diff --git a/.github/workflows/ai-triage-campaign.lock.yml b/.github/workflows/ai-triage-campaign.lock.yml index b9b8dde1aae..038d65c9d7a 100644 --- a/.github/workflows/ai-triage-campaign.lock.yml +++ b/.github/workflows/ai-triage-campaign.lock.yml @@ -515,7 +515,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -1714,7 +1714,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "AI Triage Campaign", experimental: false, supports_tools_allowlist: true, @@ -5105,7 +5105,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/archie.lock.yml b/.github/workflows/archie.lock.yml index e172ee5ba76..7a78ecbe74d 100644 --- a/.github/workflows/archie.lock.yml +++ b/.github/workflows/archie.lock.yml @@ -1513,7 +1513,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -2702,7 +2702,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Archie", experimental: false, supports_tools_allowlist: true, @@ -5622,7 +5622,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/artifacts-summary.lock.yml b/.github/workflows/artifacts-summary.lock.yml index a32d694eb4e..0f4abb58f74 100644 --- a/.github/workflows/artifacts-summary.lock.yml +++ b/.github/workflows/artifacts-summary.lock.yml @@ -427,14 +427,14 @@ jobs: node-version: '24' - name: Install awf binary run: | - echo "Installing awf from release: v0.1.1" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.1.1/awf-linux-x64 -o awf + echo "Installing awf from release: v0.2.0" + curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.2.0/awf-linux-x64 -o awf chmod +x awf sudo mv awf /usr/local/bin/ which awf awf --version - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -1561,7 +1561,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Artifacts Summary", experimental: false, supports_tools_allowlist: true, @@ -1614,8 +1614,8 @@ jobs: timeout-minutes: 15 run: | set -o pipefail - sudo -E awf --env-all --allow-domains api.enterprise.githubcopilot.com,api.github.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,bun.sh,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,get.pnpm.io,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com --log-level info \ - "npx -y @github/copilot@0.0.358 --add-dir /tmp/gh-aw/ --log-level all --disable-builtin-mcps --allow-tool github --allow-tool safeoutputs --allow-tool 'shell(cat)' --allow-tool 'shell(date)' --allow-tool 'shell(echo)' --allow-tool 'shell(grep)' --allow-tool 'shell(head)' --allow-tool 'shell(ls)' --allow-tool 'shell(pwd)' --allow-tool 'shell(sort)' --allow-tool 'shell(tail)' --allow-tool 'shell(uniq)' --allow-tool 'shell(wc)' --allow-tool 'shell(yq)' --allow-tool write --allow-all-paths --prompt \"\$(cat /tmp/gh-aw/aw-prompts/prompt.txt)\"" \ + sudo -E awf --env-all --mount /tmp:/tmp:rw --mount "${GITHUB_WORKSPACE}:${GITHUB_WORKSPACE}:ro" --mount "${GITHUB_WORKSPACE}/.github:/workspace/.github:ro" --allow-domains api.enterprise.githubcopilot.com,api.github.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,bun.sh,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,get.pnpm.io,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com --log-level info \ + -- npx -y @github/copilot@0.0.363 --add-dir /tmp/gh-aw/ --log-level all --add-dir '${GITHUB_WORKSPACE}' --disable-builtin-mcps --allow-tool github --allow-tool safeoutputs --allow-tool 'shell(cat)' --allow-tool 'shell(date)' --allow-tool 'shell(echo)' --allow-tool 'shell(grep)' --allow-tool 'shell(head)' --allow-tool 'shell(ls)' --allow-tool 'shell(pwd)' --allow-tool 'shell(sort)' --allow-tool 'shell(tail)' --allow-tool 'shell(uniq)' --allow-tool 'shell(wc)' --allow-tool 'shell(yq)' --allow-tool write --allow-all-paths --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)" \ 2>&1 | tee /tmp/gh-aw/agent-stdio.log # Move preserved Copilot logs to expected location @@ -5175,7 +5175,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/brave.lock.yml b/.github/workflows/brave.lock.yml index 9d130638d18..c82f6d61722 100644 --- a/.github/workflows/brave.lock.yml +++ b/.github/workflows/brave.lock.yml @@ -1404,7 +1404,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -2507,7 +2507,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Brave Web Search Agent", experimental: false, supports_tools_allowlist: true, @@ -5417,7 +5417,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/changeset.lock.yml b/.github/workflows/changeset.lock.yml index 19c3e7e93ce..18c9192752c 100644 --- a/.github/workflows/changeset.lock.yml +++ b/.github/workflows/changeset.lock.yml @@ -1142,14 +1142,14 @@ jobs: node-version: '24' - name: Install awf binary run: | - echo "Installing awf from release: v0.1.1" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.1.1/awf-linux-x64 -o awf + echo "Installing awf from release: v0.2.0" + curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.2.0/awf-linux-x64 -o awf chmod +x awf sudo mv awf /usr/local/bin/ which awf awf --version - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -2358,7 +2358,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Changeset Generator", experimental: false, supports_tools_allowlist: true, @@ -2396,8 +2396,8 @@ jobs: timeout-minutes: 20 run: | set -o pipefail - sudo -E awf --env-all --allow-domains api.enterprise.githubcopilot.com,api.github.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,bun.sh,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,get.pnpm.io,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com --log-level info \ - "npx -y @github/copilot@0.0.358 --add-dir /tmp/gh-aw/ --log-level all --disable-builtin-mcps --allow-all-tools --allow-all-paths --prompt \"\$(cat /tmp/gh-aw/aw-prompts/prompt.txt)\"" \ + sudo -E awf --env-all --mount /tmp:/tmp:rw --mount "${GITHUB_WORKSPACE}:${GITHUB_WORKSPACE}:ro" --mount "${GITHUB_WORKSPACE}/.github:/workspace/.github:ro" --allow-domains api.enterprise.githubcopilot.com,api.github.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,bun.sh,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,get.pnpm.io,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com --log-level info \ + -- npx -y @github/copilot@0.0.363 --add-dir /tmp/gh-aw/ --log-level all --add-dir '${GITHUB_WORKSPACE}' --disable-builtin-mcps --allow-all-tools --allow-all-paths --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)" \ 2>&1 | tee /tmp/gh-aw/agent-stdio.log # Move preserved Copilot logs to expected location diff --git a/.github/workflows/ci-doctor.lock.yml b/.github/workflows/ci-doctor.lock.yml index 3f8953e9688..89a8b5e9a25 100644 --- a/.github/workflows/ci-doctor.lock.yml +++ b/.github/workflows/ci-doctor.lock.yml @@ -879,7 +879,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -2034,7 +2034,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "CI Failure Doctor", experimental: false, supports_tools_allowlist: true, @@ -5303,7 +5303,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/cli-consistency-checker.lock.yml b/.github/workflows/cli-consistency-checker.lock.yml index f281b183691..9daa609695f 100644 --- a/.github/workflows/cli-consistency-checker.lock.yml +++ b/.github/workflows/cli-consistency-checker.lock.yml @@ -437,14 +437,14 @@ jobs: node-version: '24' - name: Install awf binary run: | - echo "Installing awf from release: v0.1.1" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.1.1/awf-linux-x64 -o awf + echo "Installing awf from release: v0.2.0" + curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.2.0/awf-linux-x64 -o awf chmod +x awf sudo mv awf /usr/local/bin/ which awf awf --version - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -1600,7 +1600,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "CLI Consistency Checker", experimental: false, supports_tools_allowlist: true, @@ -1638,8 +1638,8 @@ jobs: timeout-minutes: 20 run: | set -o pipefail - sudo -E awf --env-all --allow-domains api.enterprise.githubcopilot.com,api.github.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,bun.sh,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,get.pnpm.io,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com --log-level info \ - "npx -y @github/copilot@0.0.358 --add-dir /tmp/gh-aw/ --log-level all --disable-builtin-mcps --allow-all-tools --allow-all-paths --prompt \"\$(cat /tmp/gh-aw/aw-prompts/prompt.txt)\"" \ + sudo -E awf --env-all --mount /tmp:/tmp:rw --mount "${GITHUB_WORKSPACE}:${GITHUB_WORKSPACE}:ro" --mount "${GITHUB_WORKSPACE}/.github:/workspace/.github:ro" --allow-domains api.enterprise.githubcopilot.com,api.github.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,bun.sh,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,get.pnpm.io,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com --log-level info \ + -- npx -y @github/copilot@0.0.363 --add-dir /tmp/gh-aw/ --log-level all --add-dir '${GITHUB_WORKSPACE}' --disable-builtin-mcps --allow-all-tools --allow-all-paths --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)" \ 2>&1 | tee /tmp/gh-aw/agent-stdio.log # Move preserved Copilot logs to expected location @@ -5234,7 +5234,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/cli-version-checker.lock.yml b/.github/workflows/cli-version-checker.lock.yml index 97e1602bf9f..3bf51e0b1ad 100644 --- a/.github/workflows/cli-version-checker.lock.yml +++ b/.github/workflows/cli-version-checker.lock.yml @@ -602,14 +602,14 @@ jobs: node-version: '24' - name: Install awf binary run: | - echo "Installing awf from release: v0.1.1" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.1.1/awf-linux-x64 -o awf + echo "Installing awf from release: v0.2.0" + curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.2.0/awf-linux-x64 -o awf chmod +x awf sudo mv awf /usr/local/bin/ which awf awf --version - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -1929,7 +1929,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "CLI Version Checker", experimental: false, supports_tools_allowlist: true, @@ -1967,8 +1967,8 @@ jobs: timeout-minutes: 15 run: | set -o pipefail - sudo -E awf --env-all --allow-domains api.enterprise.githubcopilot.com,api.github.