Skip to content

Bump default MCP gateway to v0.2.30 and AWF firewall to v0.25.28#27722

Merged
lpcox merged 4 commits intomainfrom
copilot/bump-mcpg-to-v0-2-30-and-awf-firewall-to-v0-25-28
Apr 22, 2026
Merged

Bump default MCP gateway to v0.2.30 and AWF firewall to v0.25.28#27722
lpcox merged 4 commits intomainfrom
copilot/bump-mcpg-to-v0-2-30-and-awf-firewall-to-v0-25-28

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented Apr 22, 2026
edited by github-actions Bot
Loading

This updates the default runtime versions used by generated workflows for MCP Gateway and AWF firewall. The goal is to move defaults from v0.2.26/v0.25.26 to v0.2.30/v0.25.28 so newly compiled lockfiles pick up the newer components.

  • Version constants

    • Updated defaults in pkg/constants/version_constants.go:
      • DefaultMCPGatewayVersion: v0.2.26v0.2.30
      • DefaultFirewallVersion: v0.25.26v0.25.28

  • Compiled workflow outputs

    • Regenerated workflow lockfiles under .github/workflows/**/*.lock.yml so emitted container/image tags reflect the new default versions.

  • Golden fixture alignment

    • Updated WASM compile golden fixtures impacted by the new emitted defaults:
      • pkg/workflow/testdata/TestWasmGolden_CompileFixtures/basic-copilot.golden
      • pkg/workflow/testdata/TestWasmGolden_CompileFixtures/with-imports.golden
// pkg/constants/version_constants.go
const DefaultFirewallVersion Version = "v0.25.28"
const DefaultMCPGatewayVersion Version = "v0.2.30"

