From 41f5cb373e78d3ac21ba3003b5ccf6c8fea2d33b Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 19 Dec 2025 08:05:33 +0000 Subject: [PATCH 1/4] Initial plan From 14b57fab776f9a1d55f4188084acb326c597b28b Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 19 Dec 2025 08:24:39 +0000 Subject: [PATCH 2/4] chore: use awf installer script Co-authored-by: Mossaka <5447827+Mossaka@users.noreply.github.com> --- .github/workflows/ai-moderator.lock.yml | 6 +- .github/workflows/archie.lock.yml | 6 +- .github/workflows/artifacts-summary.lock.yml | 6 +- .github/workflows/brave.lock.yml | 6 +- .../breaking-change-checker.lock.yml | 6 +- .github/workflows/campaign-generator.lock.yml | 6 +- .github/workflows/ci-coach.lock.yml | 6 +- .github/workflows/ci-doctor.lock.yml | 6 +- .../cli-consistency-checker.lock.yml | 6 +- .../copilot-pr-merged-report.lock.yml | 6 +- .../copilot-pr-nlp-analysis.lock.yml | 6 +- .../copilot-pr-prompt-analysis.lock.yml | 6 +- .github/workflows/craft.lock.yml | 6 +- .../daily-assign-issue-to-user.lock.yml | 6 +- .../daily-copilot-token-report.lock.yml | 6 +- .github/workflows/daily-file-diet.lock.yml | 6 +- .../workflows/daily-firewall-report.lock.yml | 6 +- .../daily-malicious-code-scan.lock.yml | 6 +- .github/workflows/daily-news.lock.yml | 6 +- .../workflows/daily-repo-chronicle.lock.yml | 6 +- .github/workflows/daily-team-status.lock.yml | 6 +- .../workflows/daily-workflow-updater.lock.yml | 6 +- .../workflows/dependabot-go-checker.lock.yml | 6 +- .github/workflows/dev-hawk.lock.yml | 6 +- .github/workflows/dev.lock.yml | 6 +- .github/workflows/dictation-prompt.lock.yml | 6 +- .github/workflows/docs-noob-tester.lock.yml | 6 +- .../example-permissions-warning.lock.yml | 6 +- .github/workflows/firewall-escape.lock.yml | 6 +- .github/workflows/firewall.lock.yml | 6 +- .../workflows/glossary-maintainer.lock.yml | 6 +- ...ze-reduction-project64.campaign.g.lock.yml | 6 +- ...go-file-size-reduction.campaign.g.lock.yml | 6 +- .github/workflows/grumpy-reviewer.lock.yml | 6 +- .github/workflows/hourly-ci-cleaner.lock.yml | 6 +- .../workflows/human-ai-collaboration.lock.yml | 6 +- .github/workflows/incident-response.lock.yml | 6 +- .github/workflows/intelligence.lock.yml | 6 +- .github/workflows/issue-monster.lock.yml | 6 +- .github/workflows/issue-triage-agent.lock.yml | 6 +- .github/workflows/jsweep.lock.yml | 6 +- .../workflows/layout-spec-maintainer.lock.yml | 6 +- .github/workflows/mcp-inspector.lock.yml | 6 +- .github/workflows/mergefest.lock.yml | 6 +- .../workflows/notion-issue-summary.lock.yml | 6 +- .github/workflows/org-health-report.lock.yml | 6 +- .github/workflows/org-wide-rollout.lock.yml | 6 +- .github/workflows/pdf-summary.lock.yml | 6 +- .github/workflows/plan.lock.yml | 6 +- .github/workflows/poem-bot.lock.yml | 6 +- .github/workflows/portfolio-analyst.lock.yml | 6 +- .../workflows/pr-nitpick-reviewer.lock.yml | 6 +- .github/workflows/python-data-charts.lock.yml | 6 +- .github/workflows/q.lock.yml | 6 +- .github/workflows/release.lock.yml | 6 +- .github/workflows/repo-tree-map.lock.yml | 6 +- .../repository-quality-improver.lock.yml | 6 +- .github/workflows/research.lock.yml | 6 +- .../workflows/security-compliance.lock.yml | 6 +- .../workflows/slide-deck-maintainer.lock.yml | 6 +- .../smoke-copilot-playwright.lock.yml | 6 +- .../smoke-copilot-safe-inputs.lock.yml | 6 +- .github/workflows/smoke-copilot.lock.yml | 6 +- .github/workflows/spec-kit-execute.lock.yml | 6 +- .github/workflows/spec-kit-executor.lock.yml | 6 +- .github/workflows/speckit-dispatcher.lock.yml | 6 +- .../workflows/stale-repo-identifier.lock.yml | 6 +- .github/workflows/sub-issue-closer.lock.yml | 6 +- .github/workflows/super-linter.lock.yml | 6 +- .../workflows/technical-doc-writer.lock.yml | 6 +- .github/workflows/tidy.lock.yml | 6 +- .github/workflows/video-analyzer.lock.yml | 6 +- .../workflows/weekly-issue-summary.lock.yml | 6 +- pkg/workflow/copilot_engine.go | 20 +++---- pkg/workflow/firewall_version_pinning_test.go | 58 ++++++------------- 75 files changed, 172 insertions(+), 344 deletions(-) diff --git a/.github/workflows/ai-moderator.lock.yml b/.github/workflows/ai-moderator.lock.yml index 90f2c61d79..f793b217db 100644 --- a/.github/workflows/ai-moderator.lock.yml +++ b/.github/workflows/ai-moderator.lock.yml @@ -304,10 +304,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/archie.lock.yml b/.github/workflows/archie.lock.yml index be001a1929..aea5d87aca 100644 --- a/.github/workflows/archie.lock.yml +++ b/.github/workflows/archie.lock.yml @@ -1006,10 +1006,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/artifacts-summary.lock.yml b/.github/workflows/artifacts-summary.lock.yml index 7755426028..5798b57db3 100644 --- a/.github/workflows/artifacts-summary.lock.yml +++ b/.github/workflows/artifacts-summary.lock.yml @@ -253,10 +253,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/brave.lock.yml b/.github/workflows/brave.lock.yml index d05acd1b89..153ac7c523 100644 --- a/.github/workflows/brave.lock.yml +++ b/.github/workflows/brave.lock.yml @@ -985,10 +985,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/breaking-change-checker.lock.yml b/.github/workflows/breaking-change-checker.lock.yml index f236b75f9b..27539cded1 100644 --- a/.github/workflows/breaking-change-checker.lock.yml +++ b/.github/workflows/breaking-change-checker.lock.yml @@ -250,10 +250,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/campaign-generator.lock.yml b/.github/workflows/campaign-generator.lock.yml index d8a8899dd6..6378ff9c9b 100644 --- a/.github/workflows/campaign-generator.lock.yml +++ b/.github/workflows/campaign-generator.lock.yml @@ -296,10 +296,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/ci-coach.lock.yml b/.github/workflows/ci-coach.lock.yml index a9fddef9d1..36e5775ba5 100644 --- a/.github/workflows/ci-coach.lock.yml +++ b/.github/workflows/ci-coach.lock.yml @@ -308,10 +308,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/ci-doctor.lock.yml b/.github/workflows/ci-doctor.lock.yml index 0db97fc1ec..56203ada8b 100644 --- a/.github/workflows/ci-doctor.lock.yml +++ b/.github/workflows/ci-doctor.lock.yml @@ -280,10 +280,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/cli-consistency-checker.lock.yml b/.github/workflows/cli-consistency-checker.lock.yml index c7fbce6b5f..b25ea4645e 100644 --- a/.github/workflows/cli-consistency-checker.lock.yml +++ b/.github/workflows/cli-consistency-checker.lock.yml @@ -249,10 +249,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/copilot-pr-merged-report.lock.yml b/.github/workflows/copilot-pr-merged-report.lock.yml index aea87d50db..4e60dfa9c3 100644 --- a/.github/workflows/copilot-pr-merged-report.lock.yml +++ b/.github/workflows/copilot-pr-merged-report.lock.yml @@ -254,10 +254,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Write Safe Outputs Config diff --git a/.github/workflows/copilot-pr-nlp-analysis.lock.yml b/.github/workflows/copilot-pr-nlp-analysis.lock.yml index 67d9a909d6..167052af0e 100644 --- a/.github/workflows/copilot-pr-nlp-analysis.lock.yml +++ b/.github/workflows/copilot-pr-nlp-analysis.lock.yml @@ -312,10 +312,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/copilot-pr-prompt-analysis.lock.yml b/.github/workflows/copilot-pr-prompt-analysis.lock.yml index 99dac6e5b0..0838ac1641 100644 --- a/.github/workflows/copilot-pr-prompt-analysis.lock.yml +++ b/.github/workflows/copilot-pr-prompt-analysis.lock.yml @@ -280,10 +280,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/craft.lock.yml b/.github/workflows/craft.lock.yml index f7d54764b2..f048ead767 100644 --- a/.github/workflows/craft.lock.yml +++ b/.github/workflows/craft.lock.yml @@ -986,10 +986,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/daily-assign-issue-to-user.lock.yml b/.github/workflows/daily-assign-issue-to-user.lock.yml index a612f409e7..a84abebf07 100644 --- a/.github/workflows/daily-assign-issue-to-user.lock.yml +++ b/.github/workflows/daily-assign-issue-to-user.lock.yml @@ -248,10 +248,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/daily-copilot-token-report.lock.yml b/.github/workflows/daily-copilot-token-report.lock.yml index 2e5b87adfd..acb14538d0 100644 --- a/.github/workflows/daily-copilot-token-report.lock.yml +++ b/.github/workflows/daily-copilot-token-report.lock.yml @@ -299,10 +299,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/daily-file-diet.lock.yml b/.github/workflows/daily-file-diet.lock.yml index bd2e5e937f..b4e9daf1a9 100644 --- a/.github/workflows/daily-file-diet.lock.yml +++ b/.github/workflows/daily-file-diet.lock.yml @@ -340,10 +340,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/daily-firewall-report.lock.yml b/.github/workflows/daily-firewall-report.lock.yml index 09c0232730..e95f991124 100644 --- a/.github/workflows/daily-firewall-report.lock.yml +++ b/.github/workflows/daily-firewall-report.lock.yml @@ -342,10 +342,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/daily-malicious-code-scan.lock.yml b/.github/workflows/daily-malicious-code-scan.lock.yml index 6f8d1b12a0..7b15f9398f 100644 --- a/.github/workflows/daily-malicious-code-scan.lock.yml +++ b/.github/workflows/daily-malicious-code-scan.lock.yml @@ -249,10 +249,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/daily-news.lock.yml b/.github/workflows/daily-news.lock.yml index 1615cd253a..c27e18c304 100644 --- a/.github/workflows/daily-news.lock.yml +++ b/.github/workflows/daily-news.lock.yml @@ -307,10 +307,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/daily-repo-chronicle.lock.yml b/.github/workflows/daily-repo-chronicle.lock.yml index 49b0f08ceb..906642d625 100644 --- a/.github/workflows/daily-repo-chronicle.lock.yml +++ b/.github/workflows/daily-repo-chronicle.lock.yml @@ -296,10 +296,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/daily-team-status.lock.yml b/.github/workflows/daily-team-status.lock.yml index 0725d7a8d4..fe67681125 100644 --- a/.github/workflows/daily-team-status.lock.yml +++ b/.github/workflows/daily-team-status.lock.yml @@ -262,10 +262,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/daily-workflow-updater.lock.yml b/.github/workflows/daily-workflow-updater.lock.yml index fa01eb9255..c400535453 100644 --- a/.github/workflows/daily-workflow-updater.lock.yml +++ b/.github/workflows/daily-workflow-updater.lock.yml @@ -249,10 +249,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/dependabot-go-checker.lock.yml b/.github/workflows/dependabot-go-checker.lock.yml index 7d399c36be..775fc68ff1 100644 --- a/.github/workflows/dependabot-go-checker.lock.yml +++ b/.github/workflows/dependabot-go-checker.lock.yml @@ -250,10 +250,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/dev-hawk.lock.yml b/.github/workflows/dev-hawk.lock.yml index 02f87e81d8..d9dbb4363c 100644 --- a/.github/workflows/dev-hawk.lock.yml +++ b/.github/workflows/dev-hawk.lock.yml @@ -279,10 +279,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/dev.lock.yml b/.github/workflows/dev.lock.yml index fb168fe885..b99f5e370f 100644 --- a/.github/workflows/dev.lock.yml +++ b/.github/workflows/dev.lock.yml @@ -249,10 +249,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/dictation-prompt.lock.yml b/.github/workflows/dictation-prompt.lock.yml index 0c4b368940..a7b44022cb 100644 --- a/.github/workflows/dictation-prompt.lock.yml +++ b/.github/workflows/dictation-prompt.lock.yml @@ -252,10 +252,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/docs-noob-tester.lock.yml b/.github/workflows/docs-noob-tester.lock.yml index a104f35d62..3d305dc9a3 100644 --- a/.github/workflows/docs-noob-tester.lock.yml +++ b/.github/workflows/docs-noob-tester.lock.yml @@ -252,10 +252,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/example-permissions-warning.lock.yml b/.github/workflows/example-permissions-warning.lock.yml index 589148d618..a3903fef1a 100644 --- a/.github/workflows/example-permissions-warning.lock.yml +++ b/.github/workflows/example-permissions-warning.lock.yml @@ -238,10 +238,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/firewall-escape.lock.yml b/.github/workflows/firewall-escape.lock.yml index 2a203bbb2b..d21cb2c811 100644 --- a/.github/workflows/firewall-escape.lock.yml +++ b/.github/workflows/firewall-escape.lock.yml @@ -265,10 +265,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/firewall.lock.yml b/.github/workflows/firewall.lock.yml index c3f5f344db..03d5fd4cc3 100644 --- a/.github/workflows/firewall.lock.yml +++ b/.github/workflows/firewall.lock.yml @@ -238,10 +238,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/glossary-maintainer.lock.yml b/.github/workflows/glossary-maintainer.lock.yml index 9adcbb2a37..943feb69c5 100644 --- a/.github/workflows/glossary-maintainer.lock.yml +++ b/.github/workflows/glossary-maintainer.lock.yml @@ -281,10 +281,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/go-file-size-reduction-project64.campaign.g.lock.yml b/.github/workflows/go-file-size-reduction-project64.campaign.g.lock.yml index 310bbed0cf..26f63f37b7 100644 --- a/.github/workflows/go-file-size-reduction-project64.campaign.g.lock.yml +++ b/.github/workflows/go-file-size-reduction-project64.campaign.g.lock.yml @@ -248,10 +248,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/go-file-size-reduction.campaign.g.lock.yml b/.github/workflows/go-file-size-reduction.campaign.g.lock.yml index d191aca8af..256f3c985e 100644 --- a/.github/workflows/go-file-size-reduction.campaign.g.lock.yml +++ b/.github/workflows/go-file-size-reduction.campaign.g.lock.yml @@ -248,10 +248,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/grumpy-reviewer.lock.yml b/.github/workflows/grumpy-reviewer.lock.yml index ff3725b430..8b87d9d98a 100644 --- a/.github/workflows/grumpy-reviewer.lock.yml +++ b/.github/workflows/grumpy-reviewer.lock.yml @@ -1000,10 +1000,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/hourly-ci-cleaner.lock.yml b/.github/workflows/hourly-ci-cleaner.lock.yml index 0f33974ed7..33cd4925ec 100644 --- a/.github/workflows/hourly-ci-cleaner.lock.yml +++ b/.github/workflows/hourly-ci-cleaner.lock.yml @@ -280,10 +280,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/human-ai-collaboration.lock.yml b/.github/workflows/human-ai-collaboration.lock.yml index b8b6f425f0..81b5614cf8 100644 --- a/.github/workflows/human-ai-collaboration.lock.yml +++ b/.github/workflows/human-ai-collaboration.lock.yml @@ -279,10 +279,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/incident-response.lock.yml b/.github/workflows/incident-response.lock.yml index ac4edf59ae..63f273d13a 100644 --- a/.github/workflows/incident-response.lock.yml +++ b/.github/workflows/incident-response.lock.yml @@ -293,10 +293,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/intelligence.lock.yml b/.github/workflows/intelligence.lock.yml index 64d9382016..7d10fcd72e 100644 --- a/.github/workflows/intelligence.lock.yml +++ b/.github/workflows/intelligence.lock.yml @@ -333,10 +333,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/issue-monster.lock.yml b/.github/workflows/issue-monster.lock.yml index 160cea3cba..77a4b4f211 100644 --- a/.github/workflows/issue-monster.lock.yml +++ b/.github/workflows/issue-monster.lock.yml @@ -258,10 +258,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/issue-triage-agent.lock.yml b/.github/workflows/issue-triage-agent.lock.yml index 3702c294a3..80d6cc45d4 100644 --- a/.github/workflows/issue-triage-agent.lock.yml +++ b/.github/workflows/issue-triage-agent.lock.yml @@ -203,10 +203,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/jsweep.lock.yml b/.github/workflows/jsweep.lock.yml index 1d5139901e..73ff1a7ffd 100644 --- a/.github/workflows/jsweep.lock.yml +++ b/.github/workflows/jsweep.lock.yml @@ -278,10 +278,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/layout-spec-maintainer.lock.yml b/.github/workflows/layout-spec-maintainer.lock.yml index 528eeed2b6..7ae992a97d 100644 --- a/.github/workflows/layout-spec-maintainer.lock.yml +++ b/.github/workflows/layout-spec-maintainer.lock.yml @@ -254,10 +254,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/mcp-inspector.lock.yml b/.github/workflows/mcp-inspector.lock.yml index a56f424b78..3b41495c50 100644 --- a/.github/workflows/mcp-inspector.lock.yml +++ b/.github/workflows/mcp-inspector.lock.yml @@ -314,10 +314,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/mergefest.lock.yml b/.github/workflows/mergefest.lock.yml index 60cd035afd..121521b9ac 100644 --- a/.github/workflows/mergefest.lock.yml +++ b/.github/workflows/mergefest.lock.yml @@ -659,10 +659,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/notion-issue-summary.lock.yml b/.github/workflows/notion-issue-summary.lock.yml index a59a84df28..43fd929185 100644 --- a/.github/workflows/notion-issue-summary.lock.yml +++ b/.github/workflows/notion-issue-summary.lock.yml @@ -255,10 +255,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/org-health-report.lock.yml b/.github/workflows/org-health-report.lock.yml index ecdff07d65..9c6e4503f4 100644 --- a/.github/workflows/org-health-report.lock.yml +++ b/.github/workflows/org-health-report.lock.yml @@ -300,10 +300,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/org-wide-rollout.lock.yml b/.github/workflows/org-wide-rollout.lock.yml index ff4746cd24..e1d8ba207b 100644 --- a/.github/workflows/org-wide-rollout.lock.yml +++ b/.github/workflows/org-wide-rollout.lock.yml @@ -300,10 +300,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/pdf-summary.lock.yml b/.github/workflows/pdf-summary.lock.yml index 7dfc7666c8..05c065d8ee 100644 --- a/.github/workflows/pdf-summary.lock.yml +++ b/.github/workflows/pdf-summary.lock.yml @@ -1025,10 +1025,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/plan.lock.yml b/.github/workflows/plan.lock.yml index ba77b65e3e..875e20bfa8 100644 --- a/.github/workflows/plan.lock.yml +++ b/.github/workflows/plan.lock.yml @@ -985,10 +985,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/poem-bot.lock.yml b/.github/workflows/poem-bot.lock.yml index f2aa070bbb..6ba3178cc3 100644 --- a/.github/workflows/poem-bot.lock.yml +++ b/.github/workflows/poem-bot.lock.yml @@ -1007,10 +1007,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/portfolio-analyst.lock.yml b/.github/workflows/portfolio-analyst.lock.yml index a34802ff7a..7a1006aae2 100644 --- a/.github/workflows/portfolio-analyst.lock.yml +++ b/.github/workflows/portfolio-analyst.lock.yml @@ -322,10 +322,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/pr-nitpick-reviewer.lock.yml b/.github/workflows/pr-nitpick-reviewer.lock.yml index 0344133135..97257a1859 100644 --- a/.github/workflows/pr-nitpick-reviewer.lock.yml +++ b/.github/workflows/pr-nitpick-reviewer.lock.yml @@ -704,10 +704,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/python-data-charts.lock.yml b/.github/workflows/python-data-charts.lock.yml index e16e780e00..087d56df1f 100644 --- a/.github/workflows/python-data-charts.lock.yml +++ b/.github/workflows/python-data-charts.lock.yml @@ -294,10 +294,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/q.lock.yml b/.github/workflows/q.lock.yml index 5fd4c21dc0..a3935270ef 100644 --- a/.github/workflows/q.lock.yml +++ b/.github/workflows/q.lock.yml @@ -1053,10 +1053,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/release.lock.yml b/.github/workflows/release.lock.yml index f2b0bc8803..c3bccb125d 100644 --- a/.github/workflows/release.lock.yml +++ b/.github/workflows/release.lock.yml @@ -258,10 +258,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/repo-tree-map.lock.yml b/.github/workflows/repo-tree-map.lock.yml index 49bc091547..1e49822c0a 100644 --- a/.github/workflows/repo-tree-map.lock.yml +++ b/.github/workflows/repo-tree-map.lock.yml @@ -253,10 +253,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/repository-quality-improver.lock.yml b/.github/workflows/repository-quality-improver.lock.yml index 365ad1c514..e71e89e52d 100644 --- a/.github/workflows/repository-quality-improver.lock.yml +++ b/.github/workflows/repository-quality-improver.lock.yml @@ -278,10 +278,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/research.lock.yml b/.github/workflows/research.lock.yml index 99e2ca5e63..3e862e1fb0 100644 --- a/.github/workflows/research.lock.yml +++ b/.github/workflows/research.lock.yml @@ -256,10 +256,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/security-compliance.lock.yml b/.github/workflows/security-compliance.lock.yml index de344e3068..4046f1f087 100644 --- a/.github/workflows/security-compliance.lock.yml +++ b/.github/workflows/security-compliance.lock.yml @@ -284,10 +284,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/slide-deck-maintainer.lock.yml b/.github/workflows/slide-deck-maintainer.lock.yml index ad29cb921a..2e973356b1 100644 --- a/.github/workflows/slide-deck-maintainer.lock.yml +++ b/.github/workflows/slide-deck-maintainer.lock.yml @@ -282,10 +282,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/smoke-copilot-playwright.lock.yml b/.github/workflows/smoke-copilot-playwright.lock.yml index 36a2773ad3..0a00ce7d8c 100644 --- a/.github/workflows/smoke-copilot-playwright.lock.yml +++ b/.github/workflows/smoke-copilot-playwright.lock.yml @@ -695,10 +695,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/smoke-copilot-safe-inputs.lock.yml b/.github/workflows/smoke-copilot-safe-inputs.lock.yml index 577db5f6e6..2a97eb771c 100644 --- a/.github/workflows/smoke-copilot-safe-inputs.lock.yml +++ b/.github/workflows/smoke-copilot-safe-inputs.lock.yml @@ -676,10 +676,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Write Safe Outputs Config diff --git a/.github/workflows/smoke-copilot.lock.yml b/.github/workflows/smoke-copilot.lock.yml index 696d5329cf..6a354065b7 100644 --- a/.github/workflows/smoke-copilot.lock.yml +++ b/.github/workflows/smoke-copilot.lock.yml @@ -676,10 +676,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/spec-kit-execute.lock.yml b/.github/workflows/spec-kit-execute.lock.yml