diff --git a/.github/workflows/update-awf-version.lock.yml b/.github/workflows/update-awf-version.lock.yml
index 45fe2b95..f259c527 100644
--- a/.github/workflows/update-awf-version.lock.yml
+++ b/.github/workflows/update-awf-version.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"b991f6b4afcb78c714c46ba2984d6e655428d74b54b3a0c69db5b59f869562fc","compiler_version":"v0.67.1","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"1a67f7d6519b4cb5693bc9f57a290b6af80255a98e046ffde1a394b4adc50186","compiler_version":"v0.67.1","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -21,7 +21,7 @@
#
# For more information: https://github.github.com/gh-aw/introduction/overview/
#
-# Checks for new releases of gh-aw-firewall and opens a PR to update the AWF_VERSION constant
+# Checks for new releases of gh-aw-firewall and copilot-cli, and opens PRs to update pinned version constants
#
# Secrets used:
# - COPILOT_GITHUB_TOKEN
@@ -37,7 +37,7 @@
# - actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
# - github/gh-aw-actions/setup@80471a493be8c528dd27daf73cd644242a7965e0 # v0.67.1
-name: "AWF Version Updater"
+name: "Dependency Version Updater"
"on":
schedule:
- cron: "19 11 * * *"
@@ -55,7 +55,7 @@ permissions: {}
concurrency:
group: "gh-aw-${{ github.workflow }}"
-run-name: "AWF Version Updater"
+run-name: "Dependency Version Updater"
jobs:
activation:
@@ -85,7 +85,7 @@ jobs:
GH_AW_INFO_VERSION: "latest"
GH_AW_INFO_AGENT_VERSION: "latest"
GH_AW_INFO_CLI_VERSION: "v0.67.1"
- GH_AW_INFO_WORKFLOW_NAME: "AWF Version Updater"
+ GH_AW_INFO_WORKFLOW_NAME: "Dependency Version Updater"
GH_AW_INFO_EXPERIMENTAL: "false"
GH_AW_INFO_SUPPORTS_TOOLS_ALLOWLIST: "true"
GH_AW_INFO_STAGED: "false"
@@ -153,19 +153,19 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_3461ee08f79e2cfb_EOF'
+ cat << 'GH_AW_PROMPT_e64d693612e00cf8_EOF'
- GH_AW_PROMPT_3461ee08f79e2cfb_EOF
+ GH_AW_PROMPT_e64d693612e00cf8_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_3461ee08f79e2cfb_EOF'
+ cat << 'GH_AW_PROMPT_e64d693612e00cf8_EOF'
- Tools: create_pull_request, missing_tool, missing_data, noop
- GH_AW_PROMPT_3461ee08f79e2cfb_EOF
+ Tools: create_pull_request(max:2), missing_tool, missing_data, noop
+ GH_AW_PROMPT_e64d693612e00cf8_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_create_pull_request.md"
- cat << 'GH_AW_PROMPT_3461ee08f79e2cfb_EOF'
+ cat << 'GH_AW_PROMPT_e64d693612e00cf8_EOF'
The following GitHub context information is available for this workflow:
@@ -195,12 +195,12 @@ jobs:
{{/if}}
- GH_AW_PROMPT_3461ee08f79e2cfb_EOF
+ GH_AW_PROMPT_e64d693612e00cf8_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_3461ee08f79e2cfb_EOF'
+ cat << 'GH_AW_PROMPT_e64d693612e00cf8_EOF'
{{#runtime-import .github/workflows/update-awf-version.md}}
- GH_AW_PROMPT_3461ee08f79e2cfb_EOF
+ GH_AW_PROMPT_e64d693612e00cf8_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -366,21 +366,21 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_388b6606edb43e2b_EOF'
- {"create_pull_request":{"max":1,"max_patch_size":1024,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS"],"protected_path_prefixes":[".github/",".agents/"]},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_388b6606edb43e2b_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_7e514d4d02d45859_EOF'
+ {"create_pull_request":{"max":2,"max_patch_size":1024,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS"],"protected_path_prefixes":[".github/",".agents/"]},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
+ GH_AW_SAFE_OUTPUTS_CONFIG_7e514d4d02d45859_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_3037a36620314c99_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_70ec49d4354263d0_EOF'
{
"description_suffixes": {
- "create_pull_request": " CONSTRAINTS: Maximum 1 pull request(s) can be created."
+ "create_pull_request": " CONSTRAINTS: Maximum 2 pull request(s) can be created."