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

  • https://api.github.com/graphql
    • Triggering command: /usr/bin/gh gh repo view --json owner,name --jq .owner.login + "/" + .name 64/pkg/tool/linux_amd64/vet copilot.originalgit (http block)
    • Triggering command: /usr/bin/gh gh repo view owner/repo conf�� 908281373 user.email ache/go/1.25.8/x64/pkg/tool/linu-nilfunc (http block)
    • Triggering command: /usr/bin/gh gh repo view owner/repo conf�� 908281373 user.email ache/go/1.25.8/x64/pkg/tool/linu-test.short=true (http block)
  • https://api.github.com/orgs/test-owner/actions/secrets
    • Triggering command: /usr/bin/gh gh api /orgs/test-owner/actions/secrets --jq .secrets[].name (http block)
    • Triggering command: /usr/bin/gh gh api /orgs/test-owner/actions/secrets --jq .secrets[].name --show-toplevel git 64/pkg/tool/linux_amd64/compile --show-toplevel ache/go/1.25.8/x-C /usr/bin/git 64/pkg/tool/linuconfig rev-�� --show-toplevel git /usr/bin/git --show-toplevel ache/go/1.25.8/x-atomic /usr/bin/git git (http block)
  • https://api.github.com/repos/actions/ai-inference/git/ref/tags/v1
    • Triggering command: /usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq [.object.sha, .object.type] | @tsv -v oz/mT-tLcfK0hMgkSLlQ1ZG/V_z3kiod-dwarf=false /usr/bin/gh rd .cfg 64/pkg/tool/linu--show-toplevel gh repo�� view test-owner/test-repo-13736 /usr/bin/git 1351610000/.githnode user.email ache/go/1.25.8/xinstall git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq [.object.sha, .object.type] | @tsv xterm-color bash /usr/bin/infocmp k/gh-aw/gh-aw git k.yml infocmp -1 xterm-color git /usr/bin/git ithub/workflows config x_amd64/vet git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet --show-toplevel infocmp /usr/bin/git /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet -ato�� -bool -buildtags /usr/bin/git -errorsas -ifaceassert -nilfunc git (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v3
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq [.object.sha, .object.type] | @tsv k/gh-aw/gh-aw/.github/workflows/ace-editor.md (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq [.object.sha, .object.type] | @tsv --show-toplevel -pack /usr/bin/git 01 git r: $owner, name:--show-toplevel git conf�� --get remote.origin.url (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/git --show-toplevel git /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git --show-toplevel git /usr/bin/git git (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v5
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq [.object.sha, .object.type] | @tsv ugs5kA4FK (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq [.object.sha, .object.type] | @tsv --show-toplevel ache/go/1.25.8/x64/pkg/tool/linux_amd64/vet /usr/bin/git se 7546382/b066/vet\n .cfg git rev-�� --show-toplevel ache/go/1.25.8/x^remote\..*\.gh-resolved$ /usr/bin/git 9322/001/stabiligit 7546382/b221/vetrev-parse ache/go/1.25.8/x--show-toplevel git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq [.object.sha, .object.type] | @tsv --show-toplevel BjtALsw-UadQI/MUVKCxYiKyszYyBsnb98/RcOTVA9pgHw5ATest User 1/x64/bin/npm 2343358643 rev-parse ache/node/24.14.--show-toplevel 1/x64/bin/npm rev-�� --show-toplevel git /usr/bin/git bility_SameInputgit remote /usr/bin/git git (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v6
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq [.object.sha, .object.type] | @tsv sistency_InlinedImports2639412156/001/inlined-a.md (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq [.object.sha, .object.type] | @tsv ithub/workflows/approach-validator.md -extld=gcc /usr/bin/git --show-toplevel git /usr/bin/git git conf�� user.name Test User /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linunew (upstream) --show-toplevel git /usr/bin/git /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linu/tmp/gh-aw-merge-3127192165/new.md (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq [.object.sha, .object.type] | @tsv --show-toplevel git ndor/bin/bash --show-toplevel /usr/bin/gh /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git --show-toplevel infocmp /usr/bin/git git (http block)
  • https://api.github.com/repos/actions/github-script/git/ref/tags/v8
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq [.object.sha, .object.type] | @tsv --show-toplevel ache/go/1.25.8/xREDACTED /usr/bin/git CommaSeparatedCogit -v ache/go/1.25.8/x-b git rev-�� --show-toplevel ache/go/1.25.8/x64/pkg/tool/linux_amd64/compile /usr/bin/git 7546382/b408/_pkgit /tmp/go-build228rev-parse 7546382/b408=> git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/git k/gh-aw/gh-aw/.ggit rev-parse /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git k/gh-aw/gh-aw/.ggit rev-parse (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/git --show-toplevel ache/node/24.14.checkout /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git --show-toplevel git (http block)
  • https://api.github.com/repos/actions/github-script/git/ref/tags/v9
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v9 --jq [.object.sha, .object.type] | @tsv (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v9 --jq [.object.sha, .object.type] | @tsv -c=4 -nolocalimports -importcfg /tmp/go-build2287546382/b437/importcfg -pack /home/REDACTED/work/gh-aw/gh-aw/pkg/semverutil/semverutil.go /home/REDACTED/work/gh-aw/gh-aw/pkg/semverutil/semverutil_test.go (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v9 --jq [.object.sha, .object.type] | @tsv -v0-25-28 (http block)
  • https://api.github.com/repos/actions/setup-go/git/ref/tags/v4
