[ca] Bump default agentic CLIs: Claude Code 2.1.167, Copilot CLI 1.0.60#37338
[ca] Bump default agentic CLIs: Claude Code 2.1.167, Copilot CLI 1.0.60#37338Copilot wants to merge 2 commits into
Conversation
Co-authored-by: gh-aw-bot <259018956+gh-aw-bot@users.noreply.github.com>
|
🚀 Smoke Antigravity MISSION COMPLETE! Antigravity has spoken. ✨ |
|
🚀 Smoke Pi MISSION COMPLETE! Pi delivered. 🥧 |
|
🚀 Smoke Gemini MISSION COMPLETE! Gemini has spoken. ✨ |
|
📰 BREAKING: Smoke Copilot is now investigating this pull request. Sources say the story is developing... |
|
🧠 Matt Pocock Skills Reviewer has completed the skills-based review. ✅ |
|
🧪 Test Quality Sentinel completed test quality analysis. No test files were added or modified in this PR. The PR only updates .github/workflows/*.lock.yml files to bump default agentic CLI versions (Claude Code 2.1.167, Copilot CLI 1.0.60). Test Quality Sentinel skipped. |
|
✅ All tools validated successfully! Agent Container Smoke Test confirms agent container is ready. |
|
📰 BREAKING: Smoke Copilot - AOAI (apikey) is now investigating this pull request. Sources say the story is developing... |
|
✅ PR Code Quality Reviewer completed the code quality review. |
|
✅ Design Decision Gate 🏗️ completed the design decision gate check. No ADR enforcement needed: PR #37338 does not have the implementation label (has_implementation_label=false) and has only 38 new lines in business logic directories (requires_adr_by_default_volume=false, threshold=100). |
|
💫 TO BE CONTINUED... Smoke Claude failed to deliver outputs! Our hero faces unexpected challenges... |
|
✨ The prophecy is fulfilled... Smoke Codex has completed its mystical journey. The stars align. 🌟 |
There was a problem hiding this comment.
Pull request overview
This PR bumps gh-aw’s pinned default agentic CLI versions (Claude Code and GitHub Copilot CLI) and refreshes the generated workflow lock artifacts and wasm golden fixtures so compiled outputs match the new defaults.
Changes:
- Updated default version constants: Claude Code
2.1.165 → 2.1.167, Copilot CLI1.0.59 → 1.0.60. - Recompiled workflow
.lock.ymlartifacts to propagate the new engine versions into generated workflows. - Refreshed wasm golden fixtures to align expected embedded engine versions with the new defaults.
Show a summary per file
| File | Description |
|---|---|
| pkg/constants/version_constants.go | Bumps default pinned Claude Code and Copilot CLI versions. |
| pkg/workflow/testdata/TestWasmGolden_CompileFixtures/with-imports.golden | Updates expected Copilot version strings in wasm golden output. |
| pkg/workflow/testdata/TestWasmGolden_CompileFixtures/smoke-copilot.golden | Updates expected Copilot version strings in wasm golden output. |
| pkg/workflow/testdata/TestWasmGolden_CompileFixtures/playwright-cli-mode.golden | Updates expected Copilot version strings in wasm golden output. |
| pkg/workflow/testdata/TestWasmGolden_CompileFixtures/basic-copilot.golden | Updates expected Copilot version strings in wasm golden output. |
| pkg/workflow/testdata/TestWasmGolden_AllEngines/copilot.golden | Updates expected Copilot version strings in wasm golden output. |
| pkg/workflow/testdata/TestWasmGolden_AllEngines/claude.golden | Updates expected Claude Code version strings in wasm golden output. |
| .github/workflows/workflow-skill-extractor.lock.yml | Recompiled lock file to pin Copilot CLI 1.0.60. |
| .github/workflows/video-analyzer.lock.yml | Recompiled lock file to pin Copilot CLI 1.0.60. |
| .github/workflows/test-workflow.lock.yml | Recompiled lock file to pin Copilot CLI 1.0.60. |
| .github/workflows/test-project-url-default.lock.yml | Recompiled lock file to pin Copilot CLI 1.0.60. |
| .github/workflows/test-dispatcher.lock.yml | Recompiled lock file to pin Copilot CLI 1.0.60. |