},
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_3037a36620314c99_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_ac0d2846f06392ec_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_70ec49d4354263d0_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_18cef1809d034527_EOF'
{
"create_pull_request": {
"defaultMax": 1,
@@ -492,7 +492,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_ac0d2846f06392ec_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_18cef1809d034527_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -562,7 +562,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.14'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_8450003ef118a360_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_3df14ab9d8aea843_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -603,7 +603,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_8450003ef118a360_EOF
+ GH_AW_MCP_CONFIG_3df14ab9d8aea843_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -846,7 +846,7 @@ jobs:
env:
GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }}
GH_AW_NOOP_MAX: "1"
- GH_AW_WORKFLOW_NAME: "AWF Version Updater"
+ GH_AW_WORKFLOW_NAME: "Dependency Version Updater"
GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_NOOP_REPORT_AS_ISSUE: "true"
@@ -863,7 +863,7 @@ jobs:
env:
GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }}
GH_AW_MISSING_TOOL_CREATE_ISSUE: "true"
- GH_AW_WORKFLOW_NAME: "AWF Version Updater"
+ GH_AW_WORKFLOW_NAME: "Dependency Version Updater"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
@@ -877,7 +877,7 @@ jobs:
env:
GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }}
GH_AW_REPORT_INCOMPLETE_CREATE_ISSUE: "true"
- GH_AW_WORKFLOW_NAME: "AWF Version Updater"
+ GH_AW_WORKFLOW_NAME: "Dependency Version Updater"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
@@ -891,7 +891,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }}
- GH_AW_WORKFLOW_NAME: "AWF Version Updater"
+ GH_AW_WORKFLOW_NAME: "Dependency Version Updater"
GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_WORKFLOW_ID: "update-awf-version"
@@ -993,8 +993,8 @@ jobs:
if: always() && steps.detection_guard.outputs.run_detection == 'true'
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
- WORKFLOW_NAME: "AWF Version Updater"
- WORKFLOW_DESCRIPTION: "Checks for new releases of gh-aw-firewall and opens a PR to update the AWF_VERSION constant"
+ WORKFLOW_NAME: "Dependency Version Updater"
+ WORKFLOW_DESCRIPTION: "Checks for new releases of gh-aw-firewall and copilot-cli, and opens PRs to update pinned version constants"
HAS_PATCH: ${{ needs.agent.outputs.has_patch }}
with:
script: |
@@ -1081,7 +1081,7 @@ jobs:
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "update-awf-version"
- GH_AW_WORKFLOW_NAME: "AWF Version Updater"
+ GH_AW_WORKFLOW_NAME: "Dependency Version Updater"
outputs:
code_push_failure_count: ${{ steps.process_safe_outputs.outputs.code_push_failure_count }}
code_push_failure_errors: ${{ steps.process_safe_outputs.outputs.code_push_failure_errors }}
@@ -1158,7 +1158,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
- GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_pull_request\":{\"max\":1,\"max_patch_size\":1024,\"protected_files\":[\"package.json\",\"bun.lockb\",\"bunfig.toml\",\"deno.json\",\"deno.jsonc\",\"deno.lock\",\"global.json\",\"NuGet.Config\",\"Directory.Packages.props\",\"mix.exs\",\"mix.lock\",\"go.mod\",\"go.sum\",\"stack.yaml\",\"stack.yaml.lock\",\"pom.xml\",\"build.gradle\",\"build.gradle.kts\",\"settings.gradle\",\"settings.gradle.kts\",\"gradle.properties\",\"package-lock.json\",\"yarn.lock\",\"pnpm-lock.yaml\",\"npm-shrinkwrap.json\",\"requirements.txt\",\"Pipfile\",\"Pipfile.lock\",\"pyproject.toml\",\"setup.py\",\"setup.cfg\",\"Gemfile\",\"Gemfile.lock\",\"uv.lock\",\"CODEOWNERS\",\"AGENTS.md\"],\"protected_path_prefixes\":[\".github/\",\".agents/\"]},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
+ GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_pull_request\":{\"max\":2,\"max_patch_size\":1024,\"protected_files\":[\"package.json\",\"bun.lockb\",\"bunfig.toml\",\"deno.json\",\"deno.jsonc\",\"deno.lock\",\"global.json\",\"NuGet.Config\",\"Directory.Packages.props\",\"mix.exs\",\"mix.lock\",\"go.mod\",\"go.sum\",\"stack.yaml\",\"stack.yaml.lock\",\"pom.xml\",\"build.gradle\",\"build.gradle.kts\",\"settings.gradle\",\"settings.gradle.kts\",\"gradle.properties\",\"package-lock.json\",\"yarn.lock\",\"pnpm-lock.yaml\",\"npm-shrinkwrap.json\",\"requirements.txt\",\"Pipfile\",\"Pipfile.lock\",\"pyproject.toml\",\"setup.py\",\"setup.cfg\",\"Gemfile\",\"Gemfile.lock\",\"uv.lock\",\"CODEOWNERS\",\"AGENTS.md\"],\"protected_path_prefixes\":[\".github/\",\".agents/\"]},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
GH_AW_CI_TRIGGER_TOKEN: ${{ secrets.GH_AW_CI_TRIGGER_TOKEN }}
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/update-awf-version.md b/.github/workflows/update-awf-version.md
index b03f7f1e..a7d28ec9 100644
--- a/.github/workflows/update-awf-version.md
+++ b/.github/workflows/update-awf-version.md
@@ -1,7 +1,7 @@
---
on:
schedule: daily
-description: Checks for new releases of gh-aw-firewall and opens a PR to update the AWF_VERSION constant
+description: Checks for new releases of gh-aw-firewall and copilot-cli, and opens PRs to update pinned version constants
permissions:
contents: read
issues: read
@@ -13,56 +13,87 @@ network:
allowed: [defaults]
safe-outputs:
create-pull-request:
- max: 1
+ max: 2
---
-# AWF Version Updater
+# Dependency Version Updater
You are a dependency maintenance bot for the **ado-aw** project — a Rust CLI compiler that transforms markdown agent definitions into Azure DevOps pipeline YAML.