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,bun.sh,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,get.pnpm.io,ghcr.io,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com --log-level info \ - "npx -y @github/copilot@0.0.358 --add-dir /tmp/gh-aw/ --log-level all --disable-builtin-mcps --allow-all-tools --add-dir /tmp/gh-aw/cache-memory/ --allow-all-paths --prompt \"\$(cat /tmp/gh-aw/aw-prompts/prompt.txt)\"" \ + sudo -E awf --env-all --mount /tmp:/tmp:rw --mount "${GITHUB_WORKSPACE}:${GITHUB_WORKSPACE}:ro" --mount "${GITHUB_WORKSPACE}/.github:/workspace/.github:ro" --allow-domains api.enterprise.githubcopilot.com,api.github.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,bun.sh,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,get.pnpm.io,ghcr.io,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com --log-level info \ + -- npx -y @github/copilot@0.0.363 --add-dir /tmp/gh-aw/ --log-level all --add-dir '${GITHUB_WORKSPACE}' --disable-builtin-mcps --allow-all-tools --add-dir /tmp/gh-aw/cache-memory/ --allow-all-paths --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)" \ 2>&1 | tee /tmp/gh-aw/agent-stdio.log # Move preserved Copilot logs to expected location @@ -5563,7 +5563,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/close-old-discussions.lock.yml b/.github/workflows/close-old-discussions.lock.yml index be505f875e4..2c9814dbfb7 100644 --- a/.github/workflows/close-old-discussions.lock.yml +++ b/.github/workflows/close-old-discussions.lock.yml @@ -323,7 +323,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -1321,7 +1321,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Close Old Discussions Created by GitHub Actions Bot", experimental: false, supports_tools_allowlist: true, @@ -4568,7 +4568,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/copilot-pr-nlp-analysis.lock.yml b/.github/workflows/copilot-pr-nlp-analysis.lock.yml index b47982a0f4f..ed477268052 100644 --- a/.github/workflows/copilot-pr-nlp-analysis.lock.yml +++ b/.github/workflows/copilot-pr-nlp-analysis.lock.yml @@ -1157,14 +1157,14 @@ jobs: node-version: '24' - name: Install awf binary run: | - echo "Installing awf from release: v0.1.1" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.1.1/awf-linux-x64 -o awf + echo "Installing awf from release: v0.2.0" + curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.2.0/awf-linux-x64 -o awf chmod +x awf sudo mv awf /usr/local/bin/ which awf awf --version - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -2991,7 +2991,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Copilot PR Conversation NLP Analysis", experimental: false, supports_tools_allowlist: true, @@ -3029,8 +3029,8 @@ jobs: timeout-minutes: 20 run: | set -o pipefail - sudo -E awf --env-all --allow-domains '*.pythonhosted.org,anaconda.org,api.enterprise.githubcopilot.com,api.github.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,binstar.org,bootstrap.pypa.io,bun.sh,conda.anaconda.org,conda.binstar.org,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,files.pythonhosted.org,get.pnpm.io,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,pip.pypa.io,ppa.launchpad.net,pypi.org,pypi.python.org,raw.githubusercontent.com,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.anaconda.com,repo.continuum.io,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com' --log-level info \ - "npx -y @github/copilot@0.0.358 --add-dir /tmp/gh-aw/ --log-level all --disable-builtin-mcps --allow-all-tools --add-dir /tmp/gh-aw/cache-memory/ --allow-all-paths --prompt \"\$(cat /tmp/gh-aw/aw-prompts/prompt.txt)\"" \ + sudo -E awf --env-all --mount /tmp:/tmp:rw --mount "${GITHUB_WORKSPACE}:${GITHUB_WORKSPACE}:ro" --mount "${GITHUB_WORKSPACE}/.github:/workspace/.github:ro" --allow-domains '*.pythonhosted.org,anaconda.org,api.enterprise.githubcopilot.com,api.github.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,binstar.org,bootstrap.pypa.io,bun.sh,conda.anaconda.org,conda.binstar.org,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,files.pythonhosted.org,get.pnpm.io,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,pip.pypa.io,ppa.launchpad.net,pypi.org,pypi.python.org,raw.githubusercontent.com,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.anaconda.com,repo.continuum.io,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com' --log-level info \ + -- npx -y @github/copilot@0.0.363 --add-dir /tmp/gh-aw/ --log-level all --add-dir '${GITHUB_WORKSPACE}' --disable-builtin-mcps --allow-all-tools --add-dir /tmp/gh-aw/cache-memory/ --allow-all-paths --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)" \ 2>&1 | tee /tmp/gh-aw/agent-stdio.log # Move preserved Copilot logs to expected location @@ -6543,7 +6543,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/copilot-pr-prompt-analysis.lock.yml b/.github/workflows/copilot-pr-prompt-analysis.lock.yml index 99bbe2d8a0c..3291f3b304b 100644 --- a/.github/workflows/copilot-pr-prompt-analysis.lock.yml +++ b/.github/workflows/copilot-pr-prompt-analysis.lock.yml @@ -730,14 +730,14 @@ jobs: node-version: '24' - name: Install awf binary run: | - echo "Installing awf from release: v0.1.1" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.1.1/awf-linux-x64 -o awf + echo "Installing awf from release: v0.2.0" + curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.2.0/awf-linux-x64 -o awf chmod +x awf sudo mv awf /usr/local/bin/ which awf awf --version - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -2160,7 +2160,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Copilot PR Prompt Pattern Analysis", experimental: false, supports_tools_allowlist: true, @@ -2198,8 +2198,8 @@ jobs: timeout-minutes: 15 run: | set -o pipefail - sudo -E awf --env-all --allow-domains api.enterprise.githubcopilot.com,api.github.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,bun.sh,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,get.pnpm.io,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com --log-level info \ - "npx -y @github/copilot@0.0.358 --add-dir /tmp/gh-aw/ --log-level all --disable-builtin-mcps --allow-all-tools --add-dir /tmp/gh-aw/cache-memory/ --allow-all-paths --prompt \"\$(cat /tmp/gh-aw/aw-prompts/prompt.txt)\"" \ + sudo -E awf --env-all --mount /tmp:/tmp:rw --mount "${GITHUB_WORKSPACE}:${GITHUB_WORKSPACE}:ro" --mount "${GITHUB_WORKSPACE}/.github:/workspace/.github:ro" --allow-domains api.enterprise.githubcopilot.com,api.github.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,bun.sh,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,get.pnpm.io,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com --log-level info \ + -- npx -y @github/copilot@0.0.363 --add-dir /tmp/gh-aw/ --log-level all --add-dir '${GITHUB_WORKSPACE}' --disable-builtin-mcps --allow-all-tools --add-dir /tmp/gh-aw/cache-memory/ --allow-all-paths --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)" \ 2>&1 | tee /tmp/gh-aw/agent-stdio.log # Move preserved Copilot logs to expected location @@ -5712,7 +5712,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/craft.lock.yml b/.github/workflows/craft.lock.yml index 9a9c3012160..01ddcb708af 100644 --- a/.github/workflows/craft.lock.yml +++ b/.github/workflows/craft.lock.yml @@ -1558,7 +1558,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -2814,7 +2814,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Workflow Craft Agent", experimental: false, supports_tools_allowlist: true, @@ -5727,7 +5727,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/daily-firewall-report.lock.yml b/.github/workflows/daily-firewall-report.lock.yml index dbaa51155c0..55eda260c67 100644 --- a/.github/workflows/daily-firewall-report.lock.yml +++ b/.github/workflows/daily-firewall-report.lock.yml @@ -943,7 +943,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -2568,7 +2568,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Daily Firewall Logs Collector and Reporter", experimental: false, supports_tools_allowlist: true, @@ -5761,7 +5761,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/daily-malicious-code-scan.lock.yml b/.github/workflows/daily-malicious-code-scan.lock.yml index efbd2d126bb..815f2217c7c 100644 --- a/.github/workflows/daily-malicious-code-scan.lock.yml +++ b/.github/workflows/daily-malicious-code-scan.lock.yml @@ -550,7 +550,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -1792,7 +1792,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Daily Malicious Code Scan Agent", experimental: false, supports_tools_allowlist: true, diff --git a/.github/workflows/daily-news.lock.yml b/.github/workflows/daily-news.lock.yml index e16f1c580ce..383e0d4e38f 100644 --- a/.github/workflows/daily-news.lock.yml +++ b/.github/workflows/daily-news.lock.yml @@ -1110,14 +1110,14 @@ jobs: node-version: '24' - name: Install awf binary run: | - echo "Installing awf from release: v0.1.1" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.1.1/awf-linux-x64 -o awf + echo "Installing awf from release: v0.2.0" + curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.2.0/awf-linux-x64 -o awf chmod +x awf sudo mv awf /usr/local/bin/ which awf awf --version - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -2929,7 +2929,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Daily News", experimental: false, supports_tools_allowlist: true, @@ -2967,8 +2967,8 @@ jobs: timeout-minutes: 30 run: | set -o pipefail - sudo -E awf --env-all --allow-domains '*.pythonhosted.org,anaconda.org,api.enterprise.githubcopilot.com,api.github.