index 5bef88aaca..fcdee327fb 100644 --- a/.github/workflows/spec-kit-execute.lock.yml +++ b/.github/workflows/spec-kit-execute.lock.yml @@ -292,10 +292,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Write Safe Outputs Config diff --git a/.github/workflows/spec-kit-executor.lock.yml b/.github/workflows/spec-kit-executor.lock.yml index a3e6041b2d..676bad525d 100644 --- a/.github/workflows/spec-kit-executor.lock.yml +++ b/.github/workflows/spec-kit-executor.lock.yml @@ -293,10 +293,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/speckit-dispatcher.lock.yml b/.github/workflows/speckit-dispatcher.lock.yml index 4b51a391bc..34cb91a3d4 100644 --- a/.github/workflows/speckit-dispatcher.lock.yml +++ b/.github/workflows/speckit-dispatcher.lock.yml @@ -1008,10 +1008,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/stale-repo-identifier.lock.yml b/.github/workflows/stale-repo-identifier.lock.yml index c3a93a29db..17f714402e 100644 --- a/.github/workflows/stale-repo-identifier.lock.yml +++ b/.github/workflows/stale-repo-identifier.lock.yml @@ -343,10 +343,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/sub-issue-closer.lock.yml b/.github/workflows/sub-issue-closer.lock.yml index 4246aed312..7b74fcd045 100644 --- a/.github/workflows/sub-issue-closer.lock.yml +++ b/.github/workflows/sub-issue-closer.lock.yml @@ -248,10 +248,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/super-linter.lock.yml b/.github/workflows/super-linter.lock.yml index 749fa7a53e..60329bdfa0 100644 --- a/.github/workflows/super-linter.lock.yml +++ b/.github/workflows/super-linter.lock.yml @@ -276,10 +276,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/technical-doc-writer.lock.yml b/.github/workflows/technical-doc-writer.lock.yml index ba2b2ccfa2..b707cdf81c 100644 --- a/.github/workflows/technical-doc-writer.lock.yml +++ b/.github/workflows/technical-doc-writer.lock.yml @@ -291,10 +291,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/tidy.lock.yml b/.github/workflows/tidy.lock.yml index 34e00eac9a..4baebe4aa7 100644 --- a/.github/workflows/tidy.lock.yml +++ b/.github/workflows/tidy.lock.yml @@ -680,10 +680,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/video-analyzer.lock.yml b/.github/workflows/video-analyzer.lock.yml index 7efe8cff22..8bd70f4e1c 100644 --- a/.github/workflows/video-analyzer.lock.yml +++ b/.github/workflows/video-analyzer.lock.yml @@ -263,10 +263,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/weekly-issue-summary.lock.yml b/.github/workflows/weekly-issue-summary.lock.yml index 03acd3233d..8d8f9967ba 100644 --- a/.github/workflows/weekly-issue-summary.lock.yml +++ b/.github/workflows/weekly-issue-summary.lock.yml @@ -251,10 +251,8 @@ jobs: copilot --version - name: Install awf binary run: | - echo "Installing awf from release: v0.7.0" - curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-x64 -o awf - chmod +x awf - sudo mv awf /usr/local/bin/ + echo "Installing awf via installer script (requested version: v0.7.0)" + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash which awf awf --version - name: Downloading container images diff --git a/pkg/workflow/copilot_engine.go b/pkg/workflow/copilot_engine.go index 13913e75e2..00b1aa5292 100644 --- a/pkg/workflow/copilot_engine.go +++ b/pkg/workflow/copilot_engine.go @@ -1122,25 +1122,19 @@ func generateAWFInstallationStep(version string, agentConfig *AgentSandboxConfig return GitHubActionStep([]string{}) } - stepLines := []string{ - " - name: Install awf binary", - " run: |", - } - - // Use default version if not specified to ensure reproducible builds + // Use default version for logging when not specified if version == "" { version = string(constants.DefaultFirewallVersion) } - stepLines = append(stepLines, fmt.Sprintf(" echo \"Installing awf from release: %s\"", version)) - stepLines = append(stepLines, fmt.Sprintf(" curl -L https://github.com/githubnext/gh-aw-firewall/releases/download/%s/awf-linux-x64 -o awf", version)) - - stepLines = append(stepLines, - " chmod +x awf", - " sudo mv awf /usr/local/bin/", + stepLines := []string{ + " - name: Install awf binary", + " run: |", + fmt.Sprintf(" echo \"Installing awf via installer script (requested version: %s)\"", version), + " curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash", " which awf", " awf --version", - ) + } return GitHubActionStep(stepLines) } diff --git a/pkg/workflow/firewall_version_pinning_test.go b/pkg/workflow/firewall_version_pinning_test.go index 2dbd923b6e..6fa56c7e2e 100644 --- a/pkg/workflow/firewall_version_pinning_test.go +++ b/pkg/workflow/firewall_version_pinning_test.go @@ -13,31 +13,15 @@ func TestAWFInstallationStepDefaultVersion(t *testing.T) { step := generateAWFInstallationStep("", nil) stepStr := strings.Join(step, "\n") - // Should NOT contain gh release view command - if strings.Contains(stepStr, "gh release view") { - t.Error("Should not use dynamic gh release view when default version is available") - } - - // Should NOT contain LATEST_TAG variable - if strings.Contains(stepStr, "LATEST_TAG") { - t.Error("Should not use LATEST_TAG variable when default version is available") - } - - // Should contain the default version expectedVersion := string(constants.DefaultFirewallVersion) - if !strings.Contains(stepStr, expectedVersion) { - t.Errorf("Expected to find default version %s in installation step, but it was not found", expectedVersion) - } + expectedInstaller := "curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash" - // Should NOT have env section with GH_TOKEN - if strings.Contains(stepStr, "GH_TOKEN") { - t.Error("Should not require GH_TOKEN when using default version") + if !strings.Contains(stepStr, expectedInstaller) { + t.Errorf("Expected installer one-liner: %s", expectedInstaller) } - // Verify the curl command uses the default version - expectedURL := "https://github.com/githubnext/gh-aw-firewall/releases/download/" + expectedVersion + "/awf-linux-x64" - if !strings.Contains(stepStr, expectedURL) { - t.Errorf("Expected curl command to download from %s", expectedURL) + if !strings.Contains(stepStr, expectedVersion) { + t.Errorf("Expected to log requested version %s in installation step, but it was not found", expectedVersion) } }) @@ -46,20 +30,14 @@ func TestAWFInstallationStepDefaultVersion(t *testing.T) { step := generateAWFInstallationStep(customVersion, nil) stepStr := strings.Join(step, "\n") - // Should contain the custom version - if !strings.Contains(stepStr, customVersion) { - t.Errorf("Expected to find custom version %s in installation step", customVersion) - } + expectedInstaller := "curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash" - // Should NOT contain the default version - if strings.Contains(stepStr, string(constants.DefaultFirewallVersion)) && string(constants.DefaultFirewallVersion) != customVersion { - t.Error("Should use custom version instead of default version") + if !strings.Contains(stepStr, customVersion) { + t.Errorf("Expected to log custom version %s in installation step", customVersion) } - // Verify the curl command uses the custom version - expectedURL := "https://github.com/githubnext/gh-aw-firewall/releases/download/" + customVersion + "/awf-linux-x64" - if !strings.Contains(stepStr, expectedURL) { - t.Errorf("Expected curl command