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv --show-toplevel x_amd64/link /usr/bin/git g_.a --global x_amd64/link git rev-�� --show-toplevel x_amd64/link /usr/bin/git eFSy5PFyu --local 64/pkg/tool/linu--show-toplevel /usr/bin/git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv /usr/bin/git git /usr/bin/git k/gh-aw/gh-aw/.ggit git repository(owne--show-toplevel git rev-�� --show-toplevel git /usr/bin/infocmp k/gh-aw/gh-aw git kflows/daily-cli--show-toplevel infocmp (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/git --show-toplevel git /usr/bin/git git rev-�� --show-toplevel git /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet --show-toplevel /bin/sh /usr/bin/git /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet (http block)
  • https://api.github.com/repos/actions/setup-node/git/ref/tags/v4
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv user.email test@example.com /usr/bin/git get --global 64/pkg/tool/linu--show-toplevel git rev-�� --git-dir 64/pkg/tool/linux_amd64/vet /usr/bin/gh get .cfg 64/pkg/tool/linu--show-toplevel gh (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/git ithub/workflows git kflows/changeset--show-toplevel git rev-�� --show-toplevel git /usr/bin/git k/gh-aw/gh-aw/.ggit git ustering-analysi--show-toplevel git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/git --show-toplevel git /usr/bin/git git rev-�� --show-toplevel git /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/cgo --show-toplevel /usr/lib/git-correv-parse /usr/bin/git /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/cgo (http block)
  • https://api.github.com/repos/actions/upload-artifact/git/ref/tags/v4
    • Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv k/gh-aw/gh-aw/pkg/parser/import_conflict_test.go k/gh-aw/gh-aw/pkg/parser/import_cycle_test.go /usr/bin/git --repo owner/repo (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv --all-progress-implied l /usr/bin/git --thin --delta-base-offrev-parse -q git rev-�� --show-toplevel s/5/artifacts /usr/bin/git g_.a git lysis.lock.yml git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/git --show-toplevel aw.test /usr/bin/git git rev-�� --show-toplevel git 64/pkg/tool/linux_amd64/vet --show-toplevel git /usr/bin/git 64/pkg/tool/linux_amd64/vet (http block)
  • https://api.github.com/repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b
    • Triggering command: /usr/bin/gh gh api /repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b --jq [.object.sha, .object.type] | @tsv --show-toplevel node $name) { hasDiscussionsEnabled } } /tmp/TestHashStabash x_amd64/compile (http block)
    • Triggering command: /usr/bin/gh gh api /repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b --jq [.object.sha, .object.type] | @tsv --show-toplevel /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet /usr/bin/git -bool -buildtags /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git v1.0.0 other /usr/bin/git git (http block)
  • https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v0.1.2
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v0.1.2 --jq [.object.sha, .object.type] | @tsv --show-toplevel 64/pkg/tool/linutest@example.com /usr/bin/git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v0.1.2 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/git k/gh-aw/gh-aw/.ggit git l-pragmatist.loc--show-toplevel git init�� /usr/bin/git git /usr/bin/git ithub/workflows git kflows/daily-aw---show-toplevel git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v0.1.2 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/git --show-toplevel git /usr/bin/git git rev-�� --show-toplevel git /usr/local/.ghcup/bin/bash --show-toplevel git-upload-pack /usr/bin/git bash (http block)
  • https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.0.0 --jq [.object.sha, .object.type] | @tsv /tmp/gh-aw-test-runs/20260422-005419-13736/test-2991409197/.github/workflows remote /usr/bin/git -c=4 -nolocalimports -importcfg git -C res_import_test.go t_schema_test.go 64/pkg/tool/linux_amd64/vet remote.origin.urgit (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.0.0 --jq [.object.sha, .object.type] | @tsv :latest --revs /usr/bin/git --thin --delta-base-offrev-parse -q git -C s/test.md config /usr/bin/git remote.origin.urgit git /usr/bin/git git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.0.0 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/git --show-toplevel 64/pkg/tool/linurev-parse /usr/bin/git git rev-�� --show-toplevel git 64/pkg/tool/linux_amd64/vet --show-toplevel infocmp /usr/bin/git 64/pkg/tool/linux_amd64/vet (http block)
  • https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.2.3
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.2.3 --jq [.object.sha, .object.type] | @tsv bility_SameInputSameOutput1891329322/001/stability-test.md rev-parse 7546382/b466/typeutil.test (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.2.3 --jq [.object.sha, .object.type] | @tsv sistency_GoAndJavaScript4110657562/001/test-frontmatter-with-arrays.md git-receive-pack '/tmp/TestParseDefaultBranchFromLsRemoteWithRealGitcustom_branch728878334/001' /usr/bin/git --show-toplevel git 1/x64/bin/bash git rev-�� runs/20260422-005603-22328/test-2912184600 git /usr/bin/git --show-toplevel git t.lock.yml git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.2.3 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/git --show-toplevel 64/pkg/tool/linurev-parse /usr/bin/git git rev-�� --show-toplevel git 64/pkg/tool/linux_amd64/vet --show-toplevel git /usr/bin/git 64/pkg/tool/linux_amd64/vet (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/1/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/1/artifacts --jq .artifacts[].name .cfg 64/pkg/tool/linux_amd64/vet gpg.program (http block)