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,binstar.org,bootstrap.pypa.io,bun.sh,conda.anaconda.org,conda.binstar.org,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,files.pythonhosted.org,get.pnpm.io,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,pip.pypa.io,ppa.launchpad.net,pypi.org,pypi.python.org,raw.githubusercontent.com,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.anaconda.com,repo.continuum.io,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com' --log-level info \ - "npx -y @github/copilot@0.0.358 --add-dir /tmp/gh-aw/ --log-level all --disable-builtin-mcps --allow-all-tools --add-dir /tmp/gh-aw/cache-memory/ --allow-all-paths --prompt \"\$(cat /tmp/gh-aw/aw-prompts/prompt.txt)\"" \ + sudo -E awf --env-all --mount /tmp:/tmp:rw --mount "${GITHUB_WORKSPACE}:${GITHUB_WORKSPACE}:ro" --mount "${GITHUB_WORKSPACE}/.github:/workspace/.github:ro" --allow-domains '*.pythonhosted.org,anaconda.org,api.enterprise.githubcopilot.com,api.github.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,binstar.org,bootstrap.pypa.io,bun.sh,conda.anaconda.org,conda.binstar.org,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,files.pythonhosted.org,get.pnpm.io,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,pip.pypa.io,ppa.launchpad.net,pypi.org,pypi.python.org,raw.githubusercontent.com,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.anaconda.com,repo.continuum.io,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com' --log-level info \ + -- npx -y @github/copilot@0.0.363 --add-dir /tmp/gh-aw/ --log-level all --add-dir '${GITHUB_WORKSPACE}' --disable-builtin-mcps --allow-all-tools --add-dir /tmp/gh-aw/cache-memory/ --allow-all-paths --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)" \ 2>&1 | tee /tmp/gh-aw/agent-stdio.log # Move preserved Copilot logs to expected location @@ -6496,7 +6496,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/daily-repo-chronicle.lock.yml b/.github/workflows/daily-repo-chronicle.lock.yml index 0437ee61458..1700f34d798 100644 --- a/.github/workflows/daily-repo-chronicle.lock.yml +++ b/.github/workflows/daily-repo-chronicle.lock.yml @@ -981,14 +981,14 @@ jobs: node-version: '24' - name: Install awf binary run: | - echo "Installing awf from release: v0.1.1" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.1.1/awf-linux-x64 -o awf + echo "Installing awf from release: v0.2.0" + curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.2.0/awf-linux-x64 -o awf chmod +x awf sudo mv awf /usr/local/bin/ which awf awf --version - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -2658,7 +2658,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "The Daily Repository Chronicle", experimental: false, supports_tools_allowlist: true, @@ -2696,8 +2696,8 @@ jobs: timeout-minutes: 45 run: | set -o pipefail - sudo -E awf --env-all --allow-domains '*.pythonhosted.org,anaconda.org,api.enterprise.githubcopilot.com,api.github.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,binstar.org,bootstrap.pypa.io,bun.sh,conda.anaconda.org,conda.binstar.org,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,files.pythonhosted.org,get.pnpm.io,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,pip.pypa.io,ppa.launchpad.net,pypi.org,pypi.python.org,raw.githubusercontent.com,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.anaconda.com,repo.continuum.io,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com' --log-level info \ - "npx -y @github/copilot@0.0.358 --add-dir /tmp/gh-aw/ --log-level all --disable-builtin-mcps --allow-all-tools --add-dir /tmp/gh-aw/cache-memory/ --allow-all-paths --prompt \"\$(cat /tmp/gh-aw/aw-prompts/prompt.txt)\"" \ + sudo -E awf --env-all --mount /tmp:/tmp:rw --mount "${GITHUB_WORKSPACE}:${GITHUB_WORKSPACE}:ro" --mount "${GITHUB_WORKSPACE}/.github:/workspace/.github:ro" --allow-domains '*.pythonhosted.org,anaconda.org,api.enterprise.githubcopilot.com,api.github.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,binstar.org,bootstrap.pypa.io,bun.sh,conda.anaconda.org,conda.binstar.org,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,files.pythonhosted.org,get.pnpm.io,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,pip.pypa.io,ppa.launchpad.net,pypi.org,pypi.python.org,raw.githubusercontent.com,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.anaconda.com,repo.continuum.io,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com' --log-level info \ + -- npx -y @github/copilot@0.0.363 --add-dir /tmp/gh-aw/ --log-level all --add-dir '${GITHUB_WORKSPACE}' --disable-builtin-mcps --allow-all-tools --add-dir /tmp/gh-aw/cache-memory/ --allow-all-paths --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)" \ 2>&1 | tee /tmp/gh-aw/agent-stdio.log # Move preserved Copilot logs to expected location @@ -6223,7 +6223,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/daily-team-status.lock.yml b/.github/workflows/daily-team-status.lock.yml index 1d305770981..29434c6029b 100644 --- a/.github/workflows/daily-team-status.lock.yml +++ b/.github/workflows/daily-team-status.lock.yml @@ -379,7 +379,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -1427,7 +1427,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Daily Team Status", experimental: false, supports_tools_allowlist: true, @@ -4615,7 +4615,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/dependabot-go-checker.lock.yml b/.github/workflows/dependabot-go-checker.lock.yml index bed0904d08f..f11d3d7506f 100644 --- a/.github/workflows/dependabot-go-checker.lock.yml +++ b/.github/workflows/dependabot-go-checker.lock.yml @@ -691,7 +691,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -2075,7 +2075,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Dependabot Dependency Checker", experimental: false, supports_tools_allowlist: true, @@ -5619,7 +5619,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/dev-hawk.lock.yml b/.github/workflows/dev-hawk.lock.yml index af858decb98..b016d8cccd2 100644 --- a/.github/workflows/dev-hawk.lock.yml +++ b/.github/workflows/dev-hawk.lock.yml @@ -794,7 +794,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -1880,7 +1880,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Dev Hawk", experimental: false, supports_tools_allowlist: true, @@ -4788,7 +4788,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/dev.lock.yml b/.github/workflows/dev.lock.yml index 56140a28a07..4a7ebf60c5c 100644 --- a/.github/workflows/dev.lock.yml +++ b/.github/workflows/dev.lock.yml @@ -299,7 +299,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -1289,7 +1289,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Dev", experimental: false, supports_tools_allowlist: true, diff --git a/.github/workflows/dictation-prompt.lock.yml b/.github/workflows/dictation-prompt.lock.yml index c0f7879b332..11a32433a1f 100644 --- a/.github/workflows/dictation-prompt.lock.yml +++ b/.github/workflows/dictation-prompt.lock.yml @@ -416,7 +416,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -1541,7 +1541,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Dictation Prompt Generator", experimental: false, supports_tools_allowlist: true, @@ -5077,7 +5077,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/docs-noob-tester.lock.yml b/.github/workflows/docs-noob-tester.lock.yml index 56d4b569af6..a4b98650a42 100644 --- a/.github/workflows/docs-noob-tester.lock.yml +++ b/.github/workflows/docs-noob-tester.lock.yml @@ -433,14 +433,14 @@ jobs: node-version: '24' - name: Install awf binary run: | - echo "Installing awf from release: v0.1.1" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.1.1/awf-linux-x64 -o awf + echo "Installing awf from release: v0.2.0" + curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.2.0/awf-linux-x64 -o awf chmod +x awf sudo mv awf /usr/local/bin/ which awf awf --version - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -1603,7 +1603,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Documentation Noob Tester", experimental: false, supports_tools_allowlist: true, @@ -1641,8 +1641,8 @@ jobs: timeout-minutes: 30 run: | set -o pipefail - sudo -E awf --env-all --allow-domains api.enterprise.githubcopilot.com,api.github.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,bun.sh,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,get.pnpm.io,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com --log-level info \ - "npx -y @github/copilot@0.0.358 --add-dir /tmp/gh-aw/ --log-level all --disable-builtin-mcps --allow-all-tools --allow-all-paths --prompt \"\$(cat /tmp/gh-aw/aw-prompts/prompt.txt)\"" \ + sudo -E awf --env-all --mount /tmp:/tmp:rw --mount "${GITHUB_WORKSPACE}:${GITHUB_WORKSPACE}:ro" --mount "${GITHUB_WORKSPACE}/.github:/workspace/.github:ro" --allow-domains api.enterprise.githubcopilot.com,api.github.