to download from %s", expectedURL) + if !strings.Contains(stepStr, expectedInstaller) { + t.Errorf("Expected installer one-liner: %s", expectedInstaller) } }) } @@ -98,14 +76,12 @@ func TestCopilotEngineFirewallInstallation(t *testing.T) { t.Fatal("Expected to find AWF installation step when firewall is enabled") } - // Verify it uses the default version + // Verify it logs the default version and uses installer script if !strings.Contains(awfStepStr, string(constants.DefaultFirewallVersion)) { - t.Errorf("AWF installation step should use default version %s", string(constants.DefaultFirewallVersion)) + t.Errorf("AWF installation step should reference default version %s", string(constants.DefaultFirewallVersion)) } - - // Verify it doesn't use dynamic LATEST_TAG - if strings.Contains(awfStepStr, "LATEST_TAG") { - t.Error("AWF installation should not use dynamic LATEST_TAG") + if !strings.Contains(awfStepStr, "raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh") { + t.Error("AWF installation should use the installer script") } }) @@ -143,10 +119,14 @@ func TestCopilotEngineFirewallInstallation(t *testing.T) { t.Fatal("Expected to find AWF installation step when firewall is enabled") } - // Verify it uses the custom version + // Verify it logs the custom version if !strings.Contains(awfStepStr, customVersion) { t.Errorf("AWF installation step should use custom version %s", customVersion) } + + if !strings.Contains(awfStepStr, "raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh") { + t.Error("AWF installation should use the installer script") + } }) t.Run("does not include AWF installation when firewall disabled", func(t *testing.T) { From 8309477d926b8ee3fd1f03fa42c6a169ec7f7654 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 19 Dec 2025 21:10:16 +0000 Subject: [PATCH 3/4] chore: pin awf version via installer Co-authored-by: Mossaka <5447827+Mossaka@users.noreply.github.com> --- .github/workflows/ai-moderator.lock.yml | 2 +- .github/workflows/archie.lock.yml | 2 +- .github/workflows/artifacts-summary.lock.yml | 2 +- .github/workflows/brave.lock.yml | 2 +- .github/workflows/breaking-change-checker.lock.yml | 2 +- .github/workflows/campaign-generator.lock.yml | 2 +- .github/workflows/ci-coach.lock.yml | 2 +- .github/workflows/ci-doctor.lock.yml | 2 +- .github/workflows/cli-consistency-checker.lock.yml | 2 +- .github/workflows/copilot-pr-merged-report.lock.yml | 2 +- .github/workflows/copilot-pr-nlp-analysis.lock.yml | 2 +- .github/workflows/copilot-pr-prompt-analysis.lock.yml | 2 +- .github/workflows/craft.lock.yml | 2 +- .github/workflows/daily-assign-issue-to-user.lock.yml | 2 +- .github/workflows/daily-copilot-token-report.lock.yml | 2 +- .github/workflows/daily-file-diet.lock.yml | 2 +- .github/workflows/daily-firewall-report.lock.yml | 2 +- .github/workflows/daily-malicious-code-scan.lock.yml | 2 +- .github/workflows/daily-news.lock.yml | 2 +- .github/workflows/daily-repo-chronicle.lock.yml | 2 +- .github/workflows/daily-team-status.lock.yml | 2 +- .github/workflows/daily-workflow-updater.lock.yml | 2 +- .github/workflows/dependabot-go-checker.lock.yml | 2 +- .github/workflows/dev-hawk.lock.yml | 2 +- .github/workflows/dev.lock.yml | 2 +- .github/workflows/dictation-prompt.lock.yml | 2 +- .github/workflows/docs-noob-tester.lock.yml | 2 +- .github/workflows/example-permissions-warning.lock.yml | 2 +- .github/workflows/firewall-escape.lock.yml | 2 +- .github/workflows/firewall.lock.yml | 2 +- .github/workflows/glossary-maintainer.lock.yml | 2 +- .../go-file-size-reduction-project64.campaign.g.lock.yml | 2 +- .github/workflows/go-file-size-reduction.campaign.g.lock.yml | 2 +- .github/workflows/grumpy-reviewer.lock.yml | 2 +- .github/workflows/hourly-ci-cleaner.lock.yml | 2 +- .github/workflows/human-ai-collaboration.lock.yml | 2 +- .github/workflows/incident-response.lock.yml | 2 +- .github/workflows/intelligence.lock.yml | 2 +- .github/workflows/issue-monster.lock.yml | 2 +- .github/workflows/issue-triage-agent.lock.yml | 2 +- .github/workflows/jsweep.lock.yml | 2 +- .github/workflows/layout-spec-maintainer.lock.yml | 2 +- .github/workflows/mcp-inspector.lock.yml | 2 +- .github/workflows/mergefest.lock.yml | 2 +- .github/workflows/notion-issue-summary.lock.yml | 2 +- .github/workflows/org-health-report.lock.yml | 2 +- .github/workflows/org-wide-rollout.lock.yml | 2 +- .github/workflows/pdf-summary.lock.yml | 2 +- .github/workflows/plan.lock.yml | 2 +- .github/workflows/poem-bot.lock.yml | 2 +- .github/workflows/portfolio-analyst.lock.yml | 2 +- .github/workflows/pr-nitpick-reviewer.lock.yml | 2 +- .github/workflows/python-data-charts.lock.yml | 2 +- .github/workflows/q.lock.yml | 2 +- .github/workflows/release.lock.yml | 2 +- .github/workflows/repo-tree-map.lock.yml | 2 +- .github/workflows/repository-quality-improver.lock.yml | 2 +- .github/workflows/research.lock.yml | 2 +- .github/workflows/security-compliance.lock.yml | 2 +- .github/workflows/slide-deck-maintainer.lock.yml | 2 +- .github/workflows/smoke-copilot-playwright.lock.yml | 2 +- .github/workflows/smoke-copilot-safe-inputs.lock.yml | 2 +- .github/workflows/smoke-copilot.lock.yml | 2 +- .github/workflows/spec-kit-execute.lock.yml | 2 +- .github/workflows/spec-kit-executor.lock.yml | 2 +- .github/workflows/speckit-dispatcher.lock.yml | 2 +- .github/workflows/stale-repo-identifier.lock.yml | 2 +- .github/workflows/sub-issue-closer.lock.yml | 2 +- .github/workflows/super-linter.lock.yml | 2 +- .github/workflows/technical-doc-writer.lock.yml | 2 +- .github/workflows/tidy.lock.yml | 2 +- .github/workflows/video-analyzer.lock.yml | 2 +- .github/workflows/weekly-issue-summary.lock.yml | 2 +- pkg/workflow/copilot_engine.go | 2 +- pkg/workflow/firewall_version_pinning_test.go | 4 ++-- 75 files changed, 76 insertions(+), 76 deletions(-) diff --git a/.github/workflows/ai-moderator.lock.yml b/.github/workflows/ai-moderator.lock.yml index f793b217db..be03f7456d 100644 --- a/.github/workflows/ai-moderator.lock.yml +++ b/.github/workflows/ai-moderator.lock.yml @@ -305,7 +305,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/archie.lock.yml b/.github/workflows/archie.lock.yml index aea5d87aca..0f49f57b8a 100644 --- a/.github/workflows/archie.lock.yml +++ b/.github/workflows/archie.lock.yml @@ -1007,7 +1007,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/artifacts-summary.lock.yml b/.github/workflows/artifacts-summary.lock.yml index 5798b57db3..fc75dcd144 100644 --- a/.github/workflows/artifacts-summary.lock.yml +++ b/.github/workflows/artifacts-summary.lock.yml @@ -254,7 +254,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/brave.lock.yml b/.github/workflows/brave.lock.yml index 153ac7c523..6cd6eff87f 100644 --- a/.github/workflows/brave.lock.yml +++ b/.github/workflows/brave.lock.yml @@ -986,7 +986,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/breaking-change-checker.lock.yml b/.github/workflows/breaking-change-checker.lock.yml index 27539cded1..3db14beb01 100644 --- a/.github/workflows/breaking-change-checker.lock.yml +++ b/.github/workflows/breaking-change-checker.lock.yml @@ -251,7 +251,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/campaign-generator.lock.yml b/.github/workflows/campaign-generator.lock.yml index 6378ff9c9b..8b2f49fd83 100644 --- a/.github/workflows/campaign-generator.lock.yml +++ b/.github/workflows/campaign-generator.lock.yml @@ -297,7 +297,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/ci-coach.lock.yml b/.github/workflows/ci-coach.lock.yml index 36e5775ba5..c6f5039bd9 100644 --- a/.github/workflows/ci-coach.lock.yml +++ b/.github/workflows/ci-coach.lock.yml @@ -309,7 +309,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/ci-doctor.lock.yml b/.github/workflows/ci-doctor.lock.yml index 56203ada8b..9e38ed2579 100644 --- a/.github/workflows/ci-doctor.lock.yml +++ b/.github/workflows/ci-doctor.lock.yml @@ -281,7 +281,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/cli-consistency-checker.lock.yml b/.github/workflows/cli-consistency-checker.lock.yml index b25ea4645e..7c065e53fd 100644 --- a/.github/workflows/cli-consistency-checker.lock.yml +++ b/.github/workflows/cli-consistency-checker.lock.yml @@ -250,7 +250,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/copilot-pr-merged-report.lock.yml b/.github/workflows/copilot-pr-merged-report.lock.yml index 4e60dfa9c3..34ebe14a12 100644 --- a/.github/workflows/copilot-pr-merged-report.lock.yml +++ b/.github/workflows/copilot-pr-merged-report.lock.yml @@ -255,7 +255,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Write Safe Outputs Config diff --git a/.github/workflows/copilot-pr-nlp-analysis.lock.yml b/.github/workflows/copilot-pr-nlp-analysis.lock.yml index 167052af0e..cfeec93b78 100644 --- a/.github/workflows/copilot-pr-nlp-analysis.lock.yml +++ b/.github/workflows/copilot-pr-nlp-analysis.lock.yml @@ -313,7 +313,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/copilot-pr-prompt-analysis.lock.yml b/.github/workflows/copilot-pr-prompt-analysis.lock.yml index 0838ac1641..4f3bcf3b17 100644 --- a/.github/workflows/copilot-pr-prompt-analysis.lock.yml +++ b/.github/workflows/copilot-pr-prompt-analysis.lock.yml @@ -281,7 +281,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/craft.lock.yml b/.github/workflows/craft.lock.yml index f048ead767..f5ad55552c 100644 --- a/.github/workflows/craft.lock.yml +++ b/.github/workflows/craft.lock.yml @@ -987,7 +987,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/daily-assign-issue-to-user.lock.yml b/.github/workflows/daily-assign-issue-to-user.lock.yml index a84abebf07..559774b7dd 100644 --- a/.github/workflows/daily-assign-issue-to-user.lock.yml +++ b/.github/workflows/daily-assign-issue-to-user.lock.yml @@ -249,7 +249,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/daily-copilot-token-report.lock.yml b/.github/workflows/daily-copilot-token-report.lock.yml index acb14538d0..965dac3731 100644 --- a/.github/workflows/daily-copilot-token-report.lock.yml +++ b/.github/workflows/daily-copilot-token-report.lock.yml @@ -300,7 +300,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/daily-file-diet.lock.yml b/.github/workflows/daily-file-diet.lock.yml index b4e9daf1a9..9bbfc92836 100644 --- a/.github/workflows/daily-file-diet.lock.yml +++ b/.github/workflows/daily-file-diet.lock.yml @@ -341,7 +341,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/daily-firewall-report.lock.yml b/.github/workflows/daily-firewall-report.lock.yml index e95f991124..fcf7c8650b 100644 --- a/.github/workflows/daily-firewall-report.lock.yml +++ b/.github/workflows/daily-firewall-report.lock.yml @@ -343,7 +343,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/daily-malicious-code-scan.lock.yml b/.github/workflows/daily-malicious-code-scan.lock.yml index 7b15f9398f..79e8195677 100644 --- a/.github/workflows/daily-malicious-code-scan.lock.yml +++ b/.github/workflows/daily-malicious-code-scan.lock.yml @@ -250,7 +250,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/daily-news.lock.yml b/.github/workflows/daily-news.lock.yml index c27e18c304..fe43235e52 100644 --- a/.github/workflows/daily-news.lock.yml +++ b/.github/workflows/daily-news.lock.yml @@ -308,7 +308,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/daily-repo-chronicle.lock.yml b/.github/workflows/daily-repo-chronicle.lock.yml index 906642d625..6ddeaa63cb 100644 --- a/.github/workflows/daily-repo-chronicle.lock.yml +++ b/.github/workflows/daily-repo-chronicle.lock.yml @@ -297,7 +297,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/daily-team-status.lock.yml b/.github/workflows/daily-team-status.lock.yml index fe67681125..6b1c97f320 100644 --- a/.github/workflows/daily-team-status.lock.yml +++ b/.github/workflows/daily-team-status.lock.yml @@ -263,7 +263,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/daily-workflow-updater.lock.yml b/.github/workflows/daily-workflow-updater.lock.yml index c400535453..74991b74ba 100644 --- a/.github/workflows/daily-workflow-updater.lock.yml +++ b/.github/workflows/daily-workflow-updater.lock.yml @@ -250,7 +250,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/dependabot-go-checker.lock.yml b/.github/workflows/dependabot-go-checker.lock.yml index 775fc68ff1..d58bac1eba 100644 --- a/.github/workflows/dependabot-go-checker.lock.yml +++ b/.github/workflows/dependabot-go-checker.lock.yml @@ -251,7 +251,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/dev-hawk.lock.yml b/.github/workflows/dev-hawk.lock.yml index d9dbb4363c..8a90a63292 100644 --- a/.github/workflows/dev-hawk.lock.yml +++ b/.github/workflows/dev-hawk.lock.yml @@ -280,7 +280,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/dev.lock.yml b/.github/workflows/dev.lock.yml index b99f5e370f..621dbbda91 100644 --- a/.github/workflows/dev.lock.yml +++ b/.github/workflows/dev.lock.yml @@ -250,7 +250,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/dictation-prompt.lock.yml b/.github/workflows/dictation-prompt.lock.yml index a7b44022cb..97587146b7 100644 --- a/.github/workflows/dictation-prompt.lock.yml +++ b/.github/workflows/dictation-prompt.lock.yml @@ -253,7 +253,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/docs-noob-tester.lock.yml b/.github/workflows/docs-noob-tester.lock.yml index 3d305dc9a3..c4b86e2c1a 100644 --- a/.github/workflows/docs-noob-tester.lock.yml +++ b/.github/workflows/docs-noob-tester.lock.yml @@ -253,7 +253,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/example-permissions-warning.lock.yml b/.github/workflows/example-permissions-warning.lock.yml index a3903fef1a..e88d21e354 100644 --- a/.github/workflows/example-permissions-warning.lock.yml +++ b/.github/workflows/example-permissions-warning.lock.yml @@ -239,7 +239,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/firewall-escape.lock.yml b/.github/workflows/firewall-escape.lock.yml index d21cb2c811..9b3ce6c129 100644 --- a/.github/workflows/firewall-escape.lock.yml +++ b/.github/workflows/firewall-escape.lock.yml @@ -266,7 +266,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/firewall.lock.yml b/.github/workflows/firewall.lock.yml index 03d5fd4cc3..1485e37558 100644 --- a/.github/workflows/firewall.lock.yml +++ b/.github/workflows/firewall.lock.yml @@ -239,7 +239,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/glossary-maintainer.lock.yml b/.github/workflows/glossary-maintainer.lock.yml index 943feb69c5..28d9d94734 100644 --- a/.github/workflows/glossary-maintainer.lock.yml +++ b/.github/workflows/glossary-maintainer.lock.yml @@ -282,7 +282,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/go-file-size-reduction-project64.campaign.g.lock.yml