| .github/workflows/smoke-ci.lock.yml | Recompiled lock file to pin Copilot CLI 1.0.60. |
| .github/workflows/research.lock.yml | Recompiled lock file to pin Copilot CLI 1.0.60. |
| .github/workflows/repo-tree-map.lock.yml | Recompiled lock file to pin Copilot CLI 1.0.60. |
| .github/workflows/lint-monster.lock.yml | Recompiled lock file to pin Copilot CLI 1.0.60. |
| .github/workflows/hourly-ci-cleaner.lock.yml | Recompiled lock file to pin Claude Code 2.1.167. |
| .github/workflows/hippo-embed.lock.yml | Recompiled lock file to pin Copilot CLI 1.0.60. |
| .github/workflows/go-pattern-detector.lock.yml | Recompiled lock file to pin Claude Code 2.1.167. |
| .github/workflows/github-remote-mcp-auth-test.lock.yml | Recompiled lock file to pin Copilot CLI 1.0.60. |
| .github/workflows/firewall.lock.yml | Recompiled lock file to pin Copilot CLI 1.0.60. |
| .github/workflows/example-permissions-warning.lock.yml | Recompiled lock file to pin Copilot CLI 1.0.60. |
| .github/workflows/designer-drift-audit.lock.yml | Recompiled lock file to pin Copilot CLI 1.0.60. |
| .github/workflows/dependabot-campaign.lock.yml | Recompiled lock file to pin Copilot CLI 1.0.60. |
| .github/workflows/dependabot-burner.lock.yml | Recompiled lock file to pin Copilot CLI 1.0.60. |
| .github/workflows/daily-token-consumption-report.lock.yml | Recompiled lock file to pin Claude Code 2.1.167. |
| .github/workflows/daily-team-evolution-insights.lock.yml | Recompiled lock file to pin Claude Code 2.1.167. |
| .github/workflows/daily-syntax-error-quality.lock.yml | Recompiled lock file to pin Copilot CLI 1.0.60. |
| .github/workflows/daily-secrets-analysis.lock.yml | Recompiled lock file to pin Copilot CLI 1.0.60. |
| .github/workflows/daily-safe-outputs-conformance.lock.yml | Recompiled lock file to pin Claude Code 2.1.167. |
| .github/workflows/daily-reliability-review.lock.yml | Recompiled lock file to pin Claude Code 2.1.167. |
| .github/workflows/daily-regulatory.lock.yml | Recompiled lock file to pin Copilot CLI 1.0.60. |
| .github/workflows/daily-multi-device-docs-tester.lock.yml | Recompiled lock file to pin Claude Code 2.1.167. |
| .github/workflows/daily-malicious-code-scan.lock.yml | Recompiled lock file to pin Copilot CLI 1.0.60. |
| .github/workflows/daily-choice-test.lock.yml | Recompiled lock file to pin Claude Code 2.1.167. |
| .github/workflows/contribution-check.lock.yml | Recompiled lock file to pin Copilot CLI 1.0.60. |
| .github/workflows/commit-changes-analyzer.lock.yml | Recompiled lock file to pin Claude Code 2.1.167. |
| .github/workflows/cli-consistency-checker.lock.yml | Recompiled lock file to pin Copilot CLI 1.0.60. |
| .github/workflows/bot-detection.lock.yml | Recompiled lock file to pin Copilot CLI 1.0.60. |
| .github/workflows/blog-auditor.lock.yml | Recompiled lock file to pin Claude Code 2.1.167. |
| .github/workflows/avenger.lock.yml | Recompiled lock file to pin Claude Code 2.1.167. |
| .github/workflows/artifacts-summary.lock.yml | Recompiled lock file to pin Copilot CLI 1.0.60. |
| .github/workflows/agentic-token-optimizer.lock.yml | Recompiled lock file to pin Copilot CLI 1.0.60. |
| .github/workflows/ace-editor.lock.yml | Recompiled lock file to pin Copilot CLI 1.0.60. |
Copilot's findings
Tip
Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Files reviewed: 147/229 changed files
- Comments generated: 0
Smoke Test Results: Gemini
Overall Status: FAIL Warning Firewall blocked 1 domainThe following domain was blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "localhost"See Network Configuration for more information.
|
Agent Container Tool Check
Result: 12/12 tools available ✅ — PASS
|
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
There was a problem hiding this comment.
