[ca] Update CLI tool versions: MCP Gateway v0.1.11, Claude Code 2.1.72, Copilot 1.0.3, Codex 0.113.0

[github-actions]

Summary

Four CLI tools have been updated. MCP Gateway requires a constants update (applied: v0.1.8 → v0.1.11). Claude Code, Copilot CLI, and Codex all use "latest" in constants.go and were tracked for changes.

Tool	Previous	Latest	Constants Updated
MCP Gateway (gh-aw-mcpg)	v0.1.8	v0.1.11	✅ Applied
Claude Code	2.1.71 (latest)	2.1.72	— (uses latest)
GitHub Copilot CLI	1.0.2 (latest)	1.0.3	— (uses latest)
OpenAI Codex	0.112.0 (latest)	0.113.0	— (uses latest)
GitHub MCP Server	v0.32.0	v0.32.0	— (no change)
Playwright MCP	0.0.68	0.0.68	— (no change)
Playwright Browser	v1.58.2	v1.58.2	— (no change)

make recompile was run successfully: 166/166 workflows compiled.

---

Update MCP Gateway — v0.1.8 → v0.1.11

• Previous: v0.1.8 → New: v0.1.11
• Timeline: Released 2026-03-06 through 2026-03-10

View Full Changelog (v0.1.9 → v0.1.10 → v0.1.11)

v0.1.9 (2026-03-06)

• MCP Protocol upgraded to 2025-11-25: Improved compatibility with latest MCP clients/servers (Resolve isHTTPConnectionError TODO and update MCPProtocolVersion to 2025-11-25 gh-aw-mcpg#1619)
• go-sdk upgraded to v1.4.0: Consolidates protocol constants, removes deprecated HTTPTransport (go-sdk v1.4.0 upgrade + protocol constant consolidation + HTTPTransport removal gh-aw-mcpg#1598)
• Config Schema v0.53.6: Validated against latest spec schema (🔄 chore: update schema URL to v0.53.6 gh-aw-mcpg#1640)
• customSchemas Documentation: New docs for custom schema URLs and domain constraint (docs: add customSchemas documentation and clarify domain uppercase constraint gh-aw-mcpg#1606)
• Code health: centralized duplicate constants, eliminated duplicate RPCMessageInfo construction, extracted Docker helpers (refactor: eliminate duplicate RPCMessageInfo construction and document flag-default pattern gh-aw-mcpg#1567, refactor: eliminate three duplicate code patterns in launcher, config, and server packages gh-aw-mcpg#1585, Refactor: Consolidate micro-files and extract Docker helpers gh-aw-mcpg#1641)
• Docker: ghcr.io/github/gh-aw-mcpg:v0.1.9

v0.1.10 (2026-03-10)

• GitHub DIFC enforcement: Added WASM guards, guard policies, and LabelAgent integration (feat: Add GitHub DIFC enforcement with WASM guards, guard policies, and LabelAgent integration gh-aw-mcpg#1674)
• Guards renamed: User-facing flags renamed to "guards"; WASM baked into gateway image (github-guard: bake WASM into gateway image, align test/release workflows, and rename user-facing flags to "guards" gh-aw-mcpg#1693)
• Routed URL fix: Fixed host advertisement and allow-only key normalization (fix: routed URL host advertisement and allow-only key normalization gh-aw-mcpg#1683)
• Schema v0.55.0: Config validated against schema v0.55.0 (🔄 chore: pin schema URL to gh-aw v0.55.0 gh-aw-mcpg#1658)
• Switch release workflow to actions-rust-lang/setup-rust-toolchain (Switch release workflow Rust setup to actions-rust-lang/setup-rust-toolchain gh-aw-mcpg#1703)
• Docker: ghcr.io/github/gh-aw-mcpg:v0.1.10

v0.1.11 (2026-03-10)

• WASM build fix: Corrected typo (targets: → target:) in release workflow setup-rust-toolchain action input; this was causing WASM compilation to silently fail (fix: use 'target' (singular) for setup-rust-toolchain action input gh-aw-mcpg#1715)
• Schema v0.57.0: Config validated against latest schema v0.57.0 (🔄 chore: update schema URL to v0.57.0 gh-aw-mcpg#1713)
• Docker: ghcr.io/github/gh-aw-mcpg:v0.1.11

Impact Assessment

• Risk: Low–Medium
• Notable: The v0.1.10 DIFC enforcement feature (WASM guards, LabelAgent) is a significant capability addition
• Docker Image: ghcr.io/github/gh-aw-mcpg:v0.1.11

Package Links

• Repository: https://github.com/github/gh-aw-mcpg
• Release Notes: https://github.com/github/gh-aw-mcpg/releases/tag/v0.1.11

---

Update Claude Code — 2.1.71 → 2.1.72

• Previous: 2.1.71 → New: 2.1.72
• Constants: Uses "latest" — no code change required

View CLI Changes

New flag detected in 2.1.72

• --brief: Enable SendUserMessage tool for agent-to-user communication (new in 2.1.72, not present in 2.1.69)

No public repository or GitHub release notes available for Claude Code.