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,bun.sh,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,get.pnpm.io,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com --log-level info \ + -- npx -y @github/copilot@0.0.363 --add-dir /tmp/gh-aw/ --log-level all --add-dir '${GITHUB_WORKSPACE}' --disable-builtin-mcps --allow-all-tools --allow-all-paths --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)" \ 2>&1 | tee /tmp/gh-aw/agent-stdio.log # Move preserved Copilot logs to expected location @@ -5165,7 +5165,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/example-permissions-warning.lock.yml b/.github/workflows/example-permissions-warning.lock.yml index 66a1af0bc1a..dda3ffb541f 100644 --- a/.github/workflows/example-permissions-warning.lock.yml +++ b/.github/workflows/example-permissions-warning.lock.yml @@ -253,7 +253,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -495,7 +495,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Example: Properly Provisioned Permissions", experimental: false, supports_tools_allowlist: true, diff --git a/.github/workflows/firewall.lock.yml b/.github/workflows/firewall.lock.yml index fdf4c9b4fb2..194c91217e7 100644 --- a/.github/workflows/firewall.lock.yml +++ b/.github/workflows/firewall.lock.yml @@ -265,14 +265,14 @@ jobs: node-version: '24' - name: Install awf binary run: | - echo "Installing awf from release: v0.1.1" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.1.1/awf-linux-x64 -o awf + echo "Installing awf from release: v0.2.0" + curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.2.0/awf-linux-x64 -o awf chmod +x awf sudo mv awf /usr/local/bin/ which awf awf --version - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -540,7 +540,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Firewall Test Agent", experimental: false, supports_tools_allowlist: true, @@ -580,8 +580,8 @@ jobs: timeout-minutes: 5 run: | set -o pipefail - sudo -E awf --env-all --allow-domains api.enterprise.githubcopilot.com,api.github.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,bun.sh,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,get.pnpm.io,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com --log-level info \ - "npx -y @github/copilot@0.0.358 --add-dir /tmp/gh-aw/ --log-level all --disable-builtin-mcps --allow-tool github --allow-tool web-fetch --prompt \"\$(cat /tmp/gh-aw/aw-prompts/prompt.txt)\"" \ + sudo -E awf --env-all --mount /tmp:/tmp:rw --mount "${GITHUB_WORKSPACE}:${GITHUB_WORKSPACE}:ro" --mount "${GITHUB_WORKSPACE}/.github:/workspace/.github:ro" --allow-domains api.enterprise.githubcopilot.com,api.github.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,bun.sh,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,get.pnpm.io,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com --log-level info \ + -- npx -y @github/copilot@0.0.363 --add-dir /tmp/gh-aw/ --log-level all --add-dir '${GITHUB_WORKSPACE}' --disable-builtin-mcps --allow-tool github --allow-tool web-fetch --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)" \ 2>&1 | tee /tmp/gh-aw/agent-stdio.log # Move preserved Copilot logs to expected location diff --git a/.github/workflows/glossary-maintainer.lock.yml b/.github/workflows/glossary-maintainer.lock.yml index e4c561614ed..4deaf0c5fd5 100644 --- a/.github/workflows/glossary-maintainer.lock.yml +++ b/.github/workflows/glossary-maintainer.lock.yml @@ -917,14 +917,14 @@ jobs: node-version: '24' - name: Install awf binary run: | - echo "Installing awf from release: v0.1.1" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.1.1/awf-linux-x64 -o awf + echo "Installing awf from release: v0.2.0" + curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.2.0/awf-linux-x64 -o awf chmod +x awf sudo mv awf /usr/local/bin/ which awf awf --version - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -2545,7 +2545,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Glossary Maintainer", experimental: false, supports_tools_allowlist: true, @@ -2610,8 +2610,8 @@ jobs: timeout-minutes: 20 run: | set -o pipefail - sudo -E awf --env-all --allow-domains '*.githubusercontent.com,api.enterprise.githubcopilot.com,api.github.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,codeload.github.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com' --log-level info \ - "npx -y @github/copilot@0.0.358 --add-dir /tmp/gh-aw/ --log-level all --disable-builtin-mcps --agent technical-doc-writer --allow-tool github --allow-tool safeoutputs --allow-tool 'shell(cat)' --allow-tool 'shell(date)' --allow-tool 'shell(echo)' --allow-tool 'shell(find docs -name '\\''*.md'\\'')' --allow-tool 'shell(git add:*)' --allow-tool 'shell(git branch:*)' --allow-tool 'shell(git checkout:*)' --allow-tool 'shell(git commit:*)' --allow-tool 'shell(git log --since='\\''24 hours ago'\\'' --oneline)' --allow-tool 'shell(git log --since='\\''7 days ago'\\'' --oneline)' --allow-tool 'shell(git merge:*)' --allow-tool 'shell(git rm:*)' --allow-tool 'shell(git status)' --allow-tool 'shell(git switch:*)' --allow-tool 'shell(grep -r '\\''*'\\'' docs)' --allow-tool 'shell(grep)' --allow-tool 'shell(head)' --allow-tool 'shell(ls)' --allow-tool 'shell(pwd)' --allow-tool 'shell(sort)' --allow-tool 'shell(tail)' --allow-tool 'shell(uniq)' --allow-tool 'shell(wc)' --allow-tool 'shell(yq)' --allow-tool write --add-dir /tmp/gh-aw/cache-memory/ --allow-all-paths --prompt \"\$(cat /tmp/gh-aw/aw-prompts/prompt.txt)\"" \ + sudo -E awf --env-all --mount /tmp:/tmp:rw --mount "${GITHUB_WORKSPACE}:${GITHUB_WORKSPACE}:ro" --mount "${GITHUB_WORKSPACE}/.github:/workspace/.github:ro" --allow-domains '*.githubusercontent.com,api.enterprise.githubcopilot.com,api.github.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,codeload.github.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com' --log-level info \ + -- npx -y @github/copilot@0.0.363 --add-dir /tmp/gh-aw/ --log-level all --add-dir '${GITHUB_WORKSPACE}' --disable-builtin-mcps --agent technical-doc-writer --allow-tool github --allow-tool safeoutputs --allow-tool 'shell(cat)' --allow-tool 'shell(date)' --allow-tool 'shell(echo)' --allow-tool 'shell(find docs -name '\''*.md'\'')' --allow-tool 'shell(git add:*)' --allow-tool 'shell(git branch:*)' --allow-tool 'shell(git checkout:*)' --allow-tool 'shell(git commit:*)' --allow-tool 'shell(git log --since='\''24 hours ago'\'' --oneline)' --allow-tool 'shell(git log --since='\''7 days ago'\'' --oneline)' --allow-tool 'shell(git merge:*)' --allow-tool 'shell(git rm:*)' --allow-tool 'shell(git status)' --allow-tool 'shell(git switch:*)' --allow-tool 'shell(grep -r '\''*'\'' docs)' --allow-tool 'shell(grep)' --allow-tool 'shell(head)' --allow-tool 'shell(ls)' --allow-tool 'shell(pwd)' --allow-tool 'shell(sort)' --allow-tool 'shell(tail)' --allow-tool 'shell(uniq)' --allow-tool 'shell(wc)' --allow-tool 'shell(yq)' --allow-tool write --add-dir /tmp/gh-aw/cache-memory/ --allow-all-paths --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)" \ 2>&1 | tee /tmp/gh-aw/agent-stdio.log # Move preserved Copilot logs to expected location @@ -6481,7 +6481,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/grumpy-reviewer.lock.yml b/.github/workflows/grumpy-reviewer.lock.yml index 2f00926f488..118aa33d36f 100644 --- a/.github/workflows/grumpy-reviewer.lock.yml +++ b/.github/workflows/grumpy-reviewer.lock.yml @@ -1453,7 +1453,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -2588,7 +2588,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Grumpy Code Reviewer 🔥", experimental: false, supports_tools_allowlist: true, @@ -5829,7 +5829,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/issue-monster.lock.yml b/.github/workflows/issue-monster.lock.yml index a607a25f8bd..7febe2f8798 100644 --- a/.github/workflows/issue-monster.lock.yml +++ b/.github/workflows/issue-monster.lock.yml @@ -805,7 +805,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -1861,7 +1861,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Issue Monster", experimental: false, supports_tools_allowlist: true, @@ -5305,7 +5305,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/mcp-inspector.lock.yml b/.github/workflows/mcp-inspector.lock.yml index 541fbaadf3f..76d5ee63ca4 100644 --- a/.github/workflows/mcp-inspector.lock.yml +++ b/.github/workflows/mcp-inspector.lock.yml @@ -606,14 +606,14 @@ jobs: node-version: '24' - name: Install awf binary run: | - echo "Installing awf from release: v0.1.1" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.1.1/awf-linux-x64 -o awf + echo "Installing awf from release: v0.2.0" + curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.2.0/awf-linux-x64 -o awf chmod +x awf sudo mv awf /usr/local/bin/ which awf awf --version - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -2102,7 +2102,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "MCP Inspector Agent", experimental: false, supports_tools_allowlist: true, @@ -2221,8 +2221,8 @@ jobs: timeout-minutes: 20 run: | set -o pipefail - sudo -E awf --env-all --allow-domains '*.docker.com,*.docker.io,api.enterprise.githubcopilot.com,api.github.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,auth.docker.io,azure.archive.ubuntu.com,bun.sh,cdn.jsdelivr.net,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,dl.k8s.io,fonts.googleapis.com,fonts.gstatic.com,gcr.io,get.pnpm.io,ghcr.io,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,mcr.microsoft.