    • Triggering command: /usr/bin/gh gh run download 1 --dir test-logs/run-1 .cfg 64/pkg/tool/linux_amd64/vet commit.gpgsign (http block)
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/1/artifacts --jq .artifacts[].name -trimpath compliance.lock.yml -p github.com/githuconfig ed } } git -C /workflows config 64/pkg/tool/linux_amd64/vet remote.origin.urgit -nolocalimports DiscussionsEnabl--show-toplevel 64/pkg/tool/linux_amd64/vet (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/12345/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/12345/artifacts --jq .artifacts[].name --local 64/pkg/tool/linux_amd64/vet committer.email (http block)
    • Triggering command: /usr/bin/gh gh run download 12345 --dir test-logs/run-12345 .cfg 64/pkg/tool/linux_amd64/vet committer.email (http block)
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/12345/artifacts --jq .artifacts[].name LsRemoteWithRealGitcustom_branch728878334/001' (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/12346/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/12346/artifacts --jq .artifacts[].name .cfg 64/pkg/tool/linux_amd64/vet committer.email (http block)
    • Triggering command: /usr/bin/gh gh run download 12346 --dir test-logs/run-12346 .cfg 64/pkg/tool/linux_amd64/vet committer.email (http block)
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/12346/artifacts --jq .artifacts[].name git kflows/daily-hippo-learn.lock.yml --show-toplevel git /usr/bin/git git -C edOutput1795523003/001 config /usr/bin/gh remote.origin.urgit /tmp/go-build228rev-parse /usr/bin/git /usr/bin/gh (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/2/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/2/artifacts --jq .artifacts[].name .cfg 64/pkg/tool/linux_amd64/vet gpg.program (http block)
    • Triggering command: /usr/bin/gh gh run download 2 --dir test-logs/run-2 .cfg 64/pkg/tool/linu-test.short=true commit.gpgsign (http block)
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/2/artifacts --jq .artifacts[].name c me: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } - git /usr/bin/git git -C ithub/workflows show x_amd64/vet --show-toplevel infocmp ed } } x_amd64/vet (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/3/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/3/artifacts --jq .artifacts[].name .cfg 64/pkg/tool/linux_amd64/vet gpg.program (http block)
    • Triggering command: /usr/bin/gh gh run download 3 --dir test-logs/run-3 .cfg 64/pkg/tool/linu-nolocalimports commit.gpgsign (http block)
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/3/artifacts --jq .artifacts[].name LsRemoteWithRealGitbranch_with_hyphen3394880165/001' /usr/bin/git l git /usr/bin/git git -C ithub/workflows rev-parse 64/pkg/tool/linux_amd64/compile l node cal/bin/node 64/pkg/tool/linux_amd64/compile (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/4/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/4/artifacts --jq .artifacts[].name .cfg 64/pkg/tool/linux_amd64/vet gpg.program (http block)
    • Triggering command: /usr/bin/gh gh run download 4 --dir test-logs/run-4 .cfg 64/pkg/tool/linux_amd64/vet commit.gpgsign (http block)
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/4/artifacts --jq .artifacts[].name erena-mcp-server:latest /usr/bin/git -errorsas -ifaceassert -nilfunc git -C ions-build/main.go :latest 64/pkg/tool/linux_amd64/compile --show-toplevel git ache/go/1.25.8/x64/bin/node 64/pkg/tool/linux_amd64/compile (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/5/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/5/artifacts --jq .artifacts[].name .cfg 64/pkg/tool/linux_amd64/vet gpg.program (http block)
    • Triggering command: /usr/bin/gh gh run download 5 --dir test-logs/run-5 .cfg 64/pkg/tool/linux_amd64/vet commit.gpgsign (http block)
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/5/artifacts --jq .artifacts[].name -trimpath x_amd64/compile -p github.com/githurev-parse -lang=go1.25 x_amd64/compile -C k/gh-aw/gh-aw zation_test.go x_amd64/vet remote.origin.urgit -nolocalimports -importcfg x_amd64/vet (http block)
  • https://api.github.com/repos/github/gh-aw/actions/workflows
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path 946135199/001' 946135199/001' (http block)
    • Triggering command: /usr/bin/gh gh run list --json databaseId,number,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle --workflow nonexistent-workflow-12345 --limit 100 (http block)
    • Triggering command: /usr/bin/gh gh run list --json databaseId,number,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle --workflow nonexistent-workflow-12345 --limit 6 (http block)
  • https://api.github.com/repos/github/gh-aw/contents/.github/workflows/shared/reporting.md
    • Triggering command: /tmp/go-build2287546382/b404/cli.test /tmp/go-build2287546382/b404/cli.test -test.testlogfile=/tmp/go-build2287546382/b404/testlog.txt -test.paniconexit0 -test.v=true -test.parallel=4 -test.timeout=10m0s -test.run=^Test -test.short=true (http block)
    • Triggering command: /tmp/go-build3922883033/b404/cli.test /tmp/go-build3922883033/b404/cli.test -test.testlogfile=/tmp/go-build3922883033/b404/testlog.txt -test.paniconexit0 -test.v=true -test.parallel=4 -test.timeout=10m0s -test.run=^Test -test.short=true --show-toplevel x_amd64/compile /usr/bin/git git rev-�� --show-toplevel git ml --show-toplevel ortcfg /usr/bin/git git (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v0.47.4
