bump: gh-aw-firewall v0.25.6, gh-aw-mcpg v0.2.11#23879
Conversation
Agent-Logs-Url: https://github.com/github/gh-aw/sessions/48076d69-9166-44c4-91fd-d630925b146f Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
… wasm, recompile Agent-Logs-Url: https://github.com/github/gh-aw/sessions/48076d69-9166-44c4-91fd-d630925b146f Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
|
✨ The prophecy is fulfilled... Smoke Codex has completed its mystical journey. The stars align. 🌟 |
|
✅ All tools validated successfully! Agent Container Smoke Test confirms agent container is ready. |
|
🎬 THE END — Smoke Claude MISSION: ACCOMPLISHED! The hero saves the day! ✨ |
|
📰 BREAKING: Smoke Copilot is now investigating this pull request. Sources say the story is developing... |
There was a problem hiding this comment.
Pull request overview
This PR bumps the repository’s default runtime dependency versions for gh-aw-firewall (AWF) and gh-aw-mcpg (MCP Gateway), and updates generated workflow lockfiles to reflect the new versions.
Changes:
- Update
DefaultFirewallVersiontov0.25.6andDefaultMCPGatewayVersiontov0.2.11. - Regenerate compiled workflow lock files to pin AWF image tags (
0.25.6) and MCP Gateway image tags (v0.2.11) consistently.
Reviewed changes
Copilot reviewed 85 out of 180 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| pkg/constants/constants.go | Bumps default AWF and MCP Gateway versions used across workflow compilation. |
| .github/workflows/workflow-generator.lock.yml | Updates pinned AWF/MCPG versions in generated workflow steps and pre-pulled images. |
| .github/workflows/test-workflow.lock.yml | Updates pinned AWF/MCPG versions in generated workflow steps and pre-pulled images. |
| .github/workflows/test-dispatcher.lock.yml | Updates pinned AWF/MCPG versions in generated workflow steps and pre-pulled images. |
| .github/workflows/smoke-gemini.lock.yml | Updates pinned AWF/MCPG versions in generated workflow steps and pre-pulled images. |
| .github/workflows/repo-tree-map.lock.yml | Updates pinned AWF/MCPG versions in generated workflow steps and pre-pulled images. |
| .github/workflows/refiner.lock.yml | Updates pinned AWF/MCPG versions in generated workflow steps and pre-pulled images. |
| .github/workflows/pr-triage-agent.lock.yml | Updates pinned AWF/MCPG versions in generated workflow steps and pre-pulled images. |
| .github/workflows/poem-bot.lock.yml | Updates pinned AWF/MCPG versions in generated workflow steps and pre-pulled images. |
| .github/workflows/plan.lock.yml | Updates pinned AWF/MCPG versions in generated workflow steps and pre-pulled images. |
| .github/workflows/notion-issue-summary.lock.yml | Updates pinned AWF/MCPG versions in generated workflow steps and pre-pulled images. |
| .github/workflows/metrics-collector.lock.yml | Updates pinned AWF/MCPG versions in generated workflow steps and pre-pulled images. |
| .github/workflows/jsweep.lock.yml | Updates pinned AWF/MCPG versions in generated workflow steps and pre-pulled images. |
| .github/workflows/issue-triage-agent.lock.yml | Updates pinned AWF/MCPG versions in generated workflow steps and pre-pulled images. |
| .github/workflows/issue-monster.lock.yml | Updates pinned AWF/MCPG versions in generated workflow steps and pre-pulled images. |
| .github/workflows/gpclean.lock.yml | Updates pinned AWF/MCPG versions in generated workflow steps and pre-pulled images. |
| .github/workflows/github-remote-mcp-auth-test.lock.yml | Updates pinned AWF/MCPG versions in generated workflow steps and pre-pulled images. |
| .github/workflows/firewall.lock.yml | Updates pinned AWF/MCPG versions in generated workflow steps and pre-pulled images. |
| .github/workflows/example-permissions-warning.lock.yml | Updates pinned AWF/MCPG versions in generated workflow steps and pre-pulled images. |
| .github/workflows/dev.lock.yml | Updates pinned AWF/MCPG versions in generated workflow steps and pre-pulled images. |
| .github/workflows/dependabot-burner.lock.yml | Updates pinned AWF/MCPG versions in generated workflow steps and pre-pulled images. |
| .github/workflows/daily-team-status.lock.yml | Updates pinned AWF/MCPG versions in generated workflow steps and pre-pulled images. |
| .github/workflows/daily-malicious-code-scan.lock.yml | Updates pinned AWF/MCPG versions in generated workflow steps and pre-pulled images. |
| .github/workflows/craft.lock.yml | Updates pinned AWF/MCPG versions in generated workflow steps and pre-pulled images. |
| .github/workflows/contribution-check.lock.yml | Updates pinned AWF/MCPG versions in generated workflow steps and pre-pulled images. |
| .github/workflows/constraint-solving-potd.lock.yml | Updates pinned AWF/MCPG versions in generated workflow steps and pre-pulled images. |
| .github/workflows/codex-github-remote-mcp-test.lock.yml | Updates pinned AWF/MCPG versions in generated workflow steps and pre-pulled images. |
| .github/workflows/code-simplifier.lock.yml | Updates pinned AWF/MCPG versions in generated workflow steps and pre-pulled images. |
| .github/workflows/changeset.lock.yml | Updates pinned AWF/MCPG versions in generated workflow steps and pre-pulled images. |
| .github/workflows/bot-detection.lock.yml | Updates pinned AWF/MCPG versions in generated workflow steps and pre-pulled images. |
| .github/workflows/ai-moderator.lock.yml | Updates pinned AWF/MCPG versions in generated workflow steps and pre-pulled images. |
| .github/workflows/ace-editor.lock.yml | Updates pinned AWF/MCPG versions in generated workflow steps and pre-pulled images. |
… plus additional compiled .lock.yml workflow files (not included in the excerpt) |
Bulk regeneration to keep pinned versions consistent across workflows. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| // DefaultFirewallVersion is the default version of the gh-aw-firewall (AWF) binary | ||
| const DefaultFirewallVersion Version = "v0.25.5" | ||
| const DefaultFirewallVersion Version = "v0.25.6" |
There was a problem hiding this comment.
