diff --git a/.github/workflows/agent-performance-analyzer.lock.yml b/.github/workflows/agent-performance-analyzer.lock.yml index 49bd6db3d4..27df1c49c7 100644 --- a/.github/workflows/agent-performance-analyzer.lock.yml +++ b/.github/workflows/agent-performance-analyzer.lock.yml @@ -153,7 +153,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -582,7 +584,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Agent Performance Analyzer - Meta-Orchestrator", experimental: false, supports_tools_allowlist: true, @@ -1803,7 +1805,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/agent-persona-explorer.lock.yml b/.github/workflows/agent-persona-explorer.lock.yml index c4628e83ed..1dd0d6a795 100644 --- a/.github/workflows/agent-persona-explorer.lock.yml +++ b/.github/workflows/agent-persona-explorer.lock.yml @@ -155,7 +155,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -476,7 +478,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Agent Persona Explorer", experimental: false, supports_tools_allowlist: true, @@ -1270,7 +1272,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/ai-moderator.lock.yml b/.github/workflows/ai-moderator.lock.yml index 0d6faad9d1..eeb4acab41 100644 --- a/.github/workflows/ai-moderator.lock.yml +++ b/.github/workflows/ai-moderator.lock.yml @@ -160,7 +160,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -458,7 +460,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "gpt-5.1-codex-mini", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "AI Moderator", experimental: false, supports_tools_allowlist: true, diff --git a/.github/workflows/archie.lock.yml b/.github/workflows/archie.lock.yml index fabdf82fc0..98da56c09f 100644 --- a/.github/workflows/archie.lock.yml +++ b/.github/workflows/archie.lock.yml @@ -179,7 +179,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -456,7 +458,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Archie", experimental: false, supports_tools_allowlist: true, @@ -1182,7 +1184,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/artifacts-summary.lock.yml b/.github/workflows/artifacts-summary.lock.yml index ca2f0ea48d..1ea8122dbe 100644 --- a/.github/workflows/artifacts-summary.lock.yml +++ b/.github/workflows/artifacts-summary.lock.yml @@ -140,7 +140,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -426,7 +428,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Artifacts Summary", experimental: false, supports_tools_allowlist: true, @@ -1108,7 +1110,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/audit-workflows.lock.yml b/.github/workflows/audit-workflows.lock.yml index be54c10fbf..defb009ddf 100644 --- a/.github/workflows/audit-workflows.lock.yml +++ b/.github/workflows/audit-workflows.lock.yml @@ -217,7 +217,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -532,7 +534,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "Agentic Workflow Audit Agent", experimental: true, supports_tools_allowlist: true, @@ -1500,7 +1502,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/auto-triage-issues.lock.yml b/.github/workflows/auto-triage-issues.lock.yml index 8fe723b2f3..6a1e50f61e 100644 --- a/.github/workflows/auto-triage-issues.lock.yml +++ b/.github/workflows/auto-triage-issues.lock.yml @@ -143,7 +143,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -465,7 +467,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Auto-Triage Issues", experimental: false, supports_tools_allowlist: true, @@ -1338,7 +1340,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/blog-auditor.lock.yml b/.github/workflows/blog-auditor.lock.yml index c2a9621e02..e3742b945e 100644 --- a/.github/workflows/blog-auditor.lock.yml +++ b/.github/workflows/blog-auditor.lock.yml @@ -148,7 +148,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -447,7 +449,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "Blog Auditor", experimental: true, supports_tools_allowlist: true, @@ -1392,7 +1394,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/brave.lock.yml b/.github/workflows/brave.lock.yml index b5915377da..04b80232fb 100644 --- a/.github/workflows/brave.lock.yml +++ b/.github/workflows/brave.lock.yml @@ -170,7 +170,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -450,7 +452,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Brave Web Search Agent", experimental: false, supports_tools_allowlist: true, @@ -1083,7 +1085,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/breaking-change-checker.lock.yml b/.github/workflows/breaking-change-checker.lock.yml index 9852f36697..94aaadc270 100644 --- a/.github/workflows/breaking-change-checker.lock.yml +++ b/.github/workflows/breaking-change-checker.lock.yml @@ -137,7 +137,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -444,7 +446,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Breaking Change Checker", experimental: false, supports_tools_allowlist: true, @@ -1144,7 +1146,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/changeset.lock.yml b/.github/workflows/changeset.lock.yml index 2ef8981729..3db723076c 100644 --- a/.github/workflows/changeset.lock.yml +++ b/.github/workflows/changeset.lock.yml @@ -184,8 +184,10 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install Codex - run: npm install -g --silent @openai/codex@0.92.0 + - name: Install Codex CLI + env: + CLI_VERSION: ${{ env.GH_AW_CODEX_VERSION || '0.92.0' }} + run: npm install -g --silent @openai/codex@"${CLI_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -551,7 +553,7 @@ jobs: engine_name: "Codex", model: "gpt-5.1-codex-mini", version: "", - agent_version: "0.92.0", + agent_version: process.env.GH_AW_CODEX_VERSION || "0.92.0", workflow_name: "Changeset Generator", experimental: true, supports_tools_allowlist: true, diff --git a/.github/workflows/chroma-issue-indexer.lock.yml b/.github/workflows/chroma-issue-indexer.lock.yml index 86d1fabc61..f51c1a04d9 100644 --- a/.github/workflows/chroma-issue-indexer.lock.yml +++ b/.github/workflows/chroma-issue-indexer.lock.yml @@ -144,7 +144,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -243,7 +245,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "gpt-5.1-codex-mini", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Chroma Issue Indexer", experimental: false, supports_tools_allowlist: true, diff --git a/.github/workflows/ci-coach.lock.yml b/.github/workflows/ci-coach.lock.yml index 8bad88c5c1..ee90437bee 100644 --- a/.github/workflows/ci-coach.lock.yml +++ b/.github/workflows/ci-coach.lock.yml @@ -193,7 +193,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -489,7 +491,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "CI Optimization Coach", experimental: false, supports_tools_allowlist: true, @@ -1734,7 +1736,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/ci-doctor.lock.yml b/.github/workflows/ci-doctor.lock.yml index 47c3e9d3d3..2da4d48483 100644 --- a/.github/workflows/ci-doctor.lock.yml +++ b/.github/workflows/ci-doctor.lock.yml @@ -162,7 +162,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -504,7 +506,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "gpt-5.1-codex-mini", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "CI Failure Doctor", experimental: false, supports_tools_allowlist: true, @@ -1213,7 +1215,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/claude-code-user-docs-review.lock.yml b/.github/workflows/claude-code-user-docs-review.lock.yml index 594e24fac6..ca6ddb26c7 100644 --- a/.github/workflows/claude-code-user-docs-review.lock.yml +++ b/.github/workflows/claude-code-user-docs-review.lock.yml @@ -156,7 +156,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -438,7 +440,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "Claude Code User Documentation Review", experimental: true, supports_tools_allowlist: true, @@ -1521,7 +1523,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/cli-consistency-checker.lock.yml b/.github/workflows/cli-consistency-checker.lock.yml index 9581f5622d..df7989f887 100644 --- a/.github/workflows/cli-consistency-checker.lock.yml +++ b/.github/workflows/cli-consistency-checker.lock.yml @@ -136,7 +136,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -443,7 +445,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "CLI Consistency Checker", experimental: false, supports_tools_allowlist: true, @@ -1148,7 +1150,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/cli-version-checker.lock.yml b/.github/workflows/cli-version-checker.lock.yml index cef96bb690..85e7767416 100644 --- a/.github/workflows/cli-version-checker.lock.yml +++ b/.github/workflows/cli-version-checker.lock.yml @@ -163,7 +163,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -466,7 +468,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "CLI Version Checker", experimental: true, supports_tools_allowlist: true, @@ -1580,7 +1582,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/cloclo.lock.yml b/.github/workflows/cloclo.lock.yml index 60ca3e7e1a..b69aa02fbd 100644 --- a/.github/workflows/cloclo.lock.yml +++ b/.github/workflows/cloclo.lock.yml @@ -244,7 +244,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -608,7 +610,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "/cloclo", experimental: true, supports_tools_allowlist: true, @@ -1517,7 +1519,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/code-scanning-fixer.lock.yml b/.github/workflows/code-scanning-fixer.lock.yml index 9b4ed460fa..3d0c3b656d 100644 --- a/.github/workflows/code-scanning-fixer.lock.yml +++ b/.github/workflows/code-scanning-fixer.lock.yml @@ -156,7 +156,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -488,7 +490,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Code Scanning Fixer", experimental: false, supports_tools_allowlist: true, @@ -1248,7 +1250,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/code-simplifier.lock.yml b/.github/workflows/code-simplifier.lock.yml index 8679c61d43..bfa1ff2171 100644 --- a/.github/workflows/code-simplifier.lock.yml +++ b/.github/workflows/code-simplifier.lock.yml @@ -143,7 +143,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -439,7 +441,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Code Simplifier", experimental: false, supports_tools_allowlist: true, @@ -1389,7 +1391,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/codex-github-remote-mcp-test.lock.yml b/.github/workflows/codex-github-remote-mcp-test.lock.yml index 46e821550f..9bdfc6b575 100644 --- a/.github/workflows/codex-github-remote-mcp-test.lock.yml +++ b/.github/workflows/codex-github-remote-mcp-test.lock.yml @@ -125,8 +125,10 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install Codex - run: npm install -g --silent @openai/codex@0.92.0 + - name: Install Codex CLI + env: + CLI_VERSION: ${{ env.GH_AW_CODEX_VERSION || '0.92.0' }} + run: npm install -g --silent @openai/codex@"${CLI_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -212,7 +214,7 @@ jobs: engine_name: "Codex", model: process.env.GH_AW_MODEL_AGENT_CODEX || "", version: "", - agent_version: "0.92.0", + agent_version: process.env.GH_AW_CODEX_VERSION || "0.92.0", workflow_name: "Codex GitHub Remote MCP Test", experimental: true, supports_tools_allowlist: true, diff --git a/.github/workflows/commit-changes-analyzer.lock.yml b/.github/workflows/commit-changes-analyzer.lock.yml index 42bde7a101..c508722a94 100644 --- a/.github/workflows/commit-changes-analyzer.lock.yml +++ b/.github/workflows/commit-changes-analyzer.lock.yml @@ -150,7 +150,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -432,7 +434,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "Commit Changes Analyzer", experimental: true, supports_tools_allowlist: true, @@ -1301,7 +1303,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/copilot-agent-analysis.lock.yml b/.github/workflows/copilot-agent-analysis.lock.yml index 9edad2e3b5..37fd805499 100644 --- a/.github/workflows/copilot-agent-analysis.lock.yml +++ b/.github/workflows/copilot-agent-analysis.lock.yml @@ -180,7 +180,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -462,7 +464,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "Copilot Agent PR Analysis", experimental: true, supports_tools_allowlist: true, @@ -1698,7 +1700,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/copilot-cli-deep-research.lock.yml b/.github/workflows/copilot-cli-deep-research.lock.yml index b55e3c74ac..f10c03b6d3 100644 --- a/.github/workflows/copilot-cli-deep-research.lock.yml +++ b/.github/workflows/copilot-cli-deep-research.lock.yml @@ -151,7 +151,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -437,7 +439,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Copilot CLI Deep Research Agent", experimental: false, supports_tools_allowlist: true, @@ -1540,7 +1542,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/copilot-pr-merged-report.lock.yml b/.github/workflows/copilot-pr-merged-report.lock.yml index df4f0d9b16..ad837b28df 100644 --- a/.github/workflows/copilot-pr-merged-report.lock.yml +++ b/.github/workflows/copilot-pr-merged-report.lock.yml @@ -141,7 +141,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Download container images @@ -516,7 +518,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Daily Copilot PR Merged Report", experimental: false, supports_tools_allowlist: true, @@ -1302,7 +1304,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/copilot-pr-nlp-analysis.lock.yml b/.github/workflows/copilot-pr-nlp-analysis.lock.yml index 89728e7bf1..ba98ce29a3 100644 --- a/.github/workflows/copilot-pr-nlp-analysis.lock.yml +++ b/.github/workflows/copilot-pr-nlp-analysis.lock.yml @@ -201,7 +201,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -516,7 +518,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Copilot PR Conversation NLP Analysis", experimental: false, supports_tools_allowlist: true, @@ -1907,7 +1909,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/copilot-pr-prompt-analysis.lock.yml b/.github/workflows/copilot-pr-prompt-analysis.lock.yml index aa80601bb0..7e584b7e9a 100644 --- a/.github/workflows/copilot-pr-prompt-analysis.lock.yml +++ b/.github/workflows/copilot-pr-prompt-analysis.lock.yml @@ -172,7 +172,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -458,7 +460,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Copilot PR Prompt Pattern Analysis", experimental: false, supports_tools_allowlist: true, @@ -1437,7 +1439,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/copilot-session-insights.lock.yml b/.github/workflows/copilot-session-insights.lock.yml index 5c55e23e4e..6c3c757523 100644 --- a/.github/workflows/copilot-session-insights.lock.yml +++ b/.github/workflows/copilot-session-insights.lock.yml @@ -204,7 +204,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -515,7 +517,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "Copilot Session Insights", experimental: true, supports_tools_allowlist: true, @@ -2235,7 +2237,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/craft.lock.yml b/.github/workflows/craft.lock.yml index ff2f2cd1c7..3b01231bc4 100644 --- a/.github/workflows/craft.lock.yml +++ b/.github/workflows/craft.lock.yml @@ -171,7 +171,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -488,7 +490,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Workflow Craft Agent", experimental: false, supports_tools_allowlist: true, @@ -1262,7 +1264,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/daily-assign-issue-to-user.lock.yml b/.github/workflows/daily-assign-issue-to-user.lock.yml index 096865d27c..ea5a6fa5d6 100644 --- a/.github/workflows/daily-assign-issue-to-user.lock.yml +++ b/.github/workflows/daily-assign-issue-to-user.lock.yml @@ -135,7 +135,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -453,7 +455,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Auto-Assign Issue", experimental: false, supports_tools_allowlist: true, @@ -985,7 +987,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/daily-choice-test.lock.yml b/.github/workflows/daily-choice-test.lock.yml index 052416a0ad..fd9483a0ac 100644 --- a/.github/workflows/daily-choice-test.lock.yml +++ b/.github/workflows/daily-choice-test.lock.yml @@ -143,7 +143,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -404,7 +406,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "Daily Choice Type Test", experimental: true, supports_tools_allowlist: true, @@ -988,7 +990,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/daily-cli-performance.lock.yml b/.github/workflows/daily-cli-performance.lock.yml index 930f66020c..8ce51949f9 100644 --- a/.github/workflows/daily-cli-performance.lock.yml +++ b/.github/workflows/daily-cli-performance.lock.yml @@ -150,7 +150,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -625,7 +627,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Daily CLI Performance Agent", experimental: false, supports_tools_allowlist: true, @@ -1944,7 +1946,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/daily-code-metrics.lock.yml b/.github/workflows/daily-code-metrics.lock.yml index 477f7bb403..8342bff88a 100644 --- a/.github/workflows/daily-code-metrics.lock.yml +++ b/.github/workflows/daily-code-metrics.lock.yml @@ -193,7 +193,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -504,7 +506,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "Daily