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v0.47.4 --jq [.object.sha, .object.type] | @tsv --show-toplevel ache/go/1.25.8/x64/pkg/tool/linu-extld=gcc /usr/bin/git FETCH_HEAD (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v0.47.4 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/git sRemoteWithRealGgit sRemoteWithRealGrev-parse er: String!, $na--show-toplevel git rev-�� --show-toplevel git /usr/bin/git 01/test2.md show /usr/bin/git git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v0.47.4 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/git --show-toplevel nly /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git --show-toplevel /usr/lib/git-cor-lh /usr/bin/git git (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq [.object.sha, .object.type] | @tsv til.go til_test.go ache/go/1.25.8/x64/pkg/tool/linux_amd64/vet (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq [.object.sha, .object.type] | @tsv 657238961/.github/workflows config atcher.lock.yml l git DiscussionsEnabl--show-toplevel git -C t4077604138/.github/workflows config /usr/bin/git remote.origin.urgit node /usr/bin/git git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/git /usr/bin/git git /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git user.name Test User ache/node/24.14.--noprofile git (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.2.3
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.2.3 --jq [.object.sha, .object.type] | @tsv (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.2.3 --jq [.object.sha, .object.type] | @tsv --show-toplevel git me: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } --show-toplevel /opt/hostedtoolcpush /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git --show-toplevel 64/pkg/tool/linuconfig /usr/bin/git git (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v2.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq [.object.sha, .object.type] | @tsv (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq [.object.sha, .object.type] | @tsv --show-toplevel git repository(owne-nilfunc --show-toplevel ts.test /usr/bin/git git rev-�� ithub/workflows git ache/go/1.25.8/x--quiet --show-toplevel 64/pkg/tool/linu-C /usr/bin/git git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq [.object.sha, .object.type] | @tsv ithub/workflows git _.a --show-toplevel /opt/hostedtoolc-1 /usr/bin/git git rev-�� --show-toplevel git ice-test.lock.yml --show-toplevel /opt/hostedtoolc-C /usr/bin/git git (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v3.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v3.0.0 --jq [.object.sha, .object.type] | @tsv (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v3.0.0 --jq [.object.sha, .object.type] | @tsv --show-toplevel git repository(owne-lang=go1.25 --show-toplevel 64/pkg/tool/linu/tmp/TestParseDefaultBranchFromLsRemoteWithRealGitbranch_with_hyphen�� /usr/bin/git git rev-�� ithub/workflows git /usr/bin/git --show-toplevel 64/pkg/tool/linu-o /usr/bin/git git (http block)
  • https://api.github.com/repos/nonexistent/action/git/ref/tags/v999.999.999
    • Triggering command: /usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq [.object.sha, .object.type] | @tsv se 7546382/b027/vet.cfg .cfg (http block)
    • Triggering command: /usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq [.object.sha, .object.type] | @tsv 657238961/.github/workflows -f (http block)
    • Triggering command: /usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/git /tmp/gh-aw-test-git rev-parse /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git --get l /usr/bin/git git (http block)
  • https://api.github.com/repos/nonexistent/repo/actions/runs/12345
    • Triggering command: /usr/bin/gh gh run view 12345 --repo nonexistent/repo --json status,conclusion core.hooksPath (http block)
    • Triggering command: /usr/bin/gh gh run view 12345 --repo nonexistent/repo --json status,conclusion --show-toplevel infocmp /usr/bin/git infocmp -1 657238961 git ect-url-default.lock.yml l git /usr/bin/git git (http block)
  • https://api.github.com/repos/owner/repo/actions/workflows
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path --repo owner/repo (http block)
    • Triggering command: /usr/bin/gh gh workflow list --repo owner/repo --json name,path,state .cfg (http block)
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path --repo owner/repo r: $owner, name: $name) { hasDiscussionsEnabled } } --show-toplevel x_amd64/compile /usr/bin/git 64/pkg/tool/linuconfig rev-�� _.a git mance.lock.yml --show-toplevel ache/go/1.25.8/x-test.testlogfile=/tmp/go-build3922883033/b070/testlog.txt /usr/bin/git git (http block)
  • https://api.github.com/repos/test-owner/test-repo/actions/secrets
    • Triggering command: /usr/bin/gh gh api /repos/test-owner/test-repo/actions/secrets --jq .secrets[].name go1.25.8 (http block)
    • Triggering command: /usr/bin/gh gh api /repos/test-owner/test-repo/actions/secrets --jq .secrets[].name -c=4 -nolocalimports -importcfg /tmp/go-build3922883033/b390/importcfg -pack /home/REDACTED/work/gh-aw/gh-aw/internal/tools/actions-build/main.go git rev-�� --show-toplevel git tor.lock.yml --show-toplevel ache/go/1.25.8/x-o /usr/bin/git git (http block)
  • https://api.github.com/repos/test/repo
    • Triggering command: /usr/bin/gh gh api /repos/test/repo --jq .default_branch --local user.name ache/go/1.25.8/x64/pkg/tool/linux_amd64/vet (http block)
    • Triggering command: /usr/bin/gh gh api /repos/test/repo --jq .default_branch ithub/workflows git 64/pkg/tool/linux_amd64/link l kflow.test ed } } 64/pkg/tool/linux_amd64/link -1 62/001/test-complex-frontmatter-with-tools.md git ortcfg.link --show-toplevel git /usr/bin/git 1-dCGawU_yGNnFIL5 (http block)