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,pkgs.k8s.io,ppa.launchpad.net,production.cloudflare.docker.com,quay.io,raw.githubusercontent.com,registry.bower.io,registry.hub.docker.com,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com' --log-level info \ - "npx -y @github/copilot@0.0.358 --add-dir /tmp/gh-aw/ --log-level all --disable-builtin-mcps --allow-tool arxiv --allow-tool 'arxiv(get_paper_details)' --allow-tool 'arxiv(get_paper_pdf)' --allow-tool 'arxiv(search_arxiv)' --allow-tool ast-grep --allow-tool 'ast-grep(*)' --allow-tool brave-search --allow-tool 'brave-search(*)' --allow-tool context7 --allow-tool 'context7(get-library-docs)' --allow-tool 'context7(resolve-library-id)' --allow-tool datadog --allow-tool 'datadog(get_datadog_metric)' --allow-tool 'datadog(search_datadog_dashboards)' --allow-tool 'datadog(search_datadog_metrics)' --allow-tool 'datadog(search_datadog_slos)' --allow-tool deepwiki --allow-tool 'deepwiki(ask_question)' --allow-tool 'deepwiki(read_wiki_contents)' --allow-tool 'deepwiki(read_wiki_structure)' --allow-tool fabric-rti --allow-tool 'fabric-rti(get_eventstream)' --allow-tool 'fabric-rti(get_eventstream_definition)' --allow-tool 'fabric-rti(kusto_get_entities_schema)' --allow-tool 'fabric-rti(kusto_get_function_schema)' --allow-tool 'fabric-rti(kusto_get_shots)' --allow-tool 'fabric-rti(kusto_get_table_schema)' --allow-tool 'fabric-rti(kusto_known_services)' --allow-tool 'fabric-rti(kusto_list_databases)' --allow-tool 'fabric-rti(kusto_list_tables)' --allow-tool 'fabric-rti(kusto_query)' --allow-tool 'fabric-rti(kusto_sample_function_data)' --allow-tool 'fabric-rti(kusto_sample_table_data)' --allow-tool 'fabric-rti(list_eventstreams)' --allow-tool gh-aw --allow-tool github --allow-tool markitdown --allow-tool 'markitdown(*)' --allow-tool memory --allow-tool 'memory(delete_memory)' --allow-tool 'memory(list_memories)' --allow-tool 'memory(retrieve_memory)' --allow-tool 'memory(store_memory)' --allow-tool microsoftdocs --allow-tool 'microsoftdocs(*)' --allow-tool notion --allow-tool 'notion(get_database)' --allow-tool 'notion(get_page)' --allow-tool 'notion(query_database)' --allow-tool 'notion(search_pages)' --allow-tool safeoutputs --allow-tool sentry --allow-tool 'sentry(analyze_issue_with_seer)' --allow-tool 'sentry(find_dsns)' --allow-tool 'sentry(find_organizations)' --allow-tool 'sentry(find_projects)' --allow-tool 'sentry(find_releases)' --allow-tool 'sentry(find_teams)' --allow-tool 'sentry(get_doc)' --allow-tool 'sentry(get_event_attachment)' --allow-tool 'sentry(get_issue_details)' --allow-tool 'sentry(get_trace_details)' --allow-tool 'sentry(search_docs requires SENTRY_OPENAI_API_KEY)' --allow-tool 'sentry(search_events)' --allow-tool 'sentry(search_issues)' --allow-tool 'sentry(whoami)' --allow-tool 'shell(cat)' --allow-tool 'shell(date)' --allow-tool 'shell(echo)' --allow-tool 'shell(grep)' --allow-tool 'shell(head)' --allow-tool 'shell(ls)' --allow-tool 'shell(pwd)' --allow-tool 'shell(sort)' --allow-tool 'shell(tail)' --allow-tool 'shell(uniq)' --allow-tool 'shell(wc)' --allow-tool 'shell(yq)' --allow-tool tavily --allow-tool 'tavily(*)' --allow-tool write --add-dir /tmp/gh-aw/cache-memory/ --allow-all-paths --prompt \"\$(cat /tmp/gh-aw/aw-prompts/prompt.txt)\"" \ + sudo -E awf --env-all --mount /tmp:/tmp:rw --mount "${GITHUB_WORKSPACE}:${GITHUB_WORKSPACE}:ro" --mount "${GITHUB_WORKSPACE}/.github:/workspace/.github:ro" --allow-domains '*.docker.com,*.docker.io,api.enterprise.githubcopilot.com,api.github.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,auth.docker.io,azure.archive.ubuntu.com,bun.sh,cdn.jsdelivr.net,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,dl.k8s.io,fonts.googleapis.com,fonts.gstatic.com,gcr.io,get.pnpm.io,ghcr.io,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,mcr.microsoft.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,pkgs.k8s.io,ppa.launchpad.net,production.cloudflare.docker.com,quay.io,raw.githubusercontent.com,registry.bower.io,registry.hub.docker.com,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com' --log-level info \ + -- npx -y @github/copilot@0.0.363 --add-dir /tmp/gh-aw/ --log-level all --add-dir '${GITHUB_WORKSPACE}' --disable-builtin-mcps --allow-tool arxiv --allow-tool 'arxiv(get_paper_details)' --allow-tool 'arxiv(get_paper_pdf)' --allow-tool 'arxiv(search_arxiv)' --allow-tool ast-grep --allow-tool 'ast-grep(*)' --allow-tool brave-search --allow-tool 'brave-search(*)' --allow-tool context7 --allow-tool 'context7(get-library-docs)' --allow-tool 'context7(resolve-library-id)' --allow-tool datadog --allow-tool 'datadog(get_datadog_metric)' --allow-tool 'datadog(search_datadog_dashboards)' --allow-tool 'datadog(search_datadog_metrics)' --allow-tool 'datadog(search_datadog_slos)' --allow-tool deepwiki --allow-tool 'deepwiki(ask_question)' --allow-tool 'deepwiki(read_wiki_contents)' --allow-tool 'deepwiki(read_wiki_structure)' --allow-tool fabric-rti --allow-tool 'fabric-rti(get_eventstream)' --allow-tool 'fabric-rti(get_eventstream_definition)' --allow-tool 'fabric-rti(kusto_get_entities_schema)' --allow-tool 'fabric-rti(kusto_get_function_schema)' --allow-tool 'fabric-rti(kusto_get_shots)' --allow-tool 'fabric-rti(kusto_get_table_schema)' --allow-tool 'fabric-rti(kusto_known_services)' --allow-tool 'fabric-rti(kusto_list_databases)' --allow-tool 'fabric-rti(kusto_list_tables)' --allow-tool 'fabric-rti(kusto_query)' --allow-tool 'fabric-rti(kusto_sample_function_data)' --allow-tool 'fabric-rti(kusto_sample_table_data)' --allow-tool 'fabric-rti(list_eventstreams)' --allow-tool gh-aw --allow-tool github --allow-tool markitdown --allow-tool 'markitdown(*)' --allow-tool memory --allow-tool 'memory(delete_memory)' --allow-tool 'memory(list_memories)' --allow-tool 'memory(retrieve_memory)' --allow-tool 'memory(store_memory)' --allow-tool microsoftdocs --allow-tool 'microsoftdocs(*)' --allow-tool notion --allow-tool 'notion(get_database)' --allow-tool 'notion(get_page)' --allow-tool 'notion(query_database)' --allow-tool 'notion(search_pages)' --allow-tool safeoutputs --allow-tool sentry --allow-tool 'sentry(analyze_issue_with_seer)' --allow-tool 'sentry(find_dsns)' --allow-tool 'sentry(find_organizations)' --allow-tool 'sentry(find_projects)' --allow-tool 'sentry(find_releases)' --allow-tool 'sentry(find_teams)' --allow-tool 'sentry(get_doc)' --allow-tool 'sentry(get_event_attachment)' --allow-tool 'sentry(get_issue_details)' --allow-tool 'sentry(get_trace_details)' --allow-tool 'sentry(search_docs requires SENTRY_OPENAI_API_KEY)' --allow-tool 'sentry(search_events)' --allow-tool 'sentry(search_issues)' --allow-tool 'sentry(whoami)' --allow-tool 'shell(cat)' --allow-tool 'shell(date)' --allow-tool 'shell(echo)' --allow-tool 'shell(grep)' --allow-tool 'shell(head)' --allow-tool 'shell(ls)' --allow-tool 'shell(pwd)' --allow-tool 'shell(sort)' --allow-tool 'shell(tail)' --allow-tool 'shell(uniq)' --allow-tool 'shell(wc)' --allow-tool 'shell(yq)' --allow-tool tavily --allow-tool 'tavily(*)' --allow-tool write --add-dir /tmp/gh-aw/cache-memory/ --allow-all-paths --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)" \ 2>&1 | tee /tmp/gh-aw/agent-stdio.log # Move preserved Copilot logs to expected location @@ -5750,7 +5750,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/mergefest.lock.yml b/.github/workflows/mergefest.lock.yml index dec8dee9529..52ab32529ac 100644 --- a/.github/workflows/mergefest.lock.yml +++ b/.github/workflows/mergefest.lock.yml @@ -903,7 +903,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -2199,7 +2199,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Mergefest", experimental: false, supports_tools_allowlist: true, @@ -5150,7 +5150,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/notion-issue-summary.lock.yml b/.github/workflows/notion-issue-summary.lock.yml index f40a1cdcf5b..67d80e71ba3 100644 --- a/.github/workflows/notion-issue-summary.lock.yml +++ b/.github/workflows/notion-issue-summary.lock.yml @@ -273,7 +273,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -1253,7 +1253,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Issue Summary to Notion", experimental: false, supports_tools_allowlist: true, diff --git a/.github/workflows/pdf-summary.lock.yml b/.github/workflows/pdf-summary.lock.yml index 22990c7995c..f5dafa44559 100644 --- a/.github/workflows/pdf-summary.lock.yml +++ b/.github/workflows/pdf-summary.lock.yml @@ -1494,7 +1494,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -2654,7 +2654,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Resource Summarizer Agent", experimental: false, supports_tools_allowlist: true, @@ -5564,7 +5564,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/plan.lock.yml b/.github/workflows/plan.lock.yml index b9a7a1cf409..7c2a127b161 100644 --- a/.github/workflows/plan.lock.yml +++ b/.github/workflows/plan.lock.yml @@ -1015,7 +1015,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -2111,7 +2111,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Plan Command", experimental: false, supports_tools_allowlist: true, @@ -5714,7 +5714,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/poem-bot.lock.yml b/.github/workflows/poem-bot.lock.yml index aa50c80ba25..ec89f0969e3 100644 --- a/.github/workflows/poem-bot.lock.yml +++ b/.github/workflows/poem-bot.lock.yml @@ -1850,7 +1850,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -2962,7 +2962,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "gpt-5", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Poem Bot - A Creative Agentic Workflow", experimental: false, supports_tools_allowlist: true, @@ -7245,7 +7245,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/pr-nitpick-reviewer.lock.yml b/.github/workflows/pr-nitpick-reviewer.lock.yml index 99a9a66ca8e..14dd8adffe9 100644 --- a/.github/workflows/pr-nitpick-reviewer.lock.yml +++ b/.github/workflows/pr-nitpick-reviewer.lock.yml @@ -1511,7 +1511,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -2952,7 +2952,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "PR Nitpick Reviewer 🔍", experimental: false, supports_tools_allowlist: true, @@ -6467,7 +6467,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/python-data-charts.lock.yml b/.github/workflows/python-data-charts.lock.yml index 6aed4925e0d..a12e6cb3282 100644 --- a/.github/workflows/python-data-charts.lock.yml +++ b/.github/workflows/python-data-charts.lock.yml @@ -1293,14 +1293,14 @@ jobs: node-version: '24' - name: Install awf binary run: | - echo "Installing awf from release: v0.1.1" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.1.1/awf-linux-x64 -o awf + echo "Installing awf from release: v0.2.0" + curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.2.0/awf-linux-x64 -o awf chmod +x awf sudo mv awf /usr/local/bin/ which awf awf --version - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -3302,7 +3302,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Python Data Visualization Generator", experimental: false, supports_tools_allowlist: true, @@ -3340,8 +3340,8 @@ jobs: timeout-minutes: 15 run: | set -o pipefail - sudo -E awf --env-all --allow-domains api.enterprise.githubcopilot.com,api.github.