[health-audit] Failed CI on Main

[github-actions]

The _gh-aw-pin-refresh.yml workflow continues to install the wrong gh-aw CLI version, causing CI failures on main. This has been a recurring issue since 2026-05-14.

Failing Workflow

Workflow	Issue
gh-aw-pin-refresh (Mon/Thu 12:00 UTC)	Installs v0.68.3 but action tag is @v0.74.4

Root Cause

.github/workflows/_gh-aw-pin-refresh.yml line 80 still has a hardcoded version that was not updated alongside the Renovate-bumped action tag:

- name: Install gh-aw CLI
  uses: github/gh-aw-actions/setup-cli@v0.74.4   # ✅ bumped by Renovate (#327, 2026-05-19)
  with:
    version: v0.68.3                               # ❌ still 6 minor versions behind

Impact

All 3 compiled lock files remain at v0.68.3:

• agentics-maintenance.yml
• link-checker.lock.yml
• repo-health-audit.lock.yml

Running gh aw upgrade with the wrong CLI version prevents migration to v0.74.4.

Fix

Update .github/workflows/_gh-aw-pin-refresh.yml line 80 to version: v0.74.4, then trigger gh-aw-pin-refresh with operation: upgrade.

Prior tracking: #329 (2026-05-19), #325, #323, #321, #318, #312
Related to #330

Note

🔒 Integrity filter blocked 1 item

The following item were blocked because they don't meet the GitHub integrity level.

• Dependency Dashboard #57 list_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".

To allow these resources, lower min-integrity in your GitHub frontmatter:

tools:
  github:
    min-integrity: approved  # merged | approved | unapproved | none

Generated by Repo Health Audit · ● 1.2M · ◷

• expires on May 27, 2026, 12:47 PM UTC