If you need me to access, download, or install something from one of these locations, you can either:

Smoke CI scheduled run completed: https://github.com/github/gh-aw/actions/runs/24754897255

Generated by Smoke CI · ● 352.4K ·

Smoke CI scheduled run completed. Run URL: https://github.com/github/gh-aw/actions/runs/24754990248

Generated by Smoke CI · ● 354.8K ·

Copilot AI linked an issue Apr 22, 2026 that may be closed by this pull request
Bump MCPG to v0.2.30 and AWF firewall to v0.25.28 #27721
Closed
Copilot AI and others added 2 commits April 22, 2026 00:53
Copilot AI changed the title [WIP] Bump MCPG to v0.2.30 and AWF firewall to v0.25.28 Bump default MCP gateway to v0.2.30 and AWF firewall to v0.25.28 Apr 22, 2026
Copilot AI requested a review from lpcox April 22, 2026 01:01
This was referenced Apr 22, 2026
Open
Closed
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 22, 2026

Hey @Copilot 👋 — great work bumping the default MCP gateway to v0.2.30 and AWF firewall to v0.25.28! The PR is well-scoped, cleanly described, and the regenerated lockfiles + golden fixtures all follow naturally from the two version constant changes.

This looks ready for maintainer review. ✅

Generated by Contribution Check · ● 993.5K ·

@github-actions github-actions Bot added the lgtm label Apr 22, 2026
@github-actions github-actions Bot mentioned this pull request Apr 22, 2026
Closed
@lpcox
Copy link
Copy Markdown
Collaborator

lpcox commented Apr 22, 2026

@copilot merge main and recompile

@lpcox
Merge remote-tracking branch 'origin/main' into copilot/bump-mcpg-to-…
ba28a2f 
…v0-2-30-and-awf-firewall-to-v0-25-28

Co-authored-by: lpcox <15877973+lpcox@users.noreply.github.com>
Copy link
Copy Markdown
Contributor Author

Copilot AI commented Apr 22, 2026
edited
Loading

@copilot merge main and recompile

Done — merged origin/main, resolved conflicts, and recompiled workflows in commit ba28a2f5e.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