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com --log-level info \ - "npx -y @github/copilot@0.0.358 --add-dir /tmp/gh-aw/ --log-level all --disable-builtin-mcps --allow-all-tools --add-dir /tmp/gh-aw/cache-memory/ --allow-all-paths --prompt \"\$(cat /tmp/gh-aw/aw-prompts/prompt.txt)\"" \ + sudo -E awf --env-all --mount /tmp:/tmp:rw --mount "${GITHUB_WORKSPACE}:${GITHUB_WORKSPACE}:ro" --mount "${GITHUB_WORKSPACE}/.github:/workspace/.github:ro" --allow-domains api.enterprise.githubcopilot.com,api.github.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com --log-level info \ + -- npx -y @github/copilot@0.0.363 --add-dir /tmp/gh-aw/ --log-level all --add-dir '${GITHUB_WORKSPACE}' --disable-builtin-mcps --allow-all-tools --add-dir /tmp/gh-aw/cache-memory/ --allow-all-paths --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)" \ 2>&1 | tee /tmp/gh-aw/agent-stdio.log # Move preserved Copilot logs to expected location @@ -6864,7 +6864,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/q.lock.yml b/.github/workflows/q.lock.yml index 0cdd6483401..d595b9048f9 100644 --- a/.github/workflows/q.lock.yml +++ b/.github/workflows/q.lock.yml @@ -1754,7 +1754,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -3184,7 +3184,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Q", experimental: false, supports_tools_allowlist: true, @@ -6746,7 +6746,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/release-highlights.lock.yml b/.github/workflows/release-highlights.lock.yml index d5db52b1ff5..654b05c9a79 100644 --- a/.github/workflows/release-highlights.lock.yml +++ b/.github/workflows/release-highlights.lock.yml @@ -493,14 +493,14 @@ jobs: node-version: '24' - name: Install awf binary run: | - echo "Installing awf from release: v0.1.1" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.1.1/awf-linux-x64 -o awf + echo "Installing awf from release: v0.2.0" + curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.2.0/awf-linux-x64 -o awf chmod +x awf sudo mv awf /usr/local/bin/ which awf awf --version - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -1681,7 +1681,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Release Highlights Generator", experimental: false, supports_tools_allowlist: true, @@ -1719,8 +1719,8 @@ jobs: timeout-minutes: 20 run: | set -o pipefail - sudo -E awf --env-all --allow-domains api.enterprise.githubcopilot.com,api.github.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,bun.sh,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,get.pnpm.io,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com --log-level info \ - "npx -y @github/copilot@0.0.358 --add-dir /tmp/gh-aw/ --log-level all --disable-builtin-mcps --allow-all-tools --allow-all-paths --prompt \"\$(cat /tmp/gh-aw/aw-prompts/prompt.txt)\"" \ + sudo -E awf --env-all --mount /tmp:/tmp:rw --mount "${GITHUB_WORKSPACE}:${GITHUB_WORKSPACE}:ro" --mount "${GITHUB_WORKSPACE}/.github:/workspace/.github:ro" --allow-domains api.enterprise.githubcopilot.com,api.github.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,bun.sh,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,get.pnpm.io,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com --log-level info \ + -- npx -y @github/copilot@0.0.363 --add-dir /tmp/gh-aw/ --log-level all --add-dir '${GITHUB_WORKSPACE}' --disable-builtin-mcps --allow-all-tools --allow-all-paths --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)" \ 2>&1 | tee /tmp/gh-aw/agent-stdio.log # Move preserved Copilot logs to expected location @@ -4960,7 +4960,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/repo-tree-map.lock.yml b/.github/workflows/repo-tree-map.lock.yml index 6de11de3855..f0011f4b6b1 100644 --- a/.github/workflows/repo-tree-map.lock.yml +++ b/.github/workflows/repo-tree-map.lock.yml @@ -460,7 +460,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -1621,7 +1621,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Repository Tree Map Generator", experimental: false, supports_tools_allowlist: true, @@ -4799,7 +4799,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/repository-quality-improver.lock.yml b/.github/workflows/repository-quality-improver.lock.yml index c7b5c12c599..04d4ffad832 100644 --- a/.github/workflows/repository-quality-improver.lock.yml +++ b/.github/workflows/repository-quality-improver.lock.yml @@ -912,7 +912,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -2525,7 +2525,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Repository Quality Improvement Agent", experimental: false, supports_tools_allowlist: true, @@ -5704,7 +5704,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/research.lock.yml b/.github/workflows/research.lock.yml index 317ee85afa0..ac198e9cae9 100644 --- a/.github/workflows/research.lock.yml +++ b/.github/workflows/research.lock.yml @@ -377,14 +377,14 @@ jobs: node-version: '24' - name: Install awf binary run: | - echo "Installing awf from release: v0.1.1" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.1.1/awf-linux-x64 -o awf + echo "Installing awf from release: v0.2.0" + curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.2.0/awf-linux-x64 -o awf chmod +x awf sudo mv awf /usr/local/bin/ which awf awf --version - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -1455,7 +1455,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Basic Research Agent", experimental: false, supports_tools_allowlist: true, @@ -1497,8 +1497,8 @@ jobs: timeout-minutes: 10 run: | set -o pipefail - sudo -E awf --env-all --allow-domains api.enterprise.githubcopilot.com,api.github.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,bun.sh,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,get.pnpm.io,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com --log-level info \ - "npx -y @github/copilot@0.0.358 --add-dir /tmp/gh-aw/ --log-level all --disable-builtin-mcps --allow-tool github --allow-tool safeoutputs --allow-tool tavily --allow-tool 'tavily(*)' --prompt \"\$(cat /tmp/gh-aw/aw-prompts/prompt.txt)\"" \ + sudo -E awf --env-all --mount /tmp:/tmp:rw --mount "${GITHUB_WORKSPACE}:${GITHUB_WORKSPACE}:ro" --mount "${GITHUB_WORKSPACE}/.github:/workspace/.github:ro" --allow-domains api.enterprise.githubcopilot.com,api.github.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,bun.sh,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,get.pnpm.io,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com --log-level info \ + -- npx -y @github/copilot@0.0.363 --add-dir /tmp/gh-aw/ --log-level all --add-dir '${GITHUB_WORKSPACE}' --disable-builtin-mcps --allow-tool github --allow-tool safeoutputs --allow-tool tavily --allow-tool 'tavily(*)' --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)" \ 2>&1 | tee /tmp/gh-aw/agent-stdio.log # Move preserved Copilot logs to expected location @@ -5012,7 +5012,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/smoke-copilot.lock.yml b/.github/workflows/smoke-copilot.lock.yml index ac3658db9e4..40bb8336f2f 100644 --- a/.github/workflows/smoke-copilot.lock.yml +++ b/.github/workflows/smoke-copilot.lock.yml @@ -724,14 +724,14 @@ jobs: node-version: '24' - name: Install awf binary run: | - echo "Installing awf from release: v0.1.1" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.1.1/awf-linux-x64 -o awf + echo "Installing awf from release: v0.2.0" + curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.2.0/awf-linux-x64 -o awf chmod +x awf sudo mv awf /usr/local/bin/ which awf awf --version - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -1752,7 +1752,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Smoke Copilot", experimental: false, supports_tools_allowlist: true, @@ -1790,8 +1790,8 @@ jobs: timeout-minutes: 10 run: | set -o pipefail - sudo -E awf --env-all --allow-domains '*.githubusercontent.com,api.enterprise.githubcopilot.com,api.github.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,bun.sh,cdn.playwright.dev,codeload.github.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,get.pnpm.io,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,playwright.download.prss.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com' --log-level info \ - "npx -y @github/copilot@0.0.358 --add-dir /tmp/gh-aw/ --log-level all --disable-builtin-mcps --allow-all-tools --allow-all-paths --prompt \"\$(cat /tmp/gh-aw/aw-prompts/prompt.txt)\"" \ + sudo -E awf --env-all --mount /tmp:/tmp:rw --mount "${GITHUB_WORKSPACE}:${GITHUB_WORKSPACE}:ro" --mount "${GITHUB_WORKSPACE}/.github:/workspace/.github:ro" --allow-domains '*.githubusercontent.com,api.enterprise.githubcopilot.com,api.github.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,bun.sh,cdn.playwright.dev,codeload.github.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,get.pnpm.io,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,playwright.download.prss.