[ca] CLI Version Updates: Claude Code, Copilot CLI, Codex, GitHub MCP Server, MCP Gateway

[github-actions]

5 CLI tools have been updated in pkg/constants/version_constants.go and workflows recompiled (201/201 ✅).

Summary

Tool	Previous	New	Risk
Claude Code	2.1.112	2.1.119	Low
GitHub Copilot CLI	1.0.21	1.0.35	Medium
OpenAI Codex	0.121.0	0.124.0	Low
GitHub MCP Server	v1.0.0	v1.0.2	Low
MCP Gateway	v0.2.30	v0.3.0	Medium

No changes: Playwright MCP (0.0.70), Playwright Browser (v1.59.1).

---

Update Claude Code (2.1.112 → 2.1.119)

No public repository. Version bump of 7 patch releases.

• Risk: Low
• NPM Package: https://www.npmjs.com/package/`@anthropic-ai/claude-code`

---

Update GitHub Copilot CLI (1.0.21 → 1.0.35)

14 patch releases. Repository may be private; NPM description: "GitHub Copilot CLI brings the power of Copilot coding agent directly to your terminal."

• Risk: Medium (verify MCP loading and /models PAT behavior per upgrade notes in constants)
• NPM Package: https://www.npmjs.com/package/`@github/copilot`
• Repository: https://github.com/github/copilot-cli

View Upgrade Notes (from constants.go)

When upgrading, verify:

• MCPs are not blocked from loading (tools.mcp configuration still works end-to-end)
• /models does not silently fail on PATs (check that model listing works with PAT auth)

---

Update OpenAI Codex (0.121.0 → 0.124.0)

View rust-v0.124.0 Release Highlights

New Features

• TUI quick reasoning controls: Alt+, lowers reasoning, Alt+. raises it, accepted model upgrades reset reasoning to new model's default (feat(tui): shortcuts to change reasoning level temporarily openai/codex#18866, Persist target default reasoning on model upgrade openai/codex#19085)
• App-server sessions can now manage multiple environments and choose env/working-dir per turn (Support multiple managed environments openai/codex#18401, Add turn-scoped environment selections openai/codex#18416)
• First-class Amazon Bedrock support for OpenAI-compatible providers with AWS SigV4 signing (feat: add AWS SigV4 auth for OpenAI-compatible model providers openai/codex#17820)
• Remote plugin marketplaces can now be listed/read directly (feat: Support remote plugin list/read. openai/codex#18452, Use remote plugin IDs for detail reads and enlarge list pages openai/codex#19079)
• Hooks are now stable: configurable inline in config.toml, can observe MCP tools and apply_patch (codex: support hooks in config.toml and requirements.toml openai/codex#18893, Support MCP tools in hooks openai/codex#18385, fix(core): emit hooks for apply_patch edits openai/codex#18391)
• Eligible ChatGPT plans default to Fast service tier (Default Fast service tier for eligible ChatGPT plans openai/codex#19053)

Bug Fixes

• Preserved Cloudflare cookies across approved ChatGPT hosts (Preserve Cloudfare HTTP cookies in codex openai/codex#17783)
• Fixed remote app-server shutdown race and websocket drain under load (TUI: Keep remote app-server events draining openai/codex#18932, Fix remote app-server shutdown race openai/codex#18936)
• Fixed permission-mode drift so /permissions changes survive side conversations (TUI: preserve permission state after side conversations openai/codex#18924, Fix MCP permission policy sync openai/codex#19033)
• Fixed wait_agent returns promptly when mailbox work is already queued (fix: wait_agent timeout for queued mailbox mail openai/codex#18968)
• Fixed local stdio MCP launches for relative commands without explicit cwd (Fix relative stdio MCP cwd fallback openai/codex#19031)

Full Changelog: openai/codex@rust-v0.123.0...rust-v0.124.0

• Risk: Low
• Release Notes: https://github.com/openai/codex/releases/tag/rust-v0.124.0

---

Update GitHub MCP Server (v1.0.0 → v1.0.2)

View Changelog

v1.0.1 (2026-04-21)

• Fix Content-Type rejection for application/json; charset=utf-8 (Fix Content-Type rejection for application/json; charset=utf-8 github-mcp-server#2362)
• Re-allow browser-based MCP clients via CORS regression fix (SDK Regression: Re-allow browser-based MCP clients via CORS github-mcp-server#2359)
• Dependency bumps: docker/build-push-action, actions/github-script, golang base image