Skills-Based Review 🧠
Applied /zoom-out — this is a clean, mechanical version bump. Approving with one minor documentation observation.
📋 Analysis Details
Change Verification
- ✅
DefaultClaudeCodeVersion:2.1.165→2.1.167(inpkg/constants/version_constants.go) - ✅
DefaultCopilotVersion:1.0.59→1.0.60(inpkg/constants/version_constants.go) - ✅ Zero stale references — grep for
1.0.59and2.1.165across all lock files returns 0 results - ✅ 1,575 updated version references across all lock files (symmetric 2652+/2652−)
- ✅ Golden fixtures updated to reflect new embedded defaults
Positive Highlights
- ✅ Excellent single-source-of-truth pattern — one constant change cascades deterministically through all generated artifacts
- ✅
make recompileprocess produces perfectly consistent output with no manual edits to generated files - ✅
DefaultCopilotVersioncarries a valuable upgrade-verification checklist (MCP loading,/modelsPAT check)
Minor Observation — Not Blocking
DefaultClaudeCodeVersion has only a one-line doc comment, while DefaultCopilotVersion documents specific upgrade checks to perform. Since both CLIs are bumped on the same cadence, a comparable checklist on DefaultClaudeCodeVersion would make the upgrade process symmetric and reduce the risk of missing a regression on future Claude Code bumps.
🧠 Reviewed using Matt Pocock's skills by Matt Pocock Skills Reviewer · sonnet46 1.4M · 425.1 AIC · ⌖ 13.4 AIC
|
Smoke Test: Codex - 27067065536
Warning Firewall blocked 6 domainsThe following domains were blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "accounts.google.com"
- "android.clients.google.com"
- "clients2.google.com"
- "contentautofill.googleapis.com"
- "safebrowsingohttpgateway.googleapis.com"
- "www.google.com"See Network Configuration for more information.
|
Comment MemoryNote This comment is managed by comment memory.It stores persistent context for this thread in the code block at the top of this comment. Warning Firewall blocked 6 domainsThe following domains were blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "accounts.google.com"
- "android.clients.google.com"
- "clients2.google.com"
- "contentautofill.googleapis.com"
- "safebrowsingohttpgateway.googleapis.com"
- "www.google.com"See Network Configuration for more information.
|
This comment has been minimized.
This comment has been minimized.
🧪 Smoke Test: Claude — Run 27067065704Core #1-13: 1✅ 2✅ 3❌(Serena MCP unavailable) 4✅ 5✅ 6✅ 7✅ 8✅ 9✅ 10✅ 11✅ 12✅ 13✅ Overall: FAIL (Serena MCP server not available in this environment) Warning Firewall blocked 6 domainsThe following domains were blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "accounts.google.com"
- "android.clients.google.com"
- "clients2.google.com"
- "contentautofill.googleapis.com"
- "safebrowsingohttpgateway.googleapis.com"
- "www.google.com"See Network Configuration for more information.
|
There was a problem hiding this comment.
💥 Automated smoke test review - all systems nominal!
Warning
Firewall blocked 6 domains
The following domains were blocked by the firewall during workflow execution:
accounts.google.comandroid.clients.google.comclients2.google.comcontentautofill.googleapis.comsafebrowsingohttpgateway.googleapis.comwww.google.com
To allow these domains, add them to the
network.allowedlist in your workflow frontmatter:
network:
allowed:
- defaults
- "accounts.google.com"
- "android.clients.google.com"
- "clients2.google.com"
- "contentautofill.googleapis.com"
- "safebrowsingohttpgateway.googleapis.com"
- "www.google.com"See Network Configuration for more information.
💥 [THE END] — Illustrated by Smoke Claude · opus48 249.2K · 74.8 AIC · ⌖ 30.5 AIC
There was a problem hiding this comment.
Non-blocking observations on an otherwise clean version bump. Lock file regeneration is complete and consistent: all 222 copilot/claude lock files updated, the 19 unchanged ones are correctly non-copilot/non-claude engines.
Findings summary
Skipped Claude Code patch version
2.1.165 jumps directly to 2.1.167, bypassing 2.1.166. If this was intentional (e.g. 2.1.166 was yanked), a one-line comment preserving that context would prevent confusion for future reviewers.
