feat: persist redacted resolved config as audit artifact). ado-aw's audit command could download and display this for configuration diagnostics (v0.27.1).
- v0.27.1: Opt-in diagnostics artifact for blocked LLM request bodies added (
Add opt-in diagnostics artifact for blocked LLM request bodies). ado-aw could expose this opt-in flag via the compiled pipeline to aid debugging of blocked API requests (v0.27.1).
This issue was opened automatically by the dependency version updater workflow.
Generated by Dependency Version Updater · sonnet46 2.6M · ◷
Release Notes Action Items for
awf0.25.65→0.27.2This issue summarizes upstream release notes for the
awfdependency between the previously pinned version (0.25.65) and the new pinned version (0.27.2), highlighting items that may need follow-up in ado-aw.The companion version-bump PR is titled
chore(deps): update AWF_VERSION to 0.27.2.Releases analyzed
Security fixes
ANTHROPIC_API_KEYleaked to the agent container because Squid blocked the api-proxy OIDC token exchange, causing the raw key to be forwarded instead (v0.27.2). Any pipeline using Anthropic models with WIF/OIDC auth was affected; upgrading to0.27.2is recommended promptly.Notable features for ado-aw to adopt
fix(api-proxy): add Azure/AWS/GCP OIDC support to Copilot adapter). ado-aw could surface cloud-OIDC configuration options in theengine:front-matter block or compiled pipeline for users running on Azure/AWS/GCP (v0.25.66).token-usage.jsonlwith alignedmaxTurns/docs reporting (feat: persist budget fields in token-usage.jsonl and align maxTurns/docs reporting). ado-aw'sauditcommand (src/audit/otel.rs) could surface budget utilisation from this artifact (v0.25.66).feat: emit AI credits as OTEL span attributes). ado-aw's OTel stats parser (src/agent_stats.rs) could be extended to read and display credit usage alongside token counts (v0.27.1).feat: persist redacted resolved config as audit artifact). ado-aw'sauditcommand could download and display this for configuration diagnostics (v0.27.1).Add opt-in diagnostics artifact for blocked LLM request bodies). ado-aw could expose this opt-in flag via the compiled pipeline to aid debugging of blocked API requests (v0.27.1).This issue was opened automatically by the dependency version updater workflow.