b/.github/workflows/go-file-size-reduction-project64.campaign.g.lock.yml index 26f63f37b7..3c7949de76 100644 --- a/.github/workflows/go-file-size-reduction-project64.campaign.g.lock.yml +++ b/.github/workflows/go-file-size-reduction-project64.campaign.g.lock.yml @@ -249,7 +249,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/go-file-size-reduction.campaign.g.lock.yml b/.github/workflows/go-file-size-reduction.campaign.g.lock.yml index 256f3c985e..040e75547a 100644 --- a/.github/workflows/go-file-size-reduction.campaign.g.lock.yml +++ b/.github/workflows/go-file-size-reduction.campaign.g.lock.yml @@ -249,7 +249,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/grumpy-reviewer.lock.yml b/.github/workflows/grumpy-reviewer.lock.yml index 8b87d9d98a..663e94e284 100644 --- a/.github/workflows/grumpy-reviewer.lock.yml +++ b/.github/workflows/grumpy-reviewer.lock.yml @@ -1001,7 +1001,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/hourly-ci-cleaner.lock.yml b/.github/workflows/hourly-ci-cleaner.lock.yml index 33cd4925ec..785af378d6 100644 --- a/.github/workflows/hourly-ci-cleaner.lock.yml +++ b/.github/workflows/hourly-ci-cleaner.lock.yml @@ -281,7 +281,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/human-ai-collaboration.lock.yml b/.github/workflows/human-ai-collaboration.lock.yml index 81b5614cf8..9b63584c77 100644 --- a/.github/workflows/human-ai-collaboration.lock.yml +++ b/.github/workflows/human-ai-collaboration.lock.yml @@ -280,7 +280,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/incident-response.lock.yml b/.github/workflows/incident-response.lock.yml index 63f273d13a..0f8f751616 100644 --- a/.github/workflows/incident-response.lock.yml +++ b/.github/workflows/incident-response.lock.yml @@ -294,7 +294,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/intelligence.lock.yml b/.github/workflows/intelligence.lock.yml index 7d10fcd72e..6f88ecc98e 100644 --- a/.github/workflows/intelligence.lock.yml +++ b/.github/workflows/intelligence.lock.yml @@ -334,7 +334,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/issue-monster.lock.yml b/.github/workflows/issue-monster.lock.yml index 77a4b4f211..250001df7c 100644 --- a/.github/workflows/issue-monster.lock.yml +++ b/.github/workflows/issue-monster.lock.yml @@ -259,7 +259,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/issue-triage-agent.lock.yml b/.github/workflows/issue-triage-agent.lock.yml index 80d6cc45d4..bd41ac44bd 100644 --- a/.github/workflows/issue-triage-agent.lock.yml +++ b/.github/workflows/issue-triage-agent.lock.yml @@ -204,7 +204,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/jsweep.lock.yml b/.github/workflows/jsweep.lock.yml index 73ff1a7ffd..61c8c84585 100644 --- a/.github/workflows/jsweep.lock.yml +++ b/.github/workflows/jsweep.lock.yml @@ -279,7 +279,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/layout-spec-maintainer.lock.yml b/.github/workflows/layout-spec-maintainer.lock.yml index 7ae992a97d..3818b64fa6 100644 --- a/.github/workflows/layout-spec-maintainer.lock.yml +++ b/.github/workflows/layout-spec-maintainer.lock.yml @@ -255,7 +255,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/mcp-inspector.lock.yml b/.github/workflows/mcp-inspector.lock.yml index 3b41495c50..816580a5b0 100644 --- a/.github/workflows/mcp-inspector.lock.yml +++ b/.github/workflows/mcp-inspector.lock.yml @@ -315,7 +315,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/mergefest.lock.yml b/.github/workflows/mergefest.lock.yml index 121521b9ac..9a15f988f8 100644 --- a/.github/workflows/mergefest.lock.yml +++ b/.github/workflows/mergefest.lock.yml @@ -660,7 +660,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/notion-issue-summary.lock.yml b/.github/workflows/notion-issue-summary.lock.yml index 43fd929185..0d6e448169 100644 --- a/.github/workflows/notion-issue-summary.lock.yml +++ b/.github/workflows/notion-issue-summary.lock.yml @@ -256,7 +256,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/org-health-report.lock.yml b/.github/workflows/org-health-report.lock.yml index 9c6e4503f4..043f267150 100644 --- a/.github/workflows/org-health-report.lock.yml +++ b/.github/workflows/org-health-report.lock.yml @@ -301,7 +301,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/org-wide-rollout.lock.yml b/.github/workflows/org-wide-rollout.lock.yml index e1d8ba207b..c371301338 100644 --- a/.github/workflows/org-wide-rollout.lock.yml +++ b/.github/workflows/org-wide-rollout.lock.yml @@ -301,7 +301,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/pdf-summary.lock.yml b/.github/workflows/pdf-summary.lock.yml index 05c065d8ee..76018ef78d 100644 --- a/.github/workflows/pdf-summary.lock.yml +++ b/.github/workflows/pdf-summary.lock.yml @@ -1026,7 +1026,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/plan.lock.yml b/.github/workflows/plan.lock.yml index 875e20bfa8..047ac7513d 100644 --- a/.github/workflows/plan.lock.yml +++ b/.github/workflows/plan.lock.yml @@ -986,7 +986,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/poem-bot.lock.yml b/.github/workflows/poem-bot.lock.yml index 6ba3178cc3..68d80611e8 100644 --- a/.github/workflows/poem-bot.lock.yml +++ b/.github/workflows/poem-bot.lock.yml @@ -1008,7 +1008,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/portfolio-analyst.lock.yml b/.github/workflows/portfolio-analyst.lock.yml index 7a1006aae2..c6fb5c4b8e 100644 --- a/.github/workflows/portfolio-analyst.lock.yml +++ b/.github/workflows/portfolio-analyst.lock.yml @@ -323,7 +323,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/pr-nitpick-reviewer.lock.yml b/.github/workflows/pr-nitpick-reviewer.lock.yml index 97257a1859..7c8900845f 100644 --- a/.github/workflows/pr-nitpick-reviewer.lock.yml +++ b/.github/workflows/pr-nitpick-reviewer.lock.yml @@ -705,7 +705,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/python-data-charts.lock.yml b/.github/workflows/python-data-charts.lock.yml index 087d56df1f..b06b8ff569 100644 --- a/.github/workflows/python-data-charts.lock.yml +++ b/.github/workflows/python-data-charts.lock.yml @@ -295,7 +295,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/q.lock.yml b/.github/workflows/q.lock.yml index a3935270ef..b829e05762 100644 --- a/.github/workflows/q.lock.yml +++ b/.github/workflows/q.lock.yml @@ -1054,7 +1054,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/release.lock.yml b/.github/workflows/release.lock.yml index c3bccb125d..aded156b46 100644 --- a/.github/workflows/release.lock.yml +++ b/.github/workflows/release.lock.yml @@ -259,7 +259,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/repo-tree-map.lock.yml b/.github/workflows/repo-tree-map.lock.yml index 1e49822c0a..44f45d6aa2 100644 --- a/.github/workflows/repo-tree-map.lock.yml +++ b/.github/workflows/repo-tree-map.lock.yml @@ -254,7 +254,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/repository-quality-improver.lock.yml b/.github/workflows/repository-quality-improver.lock.yml index e71e89e52d..29f3d7700a 100644 --- a/.github/workflows/repository-quality-improver.lock.yml +++ b/.github/workflows/repository-quality-improver.lock.yml @@ -279,7 +279,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/research.lock.yml b/.github/workflows/research.lock.yml index 3e862e1fb0..8da01810be 100644 --- a/.github/workflows/research.lock.yml +++ b/.github/workflows/research.lock.yml @@ -257,7 +257,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/security-compliance.lock.yml b/.github/workflows/security-compliance.lock.yml index 4046f1f087..dc123305fb 100644 --- a/.github/workflows/security-compliance.lock.yml +++ b/.github/workflows/security-compliance.lock.yml @@ -285,7 +285,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/slide-deck-maintainer.lock.yml b/.github/workflows/slide-deck-maintainer.lock.yml index 2e973356b1..b420beed79 100644 --- a/.github/workflows/slide-deck-maintainer.lock.yml +++ b/.github/workflows/slide-deck-maintainer.lock.yml @@ -283,7 +283,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/smoke-copilot-playwright.lock.yml b/.github/workflows/smoke-copilot-playwright.lock.yml index 0a00ce7d8c..2b772a6bc6 100644 --- a/.github/workflows/smoke-copilot-playwright.lock.yml +++ b/.github/workflows/smoke-copilot-playwright.lock.yml @@ -696,7 +696,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/smoke-copilot-safe-inputs.lock.yml b/.github/workflows/smoke-copilot-safe-inputs.lock.yml index 2a97eb771c..ab9053bb7f 100644 --- a/.github/workflows/smoke-copilot-safe-inputs.lock.yml +++ b/.github/workflows/smoke-copilot-safe-inputs.lock.yml @@ -677,7 +677,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Write Safe Outputs Config diff --git a/.github/workflows/smoke-copilot.lock.yml b/.github/workflows/smoke-copilot.lock.yml index 6a354065b7..346d42d098 100644 --- a/.github/workflows/smoke-copilot.lock.yml +++ b/.github/workflows/smoke-copilot.lock.yml @@ -677,7 +677,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/spec-kit-execute.lock.yml b/.github/workflows/spec-kit-execute.lock.yml index fcdee327fb..27b2e7c8d0 100644 --- a/.github/workflows/spec-kit-execute.lock.yml +++ b/.github/workflows/spec-kit-execute.lock.yml @@ -293,7 +293,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Write Safe Outputs Config diff --git a/.github/workflows/spec-kit-executor.lock.yml b/.github/workflows/spec-kit-executor.lock.yml index 676bad525d..12ccab6f01 100644 --- a/.github/workflows/spec-kit-executor.lock.yml +++ b/.github/workflows/spec-kit-executor.lock.yml @@ -294,7 +294,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/speckit-dispatcher.lock.yml b/.github/workflows/speckit-dispatcher.lock.yml index 34cb91a3d4..11ebeba9f2 100644 --- a/.github/workflows/speckit-dispatcher.lock.yml +++ b/.github/workflows/speckit-dispatcher.lock.yml @@ -1009,7 +1009,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/stale-repo-identifier.lock.yml b/.github/workflows/stale-repo-identifier.lock.yml index 17f714402e..01d1775e84 100644 --- a/.github/workflows/stale-repo-identifier.lock.yml +++ b/.github/workflows/stale-repo-identifier.lock.yml @@ -344,7 +344,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/sub-issue-closer.lock.yml b/.github/workflows/sub-issue-closer.lock.yml index 7b74fcd045..e948021e56 100644 --- a/.github/workflows/sub-issue-closer.lock.yml +++ b/.github/workflows/sub-issue-closer.lock.yml @@ -249,7 +249,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/super-linter.lock.yml b/.github/workflows/super-linter.lock.yml index 60329bdfa0..fac406b874 100644 --- a/.github/workflows/super-linter.lock.yml +++ b/.github/workflows/super-linter.lock.yml @@ -277,7 +277,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/technical-doc-writer.lock.yml b/.github/workflows/technical-doc-writer.lock.yml index b707cdf81c..d12e3d4d5b 100644 --- a/.github/workflows/technical-doc-writer.lock.yml +++ b/.github/workflows/technical-doc-writer.lock.yml @@ -292,7 +292,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/tidy.lock.yml b/.github/workflows/tidy.lock.yml index 4baebe4aa7..22ecfbb85c 100644 --- a/.github/workflows/tidy.lock.yml +++ b/.github/workflows/tidy.lock.yml @@ -681,7 +681,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/video-analyzer.lock.yml b/.github/workflows/video-analyzer.lock.yml index 8bd70f4e1c..58388bed97 100644 --- a/.github/workflows/video-analyzer.lock.yml +++ b/.github/workflows/video-analyzer.lock.yml @@ -264,7 +264,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/.github/workflows/weekly-issue-summary.lock.yml b/.github/workflows/weekly-issue-summary.lock.yml index 8d8f9967ba..0cac98f72f 100644 --- a/.github/workflows/weekly-issue-summary.lock.yml +++ b/.github/workflows/weekly-issue-summary.lock.yml @@ -252,7 +252,7 @@ jobs: - name: Install awf binary run: | echo "Installing awf via installer script (requested version: v0.7.0)" - curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash + curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash which awf awf --version - name: Downloading container images diff --git a/pkg/workflow/copilot_engine.go b/pkg/workflow/copilot_engine.go index 00b1aa5292..3b85cfb561 100644 --- a/pkg/workflow/copilot_engine.go +++ b/pkg/workflow/copilot_engine.go @@ -1131,7 +1131,7 @@ func generateAWFInstallationStep(version string, agentConfig *AgentSandboxConfig " - name: Install awf binary", " run: |", fmt.Sprintf(" echo \"Installing awf via installer script (requested version: %s)\"", version), - " curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash", + fmt.Sprintf(" curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=%s bash", version), " which awf", " awf --version", } diff --git a/pkg/workflow/firewall_version_pinning_test.go b/pkg/workflow/firewall_version_pinning_test.go index 6fa56c7e2e..cec7f0cb31 100644 --- a/pkg/workflow/firewall_version_pinning_test.go +++ b/pkg/workflow/firewall_version_pinning_test.go @@ -14,7 +14,7 @@ func TestAWFInstallationStepDefaultVersion(t *testing.T) { stepStr := strings.Join(step, "\n") expectedVersion := string(constants.DefaultFirewallVersion) - expectedInstaller := "curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash" + expectedInstaller := "curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=" + expectedVersion + " bash" if !strings.Contains(stepStr, expectedInstaller) { t.Errorf("Expected installer one-liner: %s", expectedInstaller) @@ -30,7 +30,7 @@ func TestAWFInstallationStepDefaultVersion(t *testing.T) { step := generateAWFInstallationStep(customVersion, nil) stepStr := strings.Join(step, "\n") - expectedInstaller := "curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo bash" + expectedInstaller := "curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=" + customVersion + " bash" if !strings.Contains(stepStr, customVersion) { t.Errorf("Expected to log custom version %s in installation step", customVersion) From 0a2748d8ce1fc3a880077308fd8c5bb99949ba48 Mon Sep 17 00:00:00 2001 From: Copilot <198982749+Copilot@users.noreply.github.com> Date: Fri, 19 Dec 2025 15:26:50 -0800 Subject: [PATCH 4/4] Fix copilot-setup-steps workflow npm ci directory (#7013) --- .github/workflows/copilot-setup-steps.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/copilot-setup-steps.yml b/.github/workflows/copilot-setup-steps.yml index aa093e00f9..7dc400d786 100644 --- a/.github/workflows/copilot-setup-steps.yml +++ b/.github/workflows/copilot-setup-steps.yml @@ -31,7 +31,7 @@ jobs: cache: true go-version-file: go.mod - name: Install JavaScript dependencies - run: npm ci + run: cd pkg/workflow/js && npm ci - name: Install development dependencies run: make deps-dev - name: Build code