Missing upgrade checklist on DefaultClaudeCodeVersion
DefaultCopilotVersion has a documented pre-upgrade verification checklist (MCP loading, PAT model enumeration). DefaultClaudeCodeVersion has only a bare comment. Claude Code shares the same integration surface (MCPs, PAT auth) and would benefit from the same checklist, enforcing consistent upgrade rigor going forward.
🔎 Code quality review by PR Code Quality Reviewer · sonnet46 478K · ⌖ 13.1 AIC
| @@ -32,14 +32,14 @@ func (v Version) IsValid() bool { | |||
| type ModelName string | |||
|
|
|||
| // DefaultClaudeCodeVersion is the default version of the Claude Code CLI. | |||
| const DefaultClaudeCodeVersion Version = "2.1.165" | |||
| const DefaultClaudeCodeVersion Version = "2.1.167" | |||
There was a problem hiding this comment.
Skipped version — was this intentional? The bump goes from 2.1.165 directly to 2.1.167, skipping one patch release.
💡 Details
If 2.1.166 was a bad release (e.g., a regression that was quickly yanked), it's worth a brief comment to preserve that institutional knowledge:
// DefaultClaudeCodeVersion is the default version of the Claude Code CLI.
// Note: 2.1.166 was skipped — <reason>.
const DefaultClaudeCodeVersion Version = "2.1.167"Without context, a future reader might interpret the skip as a mistake rather than a deliberate decision.
| @@ -32,14 +32,14 @@ func (v Version) IsValid() bool { | |||
| type ModelName string | |||
|
|
|||
| // DefaultClaudeCodeVersion is the default version of the Claude Code CLI. | |||
There was a problem hiding this comment.
DefaultClaudeCodeVersion lacks the upgrade verification checklist that DefaultCopilotVersion has. Upgrading Claude Code without the same discipline risks silently breaking MCP tooling or model enumeration.
💡 Suggested addition
The DefaultCopilotVersion comment documents two critical checks to run before every upgrade:
// DefaultCopilotVersion is the default version of the GitHub Copilot CLI.
//
// When unpinning or upgrading this version, verify:
// - MCPs are not blocked from loading (tools.mcp configuration still works end-to-end)
// - /models does not silently fail on PATs (check that model listing works with PAT auth)Claude Code also integrates with MCPs (tools.mcp) and uses PAT-scoped model access, so the same failure modes apply. Adding a parallel checklist would enforce the same rigor on future Claude Code bumps:
// DefaultClaudeCodeVersion is the default version of the Claude Code CLI.
//
// When unpinning or upgrading this version, verify:
// - MCPs are not blocked from loading (tools.mcp configuration still works end-to-end)
// - Model enumeration works correctly with PAT auth
const DefaultClaudeCodeVersion Version = "2.1.167"
|
Smoke cave:
Warning Firewall blocked 6 domainsThe following domains were blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "accounts.google.com"
- "android.clients.google.com"
- "clients2.google.com"
- "contentautofill.googleapis.com"
- "safebrowsingohttpgateway.googleapis.com"
- "www.google.com"See Network Configuration for more information.
|
|
@copilot review all comments and address unresolved review feedback.
|
This updates gh-aw’s default agentic CLI pins to the latest stable patch releases for Claude Code and Copilot CLI. Lock files were recompiled so generated workflow artifacts track the new defaults, with the pre-existing strict-mode blockers (
max-effective-tokens) remaining out of scope.Version pin updates
pkg/constants/version_constants.goDefaultClaudeCodeVersion:2.1.165→2.1.167DefaultCopilotVersion:1.0.59→1.0.60Generated workflow artifacts
.lock.ymlfiles to propagate the new default CLI versions into generated workflow outputs.max-effective-tokensusage (separate cleanup track).Golden fixture refresh
✨ PR Review Safe Output Test - Run 27067065704
Warning
Firewall blocked 6 domains
The following domains were blocked by the firewall during workflow execution:
accounts.google.comandroid.clients.google.comclients2.google.comcontentautofill.googleapis.comsafebrowsingohttpgateway.googleapis.comwww.google.comSee Network Configuration for more information.