PR description mentions that gh-aw.wasm was rebuilt/updated, but there is no gh-aw.wasm artifact present in the repository state for this PR (it does not appear in the repo root or under docs assets). Either include the updated wasm artifact in the PR (if it is meant to be version-pinned/committed) or adjust the PR description to avoid implying a tracked binary was regenerated.
Agent Container Tool Check
Result: 12/12 tools available ✅ PASS
|
|
🤖 Smoke test complete for run 23847925985
Overall: PR Author:
|
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
There was a problem hiding this comment.
Routine version bump PR updating gh-aw-firewall to v0.25.6 and gh-aw-mcpg to v0.2.11. All 179 lock files recompiled. Changes look consistent and correct.
📰 BREAKING: Report filed by Smoke Copilot
| GH_AW_INFO_ALLOWED_DOMAINS: '["defaults"]' | ||
| GH_AW_INFO_FIREWALL_ENABLED: "true" | ||
| GH_AW_INFO_AWF_VERSION: "v0.25.5" | ||
| GH_AW_INFO_AWF_VERSION: "v0.25.6" |
There was a problem hiding this comment.
Version bump to v0.25.6 looks correct — matches the DefaultFirewallVersion constant update in pkg/constants/constants.go.
| await determineAutomaticLockdown(github, context, core); | ||
| - name: Download container images | ||
| run: bash ${RUNNER_TEMP}/gh-aw/actions/download_docker_images.sh ghcr.io/github/gh-aw-firewall/agent:0.25.5 ghcr.io/github/gh-aw-firewall/api-proxy:0.25.5 ghcr.io/github/gh-aw-firewall/squid:0.25.5 ghcr.io/github/gh-aw-mcpg:v0.2.10 ghcr.io/github/github-mcp-server:v0.32.0 | ||
| run: bash ${RUNNER_TEMP}/gh-aw/actions/download_docker_images.sh ghcr.io/github/gh-aw-firewall/agent:0.25.6 ghcr.io/github/gh-aw-firewall/api-proxy:0.25.6 ghcr.io/github/gh-aw-firewall/squid:0.25.6 ghcr.io/github/gh-aw-mcpg:v0.2.11 ghcr.io/github/github-mcp-server:v0.32.0 |
There was a problem hiding this comment.
MCP Gateway version bump to v0.2.11 — confirmed consistent across download_docker_images.sh call and GH_AW_INFO_AWMG_VERSION in lock files. 👍
|
📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤 |
|
Warning The Smoke Test 23847925954 — §run Core: 1✅ 2✅ 3✅ 4✅ 5✅ 6✅ 7✅ 8✅ 9✅ 10✅ 11✅ Overall: PARTIAL (2 skipped, 0 failed)
|
There was a problem hiding this comment.
💥 Automated smoke test review - all systems nominal!
💥 [THE END] — Illustrated by Smoke Claude
| @@ -369,7 +369,7 @@ const DefaultGitHubMCPServerVersion Version = "v0.32.0" | |||
| const DefaultGitHubLockdown = false | |||
|
|
|||
| // DefaultFirewallVersion is the default version of the gh-aw-firewall (AWF) binary | |||
| const DefaultFirewallVersion Version = "v0.25.5" | |||
| const DefaultFirewallVersion Version = "v0.25.6" | |||
There was a problem hiding this comment.
Smoke test review comment #1: This file contains version constants. The bump to v0.25.6 looks correct and consistent with the PR description.
| @@ -369,7 +369,7 @@ const DefaultGitHubMCPServerVersion Version = "v0.32.0" | |||
| const DefaultGitHubLockdown = false | |||
|
|
|||
There was a problem hiding this comment.
Smoke test review comment #2: Version constants look well-organized. Consider adding a comment explaining the versioning scheme for future maintainers.
Updates default versions for the two core runtime dependencies and regenerates all compiled workflow lock files.
Changes
pkg/constants/constants.goDefaultFirewallVersion:v0.25.5→v0.25.6DefaultMCPGatewayVersion:v0.2.10→v0.2.11gh-aw.wasm— rebuilt against updated constants.lock.ymlfiles — recompiled to pick up new versions✨ PR Review Safe Output Test - Run 23847925954