## Your Task
-Check whether the `AWF_VERSION` constant in `src/compile/common.rs` is up to date with the latest release of [gh-aw-firewall](https://github.com/github/gh-aw-firewall). If a newer version is available, open a PR to update it.
+Check whether pinned version constants in `src/compile/common.rs` are up to date with the latest releases of their upstream dependencies. For each outdated constant, open a PR to update it.
-## Step 1: Get the Latest gh-aw-firewall Release
+There are two dependencies to check:
-Fetch the latest release of the `github/gh-aw-firewall` repository. Record the tag name, stripping any leading `v` prefix to get the bare version number (e.g. `v0.24.0` → `0.24.0`).
+| Constant | Upstream Repository | Example value |
+|----------|-------------------|---------------|
+| `AWF_VERSION` | [github/gh-aw-firewall](https://github.com/github/gh-aw-firewall) | `0.25.14` |
+| `COPILOT_CLI_VERSION` | [github/copilot-cli](https://github.com/github/copilot-cli) | `1.0.6` |
-## Step 2: Read the Current AWF_VERSION
+Run the following steps **independently for each dependency**. One may be up to date while the other is not.
-Read the file `src/compile/common.rs` in this repository and find the line:
+---
+
+## For each dependency:
+
+### Step 1: Get the Latest Release
+
+Fetch the latest release of the upstream repository. Record the tag name, stripping any leading `v` prefix to get the bare version number (e.g. `v0.24.0` → `0.24.0`).
+
+### Step 2: Read the Current Version
+
+Read the file `src/compile/common.rs` in this repository and find the corresponding constant:
+
+- `pub const AWF_VERSION: &str = "...";`
+- `pub const COPILOT_CLI_VERSION: &str = "...";`
+
+Extract the version string.
+
+### Step 3: Compare Versions
+
+If the current constant already matches the latest release, **skip this dependency** — it is up to date.
+
+Before proceeding, also check whether a PR already exists with a title matching the expected PR title (see Step 4). If one is already open, **skip this dependency** to avoid duplicates.
+
+### Step 4: Create an Update PR
+
+If the latest version is newer than the current constant:
-```rust
-pub const AWF_VERSION: &str = "...";
-```
+1. Edit `src/compile/common.rs` — update **only** the relevant version string literal. Do not modify anything else in the file.
-Extract the version string from that line.
+2. Create a pull request:
-## Step 3: Compare Versions
+**For AWF_VERSION:**
+- **Title**: `chore: update AWF_VERSION to `
+- **Body**:
+ ```markdown
+ ## Dependency Update
-If the current `AWF_VERSION` already matches the latest release, **do nothing and stop**. The dependency is up to date.
+ Updates the pinned `AWF_VERSION` constant in `src/compile/common.rs` from `` to ``.
-Before proceeding, also check whether a PR already exists with a title matching `chore: update AWF_VERSION to `. If one is already open, **do nothing and stop** to avoid duplicates.
+ ### Release
-## Step 4: Create an Update PR
+ See the [gh-aw-firewall release notes](https://github.com/github/gh-aw-firewall/releases/tag/v) for details.
-If the latest version is newer than `AWF_VERSION`:
+ ---
+ *This PR was opened automatically by the dependency version updater workflow.*
+ ```
-1. Edit `src/compile/common.rs` — update the `AWF_VERSION` string literal to the new version. Change only that single string value; do not modify anything else in the file.
+**For COPILOT_CLI_VERSION:**
+- **Title**: `chore: update COPILOT_CLI_VERSION to `
+- **Body**:
+ ```markdown
+ ## Dependency Update
-2. Create a pull request with:
- - **Title**: `chore: update AWF_VERSION to `
- - **Body**:
- ```markdown
- ## Dependency Update
+ Updates the pinned `COPILOT_CLI_VERSION` constant in `src/compile/common.rs` from `` to ``.
- Updates the pinned `AWF_VERSION` constant in `src/compile/common.rs` from `` to ``.
+ ### Release
- ### Release
+ See the [copilot-cli release notes](https://github.com/github/copilot-cli/releases/tag/v) for details.
- See the [gh-aw-firewall release notes](https://github.com/github/gh-aw-firewall/releases/tag/v) for details.
+ ---
+ *This PR was opened automatically by the dependency version updater workflow.*
+ ```
- ---
- *This PR was opened automatically by the AWF version updater workflow.*
- ```
- - **Base branch**: `main`
+- **Base branch**: `main`