Impact Assessment

• Risk: Low
• NPM Package: https://www.npmjs.com/package/`@anthropic-ai/claude-code`

---

Update GitHub Copilot CLI — 1.0.2 → 1.0.3

• Previous: 1.0.2 → New: 1.0.3
• Constants: Uses "latest" — no code change required

View CLI Changes (help diff 1.0.2 → 1.0.3)

No visible changes to CLI help output between 1.0.2 and 1.0.3. Main help, config, and environment topic help are identical. This appears to be an internal/dependency update.

Repository is private — no public GitHub release notes available.

Subcommand Help Analysis (1.0.3)

• config: No changes from 1.0.2
• environment: No changes from 1.0.2
• Model list: Same as 1.0.2 (claude-sonnet-4.6, claude-opus-4.6, gpt-5.4, gemini-3-pro-preview, etc.)

Impact Assessment

• Risk: Low (internal update, no user-facing changes detected)
• NPM Package: https://www.npmjs.com/package/`@github/copilot`

---

Update OpenAI Codex — 0.112.0 → 0.113.0

• Previous: 0.112.0 → New: 0.113.0
• Constants: Uses "latest" — no code change required

View Full Changelog

New Features

• request_permissions tool: Built-in tool allowing running turns to request additional permissions at runtime, with new TUI rendering (Add request permissions tool openai/codex#13092, feat(tui) render request_permissions calls openai/codex#14004)
• Plugin marketplace: Curated marketplace discovery, richer plugin/list metadata, install-time auth checks, plugin/uninstall endpoint (feat: Add curated plugin marketplace + Metadata Cleanup. openai/codex#13712, support plugin/list. openai/codex#13540)
• App server streaming: Upgraded app-server command execution with streaming stdin/stdout/stderr plus TTY/PTY support (app-server: Add streaming and tty/pty capabilities to command/exec openai/codex#13640, Add in-process app server and wire up exec to use it openai/codex#14005)
• Web search config: Full tool configuration support (filters, location), not just on/off (Allow full web search tool config openai/codex#13675)
• Permission-profile config: New permission-profile config language with split filesystem/network sandbox policy plumbing (config: add initial support for the new permission profile config language in config.toml openai/codex#13434, sandboxing: plumb split sandbox policies through runtime openai/codex#13439)
• Image generation: Output files saved to current working directory (Enabling CWD Saving for Image-Gen openai/codex#13607)

Bug Fixes

• Fixed auth error handling for cloud requirements fetch — 401s now trigger normal auth-recovery flow (fix: properly handle 401 error in clound requirement fetch. openai/codex#14049)
• Fixed trust bootstrap to avoid running git before project trust is established (fix: avoid invoking git before project trust is established openai/codex#13804)
• Fixed Windows execution edge cases including PTY TerminateProcess handling and sandbox startup cwd validation (Fix inverted Windows PTY TerminateProcess handling openai/codex#13989, app-server: require absolute cwd for windowsSandbox/setupStart openai/codex#13833)
• Fixed plugin startup: curated plugins loaded correctly in TUI sessions (fix(plugin): Also load curated plugins for TUI. openai/codex#14050)
• Hardened network proxy policy parsing: rejects global wildcard (*) domains (fix: reject global wildcard network proxy domains openai/codex#13789)

Chores

• Moved logs to dedicated SQLite DB with timestamps, pruning, and row limits (Add timestamped SQLite /feedback logs without schema changes openai/codex#13645, Add timestamps to feedback log lines openai/codex#13688)
• Published CLI releases to winget for Windows distribution (Codex/winget auto update openai/codex#12943)

Impact Assessment

• Risk: Low
• Notable: request_permissions tool and plugin marketplace are significant new capabilities
• Repository: https://github.com/openai/codex
• Release Notes: https://github.com/openai/codex/releases/tag/rust-v0.113.0

---

References:

• §22896909720

Generated by CLI Version Checker · ◷

• expires on Mar 12, 2026, 10:05 AM UTC

[github-actions]

This issue is being closed as outdated. A newer issue has been created: #20491

View newer issue

---

This action was performed automatically by the CLI Version Checker workflow.