Conversation
Agent-Logs-Url: https://github.com/github/gh-aw/sessions/fdedf6f6-4060-47ef-8b23-7fe24fa9d482 Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Agent-Logs-Url: https://github.com/github/gh-aw/sessions/fdedf6f6-4060-47ef-8b23-7fe24fa9d482 Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
This PR bumps the repo’s default pinned versions for several AI CLIs/tools (Claude Code, GitHub Copilot CLI, Codex) and the GitHub MCP Server image, then regenerates workflow lock artifacts and golden fixtures so generated outputs reflect the new version strings.
Changes:
- Updated Go version constants for default tool versions (including GitHub MCP Server
v1.0.0). - Regenerated
/.github/workflows/*.lock.ymlartifacts and updated wasm golden fixtures to match the compiler output. - Added a changeset documenting the patch release.
Show a summary per file
| File | Description |
|---|---|
| pkg/constants/version_constants.go | Bumps default pinned tool versions used by workflow compilation. |
| pkg/constants/README.md | Updates documented example Copilot CLI version value. |
| pkg/workflow/testdata/TestWasmGolden_CompileFixtures/basic-copilot.golden | Updates golden fixture version strings and MCP server image tag. |
| pkg/workflow/testdata/TestWasmGolden_CompileFixtures/with-imports.golden | Updates golden fixture version strings and MCP server image tag. |
| .github/workflows/workflow-health-manager.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/workflow-generator.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/video-analyzer.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/test-workflow.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/test-quality-sentinel.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/test-dispatcher.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/smoke-workflow-call.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/smoke-opencode.lock.yml | Regenerated locked workflow to consume updated MCP server tag. |
| .github/workflows/smoke-gemini.lock.yml | Regenerated locked workflow to consume updated MCP server tag. |
| .github/workflows/security-compliance.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/schema-feature-coverage.lock.yml | Regenerated locked workflow to consume updated Codex version. |
| .github/workflows/schema-consistency-checker.lock.yml | Regenerated locked workflow to consume updated Claude Code version. |
| .github/workflows/research.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/repo-tree-map.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/refiner.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/plan.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/metrics-collector.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/mergefest.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/github-remote-mcp-auth-test.lock.yml | Regenerated locked workflow to consume updated Copilot CLI version. |
| .github/workflows/github-mcp-tools-report.lock.yml | Regenerated locked workflow to consume updated Claude Code version. |
| .github/workflows/firewall.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/example-permissions-warning.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/draft-pr-cleanup.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/discussion-task-miner.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/dictation-prompt.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/dev.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/dependabot-go-checker.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/dependabot-burner.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/delight.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/daily-malicious-code-scan.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/craft.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/copilot-pr-merged-report.lock.yml | Regenerated locked workflow to consume updated Copilot CLI version. |
| .github/workflows/copilot-cli-deep-research.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/contribution-check.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/codex-github-remote-mcp-test.lock.yml | Regenerated locked workflow to consume updated Codex version. |
| .github/workflows/cli-consistency-checker.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/breaking-change-checker.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/bot-detection.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/auto-triage-issues.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/artifacts-summary.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/architecture-guardian.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .github/workflows/ace-editor.lock.yml | Regenerated locked workflow to consume updated CLI versions and MCP server tag. |
| .changeset/patch-update-cli-tool-versions-20260417.md | Adds release note entry describing the version bumps and regeneration. |
Copilot's findings
Tip
Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Files reviewed: 154/199 changed files
- Comments generated: 0
|
@copilot merge main and recompile |
…ol-versions # Conflicts: # .github/workflows/aw-failure-investigator.lock.yml # .github/workflows/daily-aw-cross-repo-compile-check.lock.yml # .github/workflows/smoke-crush.lock.yml Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Merged Warning Firewall rules blocked me from connecting to one or more addresses (expand for details)I tried to connect to the following addresses, but was blocked by firewall rules:
If you need me to access, download, or install something from one of these locations, you can either:
|
|
🌑 The shadows whisper... Smoke Codex failed. The oracle requires further meditation... |
|
|
|
📰 BREAKING: Smoke Copilot is now investigating this pull request. Sources say the story is developing... |
|
|
|
🎬 THE END — Smoke Claude MISSION: ACCOMPLISHED! The hero saves the day! ✨ |
Agent Container Tool Check
Result: 12/12 tools available ✅ PASS
|
Smoke Test Results — Run §24572008825Status: PARTIAL (1 failed, 2 skipped)
|
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
There was a problem hiding this comment.
💥 Automated smoke test review - all systems nominal!