  • https://api.github.com/graphql
    • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw (http block)
    • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw k0/KMJYco2K17dqJ/opt/hostedtoolcache/node/24.14.1/x64/bin/npm (http block)
    • Triggering command: /usr/bin/gh gh repo view --json owner,name --jq .owner.login &#43; &#34;/&#34; &#43; .name n-dir/bash ns.json...&#34; (http block)
  • https://api.github.com/orgs/test-owner/actions/secrets
    • Triggering command: /usr/bin/gh gh api /orgs/test-owner/actions/secrets --jq .secrets[].name (http block)
  • https://api.github.com/repos/actions/ai-inference/git/ref/tags/v1
    • Triggering command: /usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq [.object.sha, .object.type] | @tsv -v git /usr/bin/gh ty-test.md blob kflows/daily-saf--show-toplevel gh repo�� view test-owner/test-repo-9656 /usr/bin/git b/workflows rev-parse /usr/bin/git git (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v3
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq [.object.sha, .object.type] | @tsv /tmp/gh-aw-test-runs/20260422-013901-9656/test-3908827627/.github/workflows remote /usr/bin/git --local --get ache/uv/0.11.7/x--show-toplevel git remo�� (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v5
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq [.object.sha, .object.type] | @tsv xterm-color (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq [.object.sha, .object.type] | @tsv --show-toplevel x_amd64/vet /usr/bin/git /home/REDACTED/wortr show /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git report.md show 64/pkg/tool/linu--show-toplevel git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq [.object.sha, .object.type] | @tsv --show-toplevel /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linuremote.origin.url 1/x64/bin/npm 14200273 -trimpath ache/node/24.14.--show-toplevel 1/x64/bin/npm rev-�� --show-toplevel /bin/sh /usr/bin/git sistency_GoAndJagit git-receive-packrev-parse /usr/bin/git git (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v6
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq [.object.sha, .object.type] | @tsv bility_SameInputSameOutput1369261369/001/stability-test.md -tests ps (http block)
  • https://api.github.com/repos/actions/github-script/git/ref/tags/v8
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq [.object.sha, .object.type] | @tsv --show-toplevel infocmp /usr/bin/git /001/inlined-a.mgit (http block)
  • https://api.github.com/repos/actions/github-script/git/ref/tags/v9
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v9 --jq [.object.sha, .object.type] | @tsv -awf-firewall-to-f (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v9 --jq [.object.sha, .object.type] | @tsv --get-regexp --global cal/bin/git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v9 --jq [.object.sha, .object.type] | @tsv ithub/workflows --local r: $owner, name:-f http.https://gitgit (http block)
  • https://api.github.com/repos/actions/setup-go/git/ref/tags/v4
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv /home/REDACTED/work/gh-aw/gh-aw/.github/workflows/agent-performancgo1.25.8 git /opt/hostedtoolcache/node/24.14.1/x64/bin/node k/gh-aw/gh-aw :latest kflows/copilot-a--show-toplevel node /tmp�� /home/REDACTED/work/gh-aw/gh-aw/.github/workflows/architecture-guardian.md bash /usr/bin/git ithub/workflows (http block)
  • https://api.github.com/repos/actions/setup-node/git/ref/tags/v4
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv user.name Test User /usr/bin/git ithub/workflows (http block)
  • https://api.github.com/repos/actions/upload-artifact/git/ref/tags/v4
    • Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v4 --jq [.object.sha, .object.type] | @tsv s/^session\.gc_maxlifetime=\(.*\)$/\1/p (http block)
  • https://api.github.com/repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b
    • Triggering command: /usr/bin/gh gh api /repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b --jq [.object.sha, .object.type] | @tsv (http block)
  • https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v0.1.2
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v0.1.2 --jq [.object.sha, .object.type] | @tsv user.email test@example.com /opt/hostedtoolcache/node/24.14.1/x64/bin/node copilot/bump-mcpgit (http block)
  • https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.0.0 --jq [.object.sha, .object.type] | @tsv bility_SameInputSameOutput1369261369/001/stability-test.md --stdin /usr/bin/git --exclude-hiddengit --all --quiet git rev-�� res_import_test.go t_schema_test.go 64/pkg/tool/linux_amd64/vet s/test.md 8610f2a9f7d3d448rev-parse ache/node/24.14.--show-toplevel 64/pkg/tool/linux_amd64/vet (http block)
  • https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.2.3
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.2.3 --jq [.object.sha, .object.type] | @tsv bility_SameInputSameOutput1369261369/001/stability-test.md --revs /usr/bin/git --thin --delta-base-offrev-parse -q git -C /tmp/TestGuardPolicyTrustedUsersCompiledOutput2140791447/001 config /usr/bin/git remote.origin.urgit --global bin/git git (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/1/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/1/artifacts --jq .artifacts[].name :latest /usr/bin/git l (http block)
    • Triggering command: /usr/bin/gh gh run download 1 --dir test-logs/run-1 latest /usr/bin/infocmp (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/12345/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/12345/artifacts --jq .artifacts[].name LsRemoteWithRealGitbranch_with_hyphen2179941507/001&#39; nt-public-none.lock.yml (http block)
    • Triggering command: /usr/bin/gh gh run download 12345 --dir test-logs/run-12345 log kflows/daily-repo-chronicle.lock.yml --format=%H:%ct (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/12346/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/12346/artifacts --jq .artifacts[].name (http block)
    • Triggering command: /usr/bin/gh gh run download 12346 --dir test-logs/run-12346 (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/2/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/2/artifacts --jq .artifacts[].name (http block)
    • Triggering command: /usr/bin/gh gh run download 2 --dir test-logs/run-2 (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/3/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/3/artifacts --jq .artifacts[].name c x_amd64/compile - (http block)
    • Triggering command: /usr/bin/gh gh run download 3 --dir test-logs/run-3 log kflows/daily-syntax-error-quality.lock.yml -n1 --format=format:rev-parse --end-of-options--show-toplevel git -C ithub/workflows show kflows/go-fan.lock.yml (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/4/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/4/artifacts --jq .artifacts[].name -trimpath /usr/bin/git -p github.com/githurev-parse ed } } git -C ithub/workflows rev-parse x_amd64/vet -c=4 -nolocalimports ed } } x_amd64/vet (http block)
    • Triggering command: /usr/bin/gh gh run download 4 --dir test-logs/run-4 log me: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -n1 --format=format:rev-parse --end-of-options--show-toplevel git -C 574528304 rev-parse ocs.lock.yml (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/5/artifacts
    • Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/5/artifacts --jq .artifacts[].name -trimpath x_amd64/link -p github.com/githurev-parse -lang=go1.25 x_amd64/link -C ithub/workflows config x_amd64/vet remote.origin.urgit -nolocalimports -importcfg x_amd64/vet (http block)
    • Triggering command: /usr/bin/gh gh run download 5 --dir test-logs/run-5 log me: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } --format=%H:%ct (http block)
  • https://api.github.com/repos/github/gh-aw/actions/workflows
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path (http block)
    • Triggering command: /usr/bin/gh gh run list --json databaseId,number,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle --workflow nonexistent-workflow-12345 --limit 100 (http block)
    • Triggering command: /usr/bin/gh gh run list --json databaseId,number,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle --workflow nonexistent-workflow-12345 --limit 6 (http block)
  • https://api.github.com/repos/github/gh-aw/contents/.github/workflows/shared/reporting.md
    • Triggering command: /tmp/go-build89141401/b404/cli.test /tmp/go-build89141401/b404/cli.test -test.testlogfile=/tmp/go-build89141401/b404/testlog.txt -test.paniconexit0 -test.v=true -test.parallel=4 -test.timeout=10m0s -test.run=^Test -test.short=true (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v0.47.4
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v0.47.4 --jq [.object.sha, .object.type] | @tsv --show-toplevel git /usr/bin/git k/gh-aw/gh-aw/.ggit show /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git Onlymin-integritls show kflows/spec-extr/tmp/gh-aw/aw-feature-branch.patch git (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq [.object.sha, .object.type] | @tsv ithub/workflows show /usr/bin/git l (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.2.3
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.2.3 --jq [.object.sha, .object.type] | @tsv -c=4 -nolocalimports -importcfg /tmp/go-build89141401/b433/importcfg -pack /home/REDACTED/work/gh-aw/gh-aw/pkg/parser/import_conflict_test.go /home/REDACTED/work/gh-aw/gh-aw/pkg/parser/import_cycle_test.go conf�� ithub/workflows --local /snap/bin/git copilot.originalgit (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v2.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq [.object.sha, .object.type] | @tsv rd :latest r: $owner, name: $name) { hasDiscussionsEnabled } } user.email (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq [.object.sha, .object.type] | @tsv ithub/workflows --local r: $owner, name: $name) { hasDiscussionsEnabled } } committer.name (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq [.object.sha, .object.type] | @tsv ithub/workflows --local sh committer.name (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v3.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v3.0.0 --jq [.object.sha, .object.type] | @tsv ithub/workflows --local .yml committer.name (http block)
  • https://api.github.com/repos/nonexistent/action/git/ref/tags/v999.999.999
    • Triggering command: /usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq [.object.sha, .object.type] | @tsv k/gh-aw/gh-aw/.github/workflows config me: String!) { repository(owne-nilfunc remote.origin.urgit (http block)
  • https://api.github.com/repos/nonexistent/repo/actions/runs/12345
    • Triggering command: /usr/bin/gh gh run view 12345 --repo nonexistent/repo --json status,conclusion l (http block)
  • https://api.github.com/repos/owner/repo/actions/workflows
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path --repo owner/repo r: $owner, name: $name) { hasDiscussionsEnabled } } (http block)
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path --repo owner/repo repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } (http block)
    • Triggering command: /usr/bin/gh gh workflow list --repo owner/repo --json name,path,state 64/pkg/tool/linux_amd64/vet (http block)
  • https://api.github.com/repos/test-owner/test-repo/actions/secrets
    • Triggering command: /usr/bin/gh gh api /repos/test-owner/test-repo/actions/secrets --jq .secrets[].name (http block)
  • https://api.github.com/repos/test/repo
    • Triggering command: /usr/bin/gh gh api /repos/test/repo --jq .default_branch 574528304 -f (http block)