Full Changelog: github/github-mcp-server@v1.0.0...v1.0.1

v1.0.2 (2026-04-22)

• Fix set_issue_fields mutation: use correct inline fragments for IssueFieldValue union (Fix set_issue_fields mutation: use correct inline fragments for IssueFieldValue union github-mcp-server#2366)

Full Changelog: github/github-mcp-server@v1.0.1...v1.0.2

• Risk: Low (bug fixes only)
• Release Notes: https://github.com/github/github-mcp-server/releases

---

Update MCP Gateway (v0.2.30 → v0.3.0)

View v0.3.0 Release Highlights

Security & DIFC

• author_association: NONE now maps to unapproved integrity (fix: map author_association NONE to unapproved integrity gh-aw-mcpg#4430): GitHub's NONE association means "no association with the repo" — it does not imply the user is established. Previously mapped to the lowest none level; NONE now correctly maps to unapproved alongside CONTRIBUTOR and FIRST_TIME_CONTRIBUTOR. Only FIRST_TIMER remains at none.
• DIFC filtering metadata for agents (gateway: surface DIFC filtering metadata so agents can distinguish filtered from empty gh-aw-mcpg#4427): Tool responses now include metadata that lets agents distinguish between "no results found" and "results were filtered by DIFC policy".

Bug Fixes

• Fix HTTP MCP server startup failures — disabled standalone SSE stream in streamable HTTP transport (fix: disable standalone SSE stream in streamable HTTP transport to prevent HTTP MCP server startup failures gh-aw-mcpg#4428)
• Fix flag completion registration for --config, --log-dir, --payload-dir, --env (fix: register flag completion functions for config, log-dir, payload-dir, env gh-aw-mcpg#4413)

Improvements

• Cobra CLI UX improvements: NoArgs enforcement, Example fields, AddGroup for organized help ([Repo Assist] refactor(cmd): cobra UX improvements — NoArgs, MarkFlagFilename, preRun test fix gh-aw-mcpg#4395, cobra: fix test failures, add Examples/AddGroup, improve comments gh-aw-mcpg#4414)
• Rust guard performance: eliminated ctx.clone() overhead ([Repo Assist] perf(rust-guard): eliminate ctx.clone() and use &'static str in NormalizedPolicy gh-aw-mcpg#4394)
• Deduplicated MCP text envelope construction (Deduplicate raw MCP text envelope construction with shared helper gh-aw-mcpg#4352)
• Removed write-only owner-type cache ([Repo Assist] fix(rust-guard): remove write-only owner-type cache and simplify get_issue_author_association gh-aw-mcpg#4339)

Infrastructure

• Upgraded all 31 workflows to gh-aw v0.71.0 (chore: upgrade all workflows to gh-aw v0.71.0 gh-aw-mcpg#4443): Migrated features.cli-proxy → tools.github.mode: gh-proxy
• Release immutability support (feat: make releases immutable after all assets are uploaded gh-aw-mcpg#4410)

Full Changelog: github/gh-aw-mcpg@v0.2.30...v0.3.0

• Risk: Medium — DIFC integrity mapping change for author_association: NONE is a security behavior change
• Impact: Workflows operating on users with NONE association will now be filtered at unapproved level instead of none
• Release Notes: https://github.com/github/gh-aw-mcpg/releases/tag/v0.3.0

---

Impact Assessment

• Breaking Changes: None for standard workflows; MCP Gateway DIFC behavior change for NONE association users may affect filtering in some workflows
• Security: MCP Gateway v0.3.0 improves DIFC integrity mapping (positive security change)
• Recompile: ✅ All 201 workflows recompiled successfully

References:

• §24872196224

Generated by CLI Version Checker · ● 327.4K · ◷

• expires on Apr 26, 2026, 4:33 AM UTC

[github-actions]

🍪 *Issue Monster selected this for Copilotecho BEGIN___COMMAND_OUTPUT_MARKER ; PS1= ; PS2= ; unset HISTFILE ; EC=0 ; echo ___BEGIN___COMMAND_DONE_MARKER___0 ; }

I've identified this issue as a good candidate for automated resolution and requested assignment to the Copilot coding agent.

If assignment succeeds, the Copilot coding agent will analyze the issue and create a pull request with the fix.

Om nom nom! 🍪

Caution

Security scanning requires review for Issue Monster

Details

Potential security threats were detected in the agent output. The workflow output should be reviewed before merging.

Review the workflow run logs for details.

🍪 Om nom nom by Issue Monster · ● 29.7K · ◷