💥 [THE END] — Illustrated by Smoke Claude · ● 178K
| @@ -0,0 +1,5 @@ | |||
| --- | |||
| "gh-aw": patch | |||
There was a problem hiding this comment.
✅ The changeset type patch is appropriate here since these are dependency version bumps without API-breaking changes.
| "gh-aw": patch | ||
| --- | ||
|
|
||
| Update default CLI/tool versions: Claude Code `2.1.112`, Copilot CLI `1.0.31`, Codex `0.121.0`, and GitHub MCP Server `v1.0.0`; then recompile workflow lock files so generated workflows consume the new versions. |
There was a problem hiding this comment.
💡 Suggestion: The changeset description is clear and concise. Consider also noting that github-mcp-server jumped from v0.32.0 → v1.0.0, which is a major semver bump and may warrant extra attention from reviewers.
There was a problem hiding this comment.
Agreed! The major semver jump from v0.32.0 → v1.0.0 is definitely worth highlighting. Reviewers should check the GitHub MCP Server changelog for any breaking changes before merging.
📰 BREAKING: Report filed by Smoke Copilot · ● 2M
|
🤖 beep boop — The Copilot smoke test agent was here! Running diagnostics at 2026-04-17T15:14:37Z... all systems nominal. 🚀✨
|
|
✅ Smoke test run §24572008874 completed. PR: Bump default CLI/tool versions (Claude, Copilot, Codex, GitHub MCP) and recompile lockfiles
Overall: PASS
|
There was a problem hiding this comment.
Reviewed the version bump PR. Two inline observations: (1) the GitHub MCP Server major version bump deserves explicit reviewer attention, and (2) the new unpinned image tag may benefit from a digest pin for supply chain security. Overall this looks like a clean and well-organized version update.
📰 BREAKING: Report filed by Smoke Copilot · ● 2M
| "gh-aw": patch | ||
| --- | ||
|
|
||
| Update default CLI/tool versions: Claude Code `2.1.112`, Copilot CLI `1.0.31`, Codex `0.121.0`, and GitHub MCP Server `v1.0.0`; then recompile workflow lock files so generated workflows consume the new versions. |
There was a problem hiding this comment.
✅ Good changeset description! Note: the GitHub MCP Server jump from v0.32.0 → v1.0.0 is a major semver bump — worth calling out for reviewers since it may include breaking changes.
| @@ -1,5 +1,5 @@ | |||
| # gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"8955ee270578c68e1b90ccda262a02f9b608013552d51884c06a20f9fdbd98ed","agent_id":"copilot"} | |||
| # gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"373c709c69115d41ff229c7e5df9f8788daa9553","version":"v9"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.23"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.23"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.23"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.2.22"},{"image":"ghcr.io/github/github-mcp-server:v0.32.0","digest":"sha256:2763823c63bcca718ce53850a1d7fcf2f501ec84028394f1b63ce7e9f4f9be28","pinned_image":"ghcr.io/github/github-mcp-server:v0.32.0@sha256:2763823c63bcca718ce53850a1d7fcf2f501ec84028394f1b63ce7e9f4f9be28"}]} | |||
| # gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"373c709c69115d41ff229c7e5df9f8788daa9553","version":"v9"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.23"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.23"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.23"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.2.22"},{"image":"ghcr.io/github/github-mcp-server:v1.0.0"}]} | |||
There was a problem hiding this comment.
The pinned digest for github-mcp-server:v0.32.0 has been removed in favor of an unpinned v1.0.0 tag. Consider pinning the new image to a specific digest for deterministic builds and supply chain security.
|
📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤 |
This updates the default pinned versions for four CLI/tool dependencies and propagates them through generated workflow artifacts. It also advances GitHub MCP Server to
v1.0.0and refreshes generated outputs accordingly.Core version constants
/pkg/constants/version_constants.go:DefaultClaudeCodeVersion:2.1.98→2.1.112DefaultCopilotVersion:1.0.21→1.0.31DefaultCodexVersion:0.118.0→0.121.0DefaultGitHubMCPServerVersion:v0.32.0→v1.0.0Generated workflow artifacts
/.github/workflows/*.lock.ymlso compiled workflows consume the new versions.ghcr.io/github/github-mcp-server:v1.0.0) and updated CLI install versions.Golden fixtures aligned with compiler output
/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/basic-copilot.golden/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/with-imports.goldenRelease note entry
/.changeset/patch-update-cli-tool-versions-20260417.mdFollow-up from PR feedback
origin/maininto this branch.> [!WARNING]
>
>
✨ PR Review Safe Output Test - Run 24572008825