If you need me to access, download, or install something from one of these locations, you can either:

@lpcox lpcox marked this pull request as ready for review April 22, 2026 01:50
Copilot AI review requested due to automatic review settings April 22, 2026 01:50
Copilot AI reviewed Apr 22, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates default runtime component versions for generated workflows, moving MCP Gateway to v0.2.30 and the AWF firewall to v0.25.28, and refreshes generated artifacts that embed those defaults.

Changes:

  • Bumped default version constants for AWF and MCPG.
  • Regenerated workflow lockfiles so emitted image/binary tags match the new defaults.
  • Updated WASM compile golden fixtures affected by the new emitted defaults.
Show a summary per file
File Description
pkg/constants/version_constants.go Updates default AWF and MCPG versions used by the compiler/generator.
pkg/workflow/testdata/TestWasmGolden_CompileFixtures/basic-copilot.golden Refreshes golden output to reflect new default AWF/MCPG versions.
pkg/workflow/testdata/TestWasmGolden_CompileFixtures/with-imports.golden Refreshes golden output to reflect new default AWF/MCPG versions.
.github/workflows/test-workflow.lock.yml Regenerated lockfile with updated container tags and AWF install version.
.github/workflows/smoke-opencode.lock.yml Regenerated lockfile with updated container tags and AWF install version.
.github/workflows/smoke-crush.lock.yml Regenerated lockfile with updated container tags and AWF install version.
.github/workflows/smoke-ci.lock.yml Regenerated lockfile with updated container tags and AWF install version.
.github/workflows/refiner.lock.yml Regenerated lockfile with updated container tags and AWF install version.
.github/workflows/plan.lock.yml Regenerated lockfile with updated container tags and AWF install version.
.github/workflows/metrics-collector.lock.yml Regenerated lockfile with updated container tags and AWF install version.
.github/workflows/gpclean.lock.yml Regenerated lockfile with updated container tags and AWF install version.
.github/workflows/firewall.lock.yml Regenerated lockfile with updated container tags and AWF install version.
.github/workflows/example-permissions-warning.lock.yml Regenerated lockfile with updated container tags and AWF install version.
.github/workflows/daily-malicious-code-scan.lock.yml Regenerated lockfile with updated container tags and AWF install version.
.github/workflows/copilot-token-optimizer.lock.yml Regenerated lockfile with updated container tags and AWF install version.
.github/workflows/codex-github-remote-mcp-test.lock.yml Regenerated lockfile with updated container tags; also includes additional Codex config deltas.
.github/workflows/code-simplifier.lock.yml Regenerated lockfile with updated container tags and AWF install version.
.github/workflows/changeset.lock.yml Regenerated lockfile with updated container tags; also includes additional Codex config deltas.
.github/workflows/ai-moderator.lock.yml Regenerated lockfile with updated container tags; also includes additional Codex config deltas.
.github/workflows/ace-editor.lock.yml Regenerated lockfile with updated container tags and AWF install version.

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

  • Files reviewed: 60/200 changed files
  • Comments generated: 1

Comment thread .github/workflows/codex-github-remote-mcp-test.lock.yml
Comment on lines +447 to +453
model_provider = "openai-proxy"

[model_providers.openai-proxy]
name = "OpenAI AWF proxy"
base_url = "http://172.30.0.30:10000"
env_key = "OPENAI_API_KEY"
supports_websockets = false
Copy link

Copilot AI Apr 22, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This diff introduces more than just the AWF/MCPG version bumps: it changes the generated Codex config to use a new model_provider = "openai-proxy" with a local base_url and adds an awk-based merge step. The PR description only mentions version constant updates + regenerated lockfiles; please confirm this behavioral change is intentional and either (a) update the PR description to call it out, or (b) regenerate using the same generator/templates as before so the lockfile only reflects the version bump.

Copilot uses AI. Check for mistakes.
@lpcox lpcox merged commit e0b6190 into main Apr 22, 2026
63 of 65 checks passed
@lpcox lpcox deleted the copilot/bump-mcpg-to-v0-2-30-and-awf-firewall-to-v0-25-28 branch April 22, 2026 01:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@lpcox lpcox Awaiting requested review from lpcox

Assignees

@lpcox lpcox

Copilot code review Copilot

Labels

lgtm

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Bump MCPG to v0.2.30 and AWF firewall to v0.25.28

3 participants

@lpcox