Conversation
This release includes the fix for Squid intercept mode for NAT-redirected traffic, which resolves the Codex smoke test OAuth discovery timeouts. Key change: AWF now properly handles transparent proxy traffic by using Squid's intercept mode (port 3129) for NAT-redirected requests. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
There was a problem hiding this comment.
Pull request overview
This PR bumps the gh-aw-firewall (AWF) version from v0.13.4 to v0.13.5 to include a fix for Squid intercept mode. The fix addresses an issue where NAT-redirected traffic was failing with "Invalid URL - Missing hostname" errors because clients sent relative URLs while Squid expected absolute URLs in normal proxy mode. The new version uses Squid's intercept mode (port 3129) for NAT-redirected traffic.
Changes:
- Updated DefaultFirewallVersion constant from "v0.13.4" to "v0.13.5" in pkg/constants/constants.go
- Updated AWF version references in smoke-codex.lock.yml workflow file (4 occurrences)
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| pkg/constants/constants.go | Updated the DefaultFirewallVersion constant to v0.13.5 |
| .github/workflows/smoke-codex.lock.yml | Updated AWF binary installation, Docker image downloads, configuration, and awf command invocations to use version 0.13.5 |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
pkg/constants/constants.go
Outdated
|
|
||
| // DefaultFirewallVersion is the default version of the gh-aw-firewall (AWF) binary | ||
| const DefaultFirewallVersion Version = "v0.13.4" | ||
| const DefaultFirewallVersion Version = "v0.13.5" |
There was a problem hiding this comment.
The version bump from v0.13.4 to v0.13.5 is incomplete. While this PR updates the constant in pkg/constants/constants.go and the smoke-codex.lock.yml workflow file, there are hundreds of other locked workflow files in .github/workflows/ that still reference v0.13.4 and 0.13.4.
All workflow lock files should be updated consistently to use the new v0.13.5 version to ensure the intercept mode fix is applied across all workflows that use AWF. This includes files such as:
- smoke-claude.lock.yml
- smoke-copilot.lock.yml
- All other *.lock.yml files in .github/workflows/
The incomplete update could result in some workflows still using the old version with the Squid intercept mode issue, while only smoke-codex gets the fix.
|
🎉 Smoke Test PASSED - Run §21723712906 Test Results: Overall Status: ✅ PASS cc @Mossaka
|
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
|
📰 DEVELOPING STORY: Smoke Copilot reports was cancelled. Our correspondents are investigating the incident... |
Mossaka
added
smoke-copilot
smoke-claude
smoke
and removed
smoke-claude
smoke-copilot
labels
|
❌ Changeset Generator failed. Please review the logs for details. |
|
📰 BREAKING: Smoke Copilot is now investigating this pull request. Sources say the story is developing... |
|
🎬 THE END — Smoke Claude MISSION: ACCOMPLISHED! The hero saves the day! ✨ |
|
🌑 The shadows whisper... Smoke Codex failed. The oracle requires further meditation... |
Agent Container Tool Check
Result: 11/12 tools available ❌ Missing: .NET runtime (dotnet) is not installed in the agent container. All other common development tools are present and functional.
|
|
🎭 The Smoke Test Agent Has Arrived! 🎭 Like a digital phantom, I materialize from the ether... Just passing through on my automated rounds, testing the boundaries between code and execution. Found this fascinating discussion on secret management—quite the treasure trove of security wisdom! ✨ Run ID: §21724483593 Now vanishing back into the workflow pipelines... 👻
|
Smoke Test Results✅ GitHub MCP Status: PASS
|
Remove --agent-image act from all engine implementations (claude, copilot, codex) and update docker image download to use the default agent container instead of agent-act. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
# Conflicts: # .github/workflows/agent-performance-analyzer.lock.yml # .github/workflows/agent-persona-explorer.lock.yml # .github/workflows/ai-moderator.lock.yml # .github/workflows/archie.lock.yml # .github/workflows/artifacts-summary.lock.yml # .github/workflows/auto-triage-issues.lock.yml # .github/workflows/brave.lock.yml # .github/workflows/breaking-change-checker.lock.yml # .github/workflows/chroma-issue-indexer.lock.yml # .github/workflows/ci-coach.lock.yml # .github/workflows/ci-doctor.lock.yml # .github/workflows/cli-consistency-checker.lock.yml # .github/workflows/code-scanning-fixer.lock.yml # .github/workflows/code-simplifier.lock.yml # .github/workflows/copilot-cli-deep-research.lock.yml # .github/workflows/copilot-pr-merged-report.lock.yml # .github/workflows/copilot-pr-nlp-analysis.lock.yml # .github/workflows/copilot-pr-prompt-analysis.lock.yml # .github/workflows/craft.lock.yml # .github/workflows/daily-assign-issue-to-user.lock.yml # .github/workflows/daily-cli-performance.lock.yml # .github/workflows/daily-compiler-quality.lock.yml # .github/workflows/daily-copilot-token-report.lock.yml # .github/workflows/daily-file-diet.lock.yml # .github/workflows/daily-firewall-report.lock.yml # .github/workflows/daily-malicious-code-scan.lock.yml # .github/workflows/daily-news.lock.yml # .github/workflows/daily-regulatory.lock.yml # .github/workflows/daily-repo-chronicle.lock.yml # .github/workflows/daily-secrets-analysis.lock.yml # .github/workflows/daily-semgrep-scan.lock.yml # .github/workflows/daily-syntax-error-quality.lock.yml # .github/workflows/daily-team-status.lock.yml # .github/workflows/daily-testify-uber-super-expert.lock.yml # .github/workflows/daily-workflow-updater.lock.yml # .github/workflows/delight.lock.yml # .github/workflows/dependabot-go-checker.lock.yml # .github/workflows/dev-hawk.lock.yml # .github/workflows/dev.lock.yml # .github/workflows/dictation-prompt.lock.yml # .github/workflows/discussion-task-miner.lock.yml # .github/workflows/docs-noob-tester.lock.yml # .github/workflows/draft-pr-cleanup.lock.yml # .github/workflows/example-custom-error-patterns.lock.yml # .github/workflows/example-permissions-warning.lock.yml # .github/workflows/firewall-escape.lock.yml # .github/workflows/firewall.lock.yml # .github/workflows/functional-pragmatist.lock.yml # .github/workflows/github-remote-mcp-auth-test.lock.yml # .github/workflows/glossary-maintainer.lock.yml # .github/workflows/grumpy-reviewer.lock.yml # .github/workflows/hourly-ci-cleaner.lock.yml # .github/workflows/issue-monster.lock.yml # .github/workflows/issue-triage-agent.lock.yml # .github/workflows/jsweep.lock.yml # .github/workflows/layout-spec-maintainer.lock.yml # .github/workflows/mcp-inspector.lock.yml # .github/workflows/mergefest.lock.yml # .github/workflows/metrics-collector.lock.yml # .github/workflows/notion-issue-summary.lock.yml # .github/workflows/org-health-report.lock.yml # .github/workflows/pdf-summary.lock.yml # .github/workflows/plan.lock.yml # .github/workflows/poem-bot.lock.yml # .github/workflows/portfolio-analyst.lock.yml # .github/workflows/pr-nitpick-reviewer.lock.yml # .github/workflows/pr-triage-agent.lock.yml # .github/workflows/python-data-charts.lock.yml # .github/workflows/q.lock.yml # .github/workflows/release.lock.yml # .github/workflows/repo-audit-analyzer.lock.yml # .github/workflows/repo-tree-map.lock.yml # .github/workflows/repository-quality-improver.lock.yml # .github/workflows/research.lock.yml # .github/workflows/security-compliance.lock.yml # .github/workflows/security-fix-pr.lock.yml # .github/workflows/security-guard.lock.yml # .github/workflows/security-review.lock.yml # .github/workflows/slide-deck-maintainer.lock.yml # .github/workflows/smoke-copilot.lock.yml # .github/workflows/smoke-test-tools.lock.yml # .github/workflows/stale-repo-identifier.lock.yml # .github/workflows/sub-issue-closer.lock.yml # .github/workflows/super-linter.lock.yml # .github/workflows/technical-doc-writer.lock.yml # .github/workflows/terminal-stylist.lock.yml # .github/workflows/test-dispatcher.lock.yml # .github/workflows/test-project-url-default.lock.yml # .github/workflows/test-workflow.lock.yml # .github/workflows/tidy.lock.yml # .github/workflows/ubuntu-image-analyzer.lock.yml # .github/workflows/video-analyzer.lock.yml # .github/workflows/weekly-issue-summary.lock.yml # .github/workflows/workflow-generator.lock.yml # .github/workflows/workflow-health-manager.lock.yml # .github/workflows/workflow-normalizer.lock.yml # .github/workflows/workflow-skill-extractor.lock.yml
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
|
🎬 THE END — Smoke Claude MISSION: ACCOMPLISHED! The hero saves the day! ✨ |
|
🌑 The shadows whisper... Smoke Codex failed. The oracle requires further meditation... |
|
❌ Changeset Generator failed. Please review the logs for details. |
|
📰 BREAKING: Smoke Copilot is now investigating this pull request. Sources say the story is developing... |
Agent Container Tool Check
Result: 10/12 tools available, 2/12 have execution issues Issues Found:
Working Tools: bash, sh, git, jq, yq, curl, gh, node, python3, go
|
Smoke Test: Copilot - Run 21734996717Results: ✅ PASS
Overall: 9/9 tests completed
|
|
📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤 |
1 participant
Summary
Bump AWF (gh-aw-firewall) to v0.13.6 which includes fixes for chroot mode (etc/hosts, resolv.conf, permissions) and HTTPS_PROXY restoration.
Changes in AWF v0.13.6
Test plan
Related
🤖 Generated with Claude Code