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com' --log-level info \ + -- npx -y @github/copilot@0.0.363 --add-dir /tmp/gh-aw/ --log-level all --add-dir '${GITHUB_WORKSPACE}' --disable-builtin-mcps --allow-all-tools --allow-all-paths --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)" \ 2>&1 | tee /tmp/gh-aw/agent-stdio.log # Move preserved Copilot logs to expected location @@ -5030,7 +5030,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/super-linter.lock.yml b/.github/workflows/super-linter.lock.yml index 1f7be6d082f..a929fbcafde 100644 --- a/.github/workflows/super-linter.lock.yml +++ b/.github/workflows/super-linter.lock.yml @@ -498,7 +498,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -1694,7 +1694,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Super Linter Report", experimental: false, supports_tools_allowlist: true, @@ -4956,7 +4956,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/technical-doc-writer.lock.yml b/.github/workflows/technical-doc-writer.lock.yml index e9e95cf4a04..518a6409e09 100644 --- a/.github/workflows/technical-doc-writer.lock.yml +++ b/.github/workflows/technical-doc-writer.lock.yml @@ -1135,14 +1135,14 @@ jobs: node-version: '24' - name: Install awf binary run: | - echo "Installing awf from release: v0.1.1" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.1.1/awf-linux-x64 -o awf + echo "Installing awf from release: v0.2.0" + curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.2.0/awf-linux-x64 -o awf chmod +x awf sudo mv awf /usr/local/bin/ which awf awf --version - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -2560,7 +2560,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Technical Doc Writer", experimental: false, supports_tools_allowlist: true, @@ -2602,8 +2602,8 @@ jobs: timeout-minutes: 10 run: | set -o pipefail - sudo -E awf --env-all --allow-domains '*.githubusercontent.com,api.enterprise.githubcopilot.com,api.github.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,codeload.github.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com' --log-level info \ - "npx -y @github/copilot@0.0.358 --add-dir /tmp/gh-aw/ --log-level all --disable-builtin-mcps --agent technical-doc-writer --allow-tool github --allow-tool safeoutputs --allow-tool shell --allow-tool write --add-dir /tmp/gh-aw/cache-memory/ --allow-all-paths --prompt \"\$(cat /tmp/gh-aw/aw-prompts/prompt.txt)\"" \ + sudo -E awf --env-all --mount /tmp:/tmp:rw --mount "${GITHUB_WORKSPACE}:${GITHUB_WORKSPACE}:ro" --mount "${GITHUB_WORKSPACE}/.github:/workspace/.github:ro" --allow-domains '*.githubusercontent.com,api.enterprise.githubcopilot.com,api.github.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,codeload.github.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com' --log-level info \ + -- npx -y @github/copilot@0.0.363 --add-dir /tmp/gh-aw/ --log-level all --add-dir '${GITHUB_WORKSPACE}' --disable-builtin-mcps --agent technical-doc-writer --allow-tool github --allow-tool safeoutputs --allow-tool shell --allow-tool write --add-dir /tmp/gh-aw/cache-memory/ --allow-all-paths --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)" \ 2>&1 | tee /tmp/gh-aw/agent-stdio.log # Move preserved Copilot logs to expected location @@ -6499,7 +6499,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/test-assign-to-agent.lock.yml b/.github/workflows/test-assign-to-agent.lock.yml index f3476eb31e9..ac74ba6a5c8 100644 --- a/.github/workflows/test-assign-to-agent.lock.yml +++ b/.github/workflows/test-assign-to-agent.lock.yml @@ -285,7 +285,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -1250,7 +1250,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Test Assign to Agent", experimental: false, supports_tools_allowlist: true, @@ -4638,7 +4638,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/test-close-discussion.lock.yml b/.github/workflows/test-close-discussion.lock.yml index c20eb530269..94d7347dc75 100644 --- a/.github/workflows/test-close-discussion.lock.yml +++ b/.github/workflows/test-close-discussion.lock.yml @@ -285,7 +285,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -1256,7 +1256,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Test Close Discussion", experimental: false, supports_tools_allowlist: true, @@ -4504,7 +4504,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/test-copilot-assign-milestone.lock.yml b/.github/workflows/test-copilot-assign-milestone.lock.yml index 3e6be9288c5..fb54a41ed4d 100644 --- a/.github/workflows/test-copilot-assign-milestone.lock.yml +++ b/.github/workflows/test-copilot-assign-milestone.lock.yml @@ -264,7 +264,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -1219,7 +1219,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Test Copilot Assign Milestone", experimental: false, supports_tools_allowlist: true, @@ -4355,7 +4355,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/test-jqschema.lock.yml b/.github/workflows/test-jqschema.lock.yml index 98617cae9aa..c8d581b266c 100644 --- a/.github/workflows/test-jqschema.lock.yml +++ b/.github/workflows/test-jqschema.lock.yml @@ -339,7 +339,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -666,7 +666,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Test jqschema", experimental: false, supports_tools_allowlist: true, diff --git a/.github/workflows/test-manual-approval.lock.yml b/.github/workflows/test-manual-approval.lock.yml index 464650f33f2..1a9451b7f99 100644 --- a/.github/workflows/test-manual-approval.lock.yml +++ b/.github/workflows/test-manual-approval.lock.yml @@ -253,7 +253,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -489,7 +489,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Test Manual Approval Workflow", experimental: false, supports_tools_allowlist: true, diff --git a/.github/workflows/test-ollama-threat-detection.lock.yml b/.github/workflows/test-ollama-threat-detection.lock.yml index 9ee891a5a38..6bd6134b7b4 100644 --- a/.github/workflows/test-ollama-threat-detection.lock.yml +++ b/.github/workflows/test-ollama-threat-detection.lock.yml @@ -270,7 +270,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -1229,7 +1229,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Test Ollama Threat Scanning", experimental: false, supports_tools_allowlist: true, @@ -4492,7 +4492,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/test-post-steps.lock.yml b/.github/workflows/test-post-steps.lock.yml index 2f0ad9378a3..fa4c5545a24 100644 --- a/.github/workflows/test-post-steps.lock.yml +++ b/.github/workflows/test-post-steps.lock.yml @@ -247,7 +247,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -492,7 +492,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Test Post-Steps Workflow", experimental: false, supports_tools_allowlist: true, diff --git a/.github/workflows/test-secret-masking.lock.yml b/.github/workflows/test-secret-masking.lock.yml index 09204acf062..b3528e547ba 100644 --- a/.github/workflows/test-secret-masking.lock.yml +++ b/.github/workflows/test-secret-masking.lock.yml @@ -256,7 +256,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -496,7 +496,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Test Secret Masking Workflow", experimental: false, supports_tools_allowlist: true, diff --git a/.github/workflows/test-serena-custom-gomod.lock.yml b/.github/workflows/test-serena-custom-gomod.lock.yml index 6cc353d2f66..e8825d71ca6 100644 --- a/.github/workflows/test-serena-custom-gomod.lock.yml +++ b/.github/workflows/test-serena-custom-gomod.lock.yml @@ -261,7 +261,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -503,7 +503,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Test Serena Custom Go.mod Path", experimental: false, supports_tools_allowlist: true, diff --git a/.github/workflows/test-serena-go-config.lock.yml b/.github/workflows/test-serena-go-config.lock.yml index 3ea0fdbc132..3975a053fed 100644 --- a/.github/workflows/test-serena-go-config.lock.yml +++ b/.github/workflows/test-serena-go-config.lock.yml @@ -261,7 +261,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -503,7 +503,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Test Serena Go Configuration", experimental: false, supports_tools_allowlist: true, diff --git a/.github/workflows/test-serena-long.lock.yml b/.github/workflows/test-serena-long.lock.yml index b11ef263658..429003c39ea 100644 --- a/.github/workflows/test-serena-long.lock.yml +++ b/.github/workflows/test-serena-long.lock.yml @@ -269,7 +269,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -511,7 +511,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Test Serena Long Syntax", experimental: false, supports_tools_allowlist: true, diff --git a/.github/workflows/test-serena-short.lock.yml b/.github/workflows/test-serena-short.lock.yml index 9e794ff0c8a..ff4a8da3e63 100644 --- a/.github/workflows/test-serena-short.lock.yml +++ b/.github/workflows/test-serena-short.lock.yml @@ -267,7 +267,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -509,7 +509,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Test Serena Short Syntax", experimental: false, supports_tools_allowlist: true, diff --git a/.github/workflows/test-svelte.lock.yml b/.github/workflows/test-svelte.lock.yml index 7fe751bf7ef..d0d7e22a663 100644 --- a/.github/workflows/test-svelte.lock.yml +++ b/.github/workflows/test-svelte.lock.yml @@ -261,7 +261,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -522,7 +522,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Test Svelte MCP", experimental: false, supports_tools_allowlist: true, diff --git a/.github/workflows/tests/test-app-token.lock.yml b/.github/workflows/tests/test-app-token.lock.yml index e7f179cea88..acac63bff4e 100644 --- a/.github/workflows/tests/test-app-token.lock.yml +++ b/.github/workflows/tests/test-app-token.lock.yml @@ -281,7 +281,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -1136,7 +1136,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Issue Triage with GitHub App Token", experimental: false, supports_tools_allowlist: true, @@ -4328,7 +4328,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/tests/test-copilot-close-pull-request.lock.yml b/.github/workflows/tests/test-copilot-close-pull-request.lock.yml index 6444a493ac4..12aaf729d5d 100644 --- a/.github/workflows/tests/test-copilot-close-pull-request.lock.yml +++ b/.github/workflows/tests/test-copilot-close-pull-request.lock.yml @@ -274,7 +274,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -1120,7 +1120,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Test Close Pull Request", experimental: false, supports_tools_allowlist: true, @@ -4288,7 +4288,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/tidy.lock.yml b/.github/workflows/tidy.lock.yml index aba96baf6a0..347a6f9be0b 100644 --- a/.github/workflows/tidy.lock.yml +++ b/.github/workflows/tidy.lock.yml @@ -714,7 +714,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -1799,7 +1799,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Tidy", experimental: false, supports_tools_allowlist: true, @@ -5376,7 +5376,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/video-analyzer.lock.yml b/.github/workflows/video-analyzer.lock.yml index 0b76f510f1d..4a82990e204 100644 --- a/.github/workflows/video-analyzer.lock.yml +++ b/.github/workflows/video-analyzer.lock.yml @@ -544,7 +544,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -1765,7 +1765,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Video Analysis Agent", experimental: false, supports_tools_allowlist: true, @@ -5042,7 +5042,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/weekly-issue-summary.lock.yml b/.github/workflows/weekly-issue-summary.lock.yml index 77aa190a299..182348afc2e 100644 --- a/.github/workflows/weekly-issue-summary.lock.yml +++ b/.github/workflows/weekly-issue-summary.lock.yml @@ -888,14 +888,14 @@ jobs: node-version: '24' - name: Install awf binary run: | - echo "Installing awf from release: v0.1.1" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.1.1/awf-linux-x64 -o awf + echo "Installing awf from release: v0.2.0" + curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.2.0/awf-linux-x64 -o awf chmod +x awf sudo mv awf /usr/local/bin/ which awf awf --version - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Downloading container images run: | set -e @@ -2520,7 +2520,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "", version: "", - agent_version: "0.0.358", + agent_version: "0.0.363", workflow_name: "Weekly Issue Summary", experimental: false, supports_tools_allowlist: true, @@ -2558,8 +2558,8 @@ jobs: timeout-minutes: 20 run: | set -o pipefail - sudo -E awf --env-all --allow-domains '*.pythonhosted.org,anaconda.org,api.enterprise.githubcopilot.com,api.github.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,binstar.org,bootstrap.pypa.io,bun.sh,conda.anaconda.org,conda.binstar.org,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,files.pythonhosted.org,get.pnpm.io,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,pip.pypa.io,ppa.launchpad.net,pypi.org,pypi.python.org,raw.githubusercontent.com,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.anaconda.com,repo.continuum.io,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com' --log-level info \ - "npx -y @github/copilot@0.0.358 --add-dir /tmp/gh-aw/ --log-level all --disable-builtin-mcps --allow-all-tools --add-dir /tmp/gh-aw/cache-memory/ --allow-all-paths --prompt \"\$(cat /tmp/gh-aw/aw-prompts/prompt.txt)\"" \ + sudo -E awf --env-all --mount /tmp:/tmp:rw --mount "${GITHUB_WORKSPACE}:${GITHUB_WORKSPACE}:ro" --mount "${GITHUB_WORKSPACE}/.github:/workspace/.github:ro" --allow-domains '*.pythonhosted.org,anaconda.org,api.enterprise.githubcopilot.com,api.github.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,binstar.org,bootstrap.pypa.io,bun.sh,conda.anaconda.org,conda.binstar.org,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,files.pythonhosted.org,get.pnpm.io,github.com,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,pip.pypa.io,ppa.launchpad.net,pypi.org,pypi.python.org,raw.githubusercontent.com,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.anaconda.com,repo.continuum.io,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com' --log-level info \ + -- npx -y @github/copilot@0.0.363 --add-dir /tmp/gh-aw/ --log-level all --add-dir '${GITHUB_WORKSPACE}' --disable-builtin-mcps --allow-all-tools --add-dir /tmp/gh-aw/cache-memory/ --allow-all-paths --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)" \ 2>&1 | tee /tmp/gh-aw/agent-stdio.log # Move preserved Copilot logs to expected location @@ -6086,7 +6086,7 @@ jobs: with: node-version: '24' - name: Install GitHub Copilot CLI - run: npm install -g @github/copilot@0.0.358 + run: npm install -g @github/copilot@0.0.363 - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/pkg/constants/constants.go b/pkg/constants/constants.go index 4da9197ee59..fd09613bf6b 100644 --- a/pkg/constants/constants.go +++ b/pkg/constants/constants.go @@ -29,7 +29,7 @@ const DefaultMCPRegistryURL = "https://api.mcp.github.com/v0" const DefaultClaudeCodeVersion Version = "2.0.50" // DefaultCopilotVersion is the default version of the GitHub Copilot CLI -const DefaultCopilotVersion Version = "0.0.358" +const DefaultCopilotVersion Version = "0.0.363" // DefaultCodexVersion is the default version of the OpenAI Codex CLI const DefaultCodexVersion Version = "0.63.0" @@ -38,7 +38,7 @@ const DefaultCodexVersion Version = "0.63.0" const DefaultGitHubMCPServerVersion Version = "v0.22.0" // DefaultFirewallVersion is the default version of the gh-aw-firewall (AWF) binary -const DefaultFirewallVersion Version = "v0.1.1" +const DefaultFirewallVersion Version = "v0.2.0" // DefaultPlaywrightMCPVersion is the default version of the @playwright/mcp package const DefaultPlaywrightMCPVersion Version = "0.0.47" diff --git a/pkg/constants/constants_test.go b/pkg/constants/constants_test.go index d685172da35..4b7ed3259d2 100644 --- a/pkg/constants/constants_test.go +++ b/pkg/constants/constants_test.go @@ -246,10 +246,10 @@ func TestVersionConstants(t *testing.T) { expected Version }{ {"DefaultClaudeCodeVersion", DefaultClaudeCodeVersion, "2.0.50"}, - {"DefaultCopilotVersion", DefaultCopilotVersion, "0.0.358"}, + {"DefaultCopilotVersion", DefaultCopilotVersion, "0.0.363"}, {"DefaultCodexVersion", DefaultCodexVersion, "0.63.0"}, {"DefaultGitHubMCPServerVersion", DefaultGitHubMCPServerVersion, "v0.22.0"}, - {"DefaultFirewallVersion", DefaultFirewallVersion, "v0.1.1"}, + {"DefaultFirewallVersion", DefaultFirewallVersion, "v0.2.0"}, {"DefaultPlaywrightMCPVersion", DefaultPlaywrightMCPVersion, "0.0.47"}, {"DefaultPlaywrightBrowserVersion", DefaultPlaywrightBrowserVersion, "v1.56.1"}, {"DefaultBunVersion", DefaultBunVersion, "1.1"}, diff --git a/pkg/workflow/copilot_engine.go b/pkg/workflow/copilot_engine.go index be0f1079381..aec28e29ea4 100644 --- a/pkg/workflow/copilot_engine.go +++ b/pkg/workflow/copilot_engine.go @@ -111,6 +111,12 @@ func (e *CopilotEngine) GetExecutionSteps(workflowData *WorkflowData, logFile st if isFirewallEnabled(workflowData) { // Simplified args for firewall mode copilotArgs = []string{"--add-dir", "/tmp/gh-aw/", "--log-level", "all"} + + // Always add workspace directory to --add-dir so Copilot CLI can access it + // This allows Copilot CLI to discover agent files and access the workspace + copilotArgs = append(copilotArgs, "--add-dir", "${GITHUB_WORKSPACE}") + copilotLog.Print("Added workspace directory to --add-dir") + copilotLog.Print("Using firewall mode with simplified arguments") } else { // Original args for non-firewall mode @@ -211,9 +217,24 @@ func (e *CopilotEngine) GetExecutionSteps(workflowData *WorkflowData, logFile st // Get allowed domains (copilot defaults + network permissions) with specific ordering allowedDomains := GetCopilotAllowedDomains(workflowData.NetworkPermissions) - // Build AWF arguments: standard flags + custom args from config + // Build AWF arguments: mount points + standard flags + custom args from config var awfArgs []string awfArgs = append(awfArgs, "--env-all") + + // Add mount arguments for required paths + // Always mount /tmp for temporary files and cache + awfArgs = append(awfArgs, "--mount", "/tmp:/tmp:rw") + + // Always mount the workspace directory so Copilot CLI can access it + // Use double quotes to allow shell variable expansion + awfArgs = append(awfArgs, "--mount", "\"${GITHUB_WORKSPACE}:${GITHUB_WORKSPACE}:ro\"") + copilotLog.Print("Added workspace mount to AWF") + + // Mount .github directory to /workspace/.github so Copilot CLI can discover agents + // Copilot CLI looks for agents in .github/agents/ relative to its working directory (/workspace) + awfArgs = append(awfArgs, "--mount", "\"${GITHUB_WORKSPACE}/.github:/workspace/.github:ro\"") + copilotLog.Print("Added .github mount to /workspace for agent discovery") + awfArgs = append(awfArgs, "--allow-domains", allowedDomains) awfArgs = append(awfArgs, "--log-level", awfLogLevel) @@ -222,11 +243,12 @@ func (e *CopilotEngine) GetExecutionSteps(workflowData *WorkflowData, logFile st awfArgs = append(awfArgs, firewallConfig.Args...) } - // Properly escape shell arguments using shell helper functions - // The copilot command is wrapped as a single string argument to AWF using shellEscapeCommandString + // Build the full AWF command with proper argument separation + // AWF v0.2.0 uses -- to separate AWF args from the actual command + // The command arguments should be passed as individual shell arguments, not as a single string command = fmt.Sprintf(`set -o pipefail sudo -E awf %s \ - %s \ + -- %s \ 2>&1 | tee %s # Move preserved Copilot logs to expected location @@ -236,7 +258,7 @@ if [ -n "$COPILOT_LOGS_DIR" ] && [ -d "$COPILOT_LOGS_DIR" ]; then sudo mkdir -p %s sudo mv "$COPILOT_LOGS_DIR"/* %s || true sudo rmdir "$COPILOT_LOGS_DIR" || true -fi`, shellJoinArgs(awfArgs), shellEscapeCommandString(copilotCommand), shellEscapeArg(logFile), shellEscapeArg(logsFolder), shellEscapeArg(logsFolder), shellEscapeArg(logsFolder)) +fi`, shellJoinArgs(awfArgs), copilotCommand, shellEscapeArg(logFile), shellEscapeArg(logsFolder), shellEscapeArg(logsFolder), shellEscapeArg(logsFolder)) } else { // Run copilot command without AWF wrapper command = fmt.Sprintf(`set -o pipefail