Code Metrics and Trend Tracking Agent", experimental: true, supports_tools_allowlist: true, @@ -1998,7 +2000,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/daily-compiler-quality.lock.yml b/.github/workflows/daily-compiler-quality.lock.yml index 7466fa2173..28a0370e4e 100644 --- a/.github/workflows/daily-compiler-quality.lock.yml +++ b/.github/workflows/daily-compiler-quality.lock.yml @@ -151,7 +151,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -445,7 +447,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Daily Compiler Quality Check", experimental: false, supports_tools_allowlist: true, @@ -1681,7 +1683,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/daily-copilot-token-report.lock.yml b/.github/workflows/daily-copilot-token-report.lock.yml index 4e29f28fd5..603747f49e 100644 --- a/.github/workflows/daily-copilot-token-report.lock.yml +++ b/.github/workflows/daily-copilot-token-report.lock.yml @@ -199,7 +199,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -514,7 +516,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Daily Copilot Token Consumption Report", experimental: false, supports_tools_allowlist: true, @@ -2029,7 +2031,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/daily-doc-updater.lock.yml b/.github/workflows/daily-doc-updater.lock.yml index 6e01bf4e5b..809722d915 100644 --- a/.github/workflows/daily-doc-updater.lock.yml +++ b/.github/workflows/daily-doc-updater.lock.yml @@ -155,7 +155,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -447,7 +449,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "Daily Documentation Updater", experimental: true, supports_tools_allowlist: true, @@ -1237,7 +1239,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/daily-fact.lock.yml b/.github/workflows/daily-fact.lock.yml index 5c58c28bd9..9ea0143dfa 100644 --- a/.github/workflows/daily-fact.lock.yml +++ b/.github/workflows/daily-fact.lock.yml @@ -130,8 +130,10 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install Codex - run: npm install -g --silent @openai/codex@0.92.0 + - name: Install Codex CLI + env: + CLI_VERSION: ${{ env.GH_AW_CODEX_VERSION || '0.92.0' }} + run: npm install -g --silent @openai/codex@"${CLI_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -423,7 +425,7 @@ jobs: engine_name: "Codex", model: "gpt-5.1-codex-mini", version: "", - agent_version: "0.92.0", + agent_version: process.env.GH_AW_CODEX_VERSION || "0.92.0", workflow_name: "Daily Fact About gh-aw", experimental: true, supports_tools_allowlist: true, @@ -976,8 +978,10 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install Codex - run: npm install -g --silent @openai/codex@0.92.0 + - name: Install Codex CLI + env: + CLI_VERSION: ${{ env.GH_AW_CODEX_VERSION || '0.92.0' }} + run: npm install -g --silent @openai/codex@"${CLI_VERSION}" - name: Run Codex run: | set -o pipefail diff --git a/.github/workflows/daily-file-diet.lock.yml b/.github/workflows/daily-file-diet.lock.yml index 9b0a6fa825..86d711a713 100644 --- a/.github/workflows/daily-file-diet.lock.yml +++ b/.github/workflows/daily-file-diet.lock.yml @@ -143,7 +143,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -458,7 +460,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Daily File Diet", experimental: false, supports_tools_allowlist: true, @@ -1337,7 +1339,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/daily-firewall-report.lock.yml b/.github/workflows/daily-firewall-report.lock.yml index 46ff7daff8..14c6689802 100644 --- a/.github/workflows/daily-firewall-report.lock.yml +++ b/.github/workflows/daily-firewall-report.lock.yml @@ -195,7 +195,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -528,7 +530,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Daily Firewall Logs Collector and Reporter", experimental: false, supports_tools_allowlist: true, @@ -1595,7 +1597,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/daily-issues-report.lock.yml b/.github/workflows/daily-issues-report.lock.yml index fe353c414a..071ed428b5 100644 --- a/.github/workflows/daily-issues-report.lock.yml +++ b/.github/workflows/daily-issues-report.lock.yml @@ -194,8 +194,10 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install Codex - run: npm install -g --silent @openai/codex@0.92.0 + - name: Install Codex CLI + env: + CLI_VERSION: ${{ env.GH_AW_CODEX_VERSION || '0.92.0' }} + run: npm install -g --silent @openai/codex@"${CLI_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -590,7 +592,7 @@ jobs: engine_name: "Codex", model: process.env.GH_AW_MODEL_AGENT_CODEX || "", version: "", - agent_version: "0.92.0", + agent_version: process.env.GH_AW_CODEX_VERSION || "0.92.0", workflow_name: "Daily Issues Report Generator", experimental: true, supports_tools_allowlist: true, @@ -2115,8 +2117,10 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install Codex - run: npm install -g --silent @openai/codex@0.92.0 + - name: Install Codex CLI + env: + CLI_VERSION: ${{ env.GH_AW_CODEX_VERSION || '0.92.0' }} + run: npm install -g --silent @openai/codex@"${CLI_VERSION}" - name: Run Codex run: | set -o pipefail diff --git a/.github/workflows/daily-malicious-code-scan.lock.yml b/.github/workflows/daily-malicious-code-scan.lock.yml index 4c3dcba7e9..e3ffc558aa 100644 --- a/.github/workflows/daily-malicious-code-scan.lock.yml +++ b/.github/workflows/daily-malicious-code-scan.lock.yml @@ -140,7 +140,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -467,7 +469,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Daily Malicious Code Scan Agent", experimental: false, supports_tools_allowlist: true, diff --git a/.github/workflows/daily-multi-device-docs-tester.lock.yml b/.github/workflows/daily-multi-device-docs-tester.lock.yml index bce3d5916d..f4cfa7c76d 100644 --- a/.github/workflows/daily-multi-device-docs-tester.lock.yml +++ b/.github/workflows/daily-multi-device-docs-tester.lock.yml @@ -154,7 +154,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -503,7 +505,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "Multi-Device Docs Tester", experimental: true, supports_tools_allowlist: true, @@ -1388,7 +1390,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/daily-news.lock.yml b/.github/workflows/daily-news.lock.yml index baf1185164..403804903b 100644 --- a/.github/workflows/daily-news.lock.yml +++ b/.github/workflows/daily-news.lock.yml @@ -256,7 +256,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -585,7 +587,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Daily News", experimental: false, supports_tools_allowlist: true, @@ -1990,7 +1992,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/daily-observability-report.lock.yml b/.github/workflows/daily-observability-report.lock.yml index 7f0418367b..cd95a422a5 100644 --- a/.github/workflows/daily-observability-report.lock.yml +++ b/.github/workflows/daily-observability-report.lock.yml @@ -149,8 +149,10 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install Codex - run: npm install -g --silent @openai/codex@0.92.0 + - name: Install Codex CLI + env: + CLI_VERSION: ${{ env.GH_AW_CODEX_VERSION || '0.92.0' }} + run: npm install -g --silent @openai/codex@"${CLI_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -557,7 +559,7 @@ jobs: engine_name: "Codex", model: process.env.GH_AW_MODEL_AGENT_CODEX || "", version: "", - agent_version: "0.92.0", + agent_version: process.env.GH_AW_CODEX_VERSION || "0.92.0", workflow_name: "Daily Observability Report for AWF Firewall and MCP Gateway", experimental: true, supports_tools_allowlist: true, @@ -1520,8 +1522,10 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install Codex - run: npm install -g --silent @openai/codex@0.92.0 + - name: Install Codex CLI + env: + CLI_VERSION: ${{ env.GH_AW_CODEX_VERSION || '0.92.0' }} + run: npm install -g --silent @openai/codex@"${CLI_VERSION}" - name: Run Codex run: | set -o pipefail diff --git a/.github/workflows/daily-performance-summary.lock.yml b/.github/workflows/daily-performance-summary.lock.yml index 8acdd13dbe..2982dde3ba 100644 --- a/.github/workflows/daily-performance-summary.lock.yml +++ b/.github/workflows/daily-performance-summary.lock.yml @@ -184,8 +184,10 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install Codex - run: npm install -g --silent @openai/codex@0.92.0 + - name: Install Codex CLI + env: + CLI_VERSION: ${{ env.GH_AW_CODEX_VERSION || '0.92.0' }} + run: npm install -g --silent @openai/codex@"${CLI_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -1051,7 +1053,7 @@ jobs: engine_name: "Codex", model: process.env.GH_AW_MODEL_AGENT_CODEX || "", version: "", - agent_version: "0.92.0", + agent_version: process.env.GH_AW_CODEX_VERSION || "0.92.0", workflow_name: "Daily Project Performance Summary Generator (Using Safe Inputs)", experimental: true, supports_tools_allowlist: true, @@ -2216,8 +2218,10 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install Codex - run: npm install -g --silent @openai/codex@0.92.0 + - name: Install Codex CLI + env: + CLI_VERSION: ${{ env.GH_AW_CODEX_VERSION || '0.92.0' }} + run: npm install -g --silent @openai/codex@"${CLI_VERSION}" - name: Run Codex run: | set -o pipefail diff --git a/.github/workflows/daily-regulatory.lock.yml b/.github/workflows/daily-regulatory.lock.yml index 2a4d6ee8fd..220895509b 100644 --- a/.github/workflows/daily-regulatory.lock.yml +++ b/.github/workflows/daily-regulatory.lock.yml @@ -143,7 +143,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -951,7 +953,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Daily Regulatory Report Generator", experimental: false, supports_tools_allowlist: true, @@ -2018,7 +2020,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/daily-repo-chronicle.lock.yml b/.github/workflows/daily-repo-chronicle.lock.yml index a662b90b34..eeb21cbd5c 100644 --- a/.github/workflows/daily-repo-chronicle.lock.yml +++ b/.github/workflows/daily-repo-chronicle.lock.yml @@ -176,7 +176,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -491,7 +493,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "The Daily Repository Chronicle", experimental: false, supports_tools_allowlist: true, @@ -1759,7 +1761,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/daily-safe-output-optimizer.lock.yml b/.github/workflows/daily-safe-output-optimizer.lock.yml index 51eff93457..eb6306bf2f 100644 --- a/.github/workflows/daily-safe-output-optimizer.lock.yml +++ b/.github/workflows/daily-safe-output-optimizer.lock.yml @@ -187,7 +187,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -494,7 +496,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "Daily Safe Output Tool Optimizer", experimental: true, supports_tools_allowlist: true, @@ -1624,7 +1626,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/daily-secrets-analysis.lock.yml b/.github/workflows/daily-secrets-analysis.lock.yml index c1da99f1da..10fa06d9d8 100644 --- a/.github/workflows/daily-secrets-analysis.lock.yml +++ b/.github/workflows/daily-secrets-analysis.lock.yml @@ -141,7 +141,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -484,7 +486,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Daily Secrets Analysis Agent", experimental: false, supports_tools_allowlist: true, @@ -1354,7 +1356,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/daily-semgrep-scan.lock.yml b/.github/workflows/daily-semgrep-scan.lock.yml index dafe86665d..df096911f7 100644 --- a/.github/workflows/daily-semgrep-scan.lock.yml +++ b/.github/workflows/daily-semgrep-scan.lock.yml @@ -141,7 +141,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -481,7 +483,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Daily Semgrep Scan", experimental: false, supports_tools_allowlist: true, @@ -996,7 +998,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/daily-team-evolution-insights.lock.yml b/.github/workflows/daily-team-evolution-insights.lock.yml index 48681a6361..02157d794a 100644 --- a/.github/workflows/daily-team-evolution-insights.lock.yml +++ b/.github/workflows/daily-team-evolution-insights.lock.yml @@ -150,7 +150,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -432,7 +434,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "Daily Team Evolution Insights", experimental: true, supports_tools_allowlist: true, @@ -1393,7 +1395,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/daily-team-status.lock.yml b/.github/workflows/daily-team-status.lock.yml index f6a3f01b26..b9f19edde1 100644 --- a/.github/workflows/daily-team-status.lock.yml +++ b/.github/workflows/daily-team-status.lock.yml @@ -149,7 +149,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -456,7 +458,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Daily Team Status", experimental: false, supports_tools_allowlist: true, @@ -1126,7 +1128,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/daily-testify-uber-super-expert.lock.yml b/.github/workflows/daily-testify-uber-super-expert.lock.yml index fd1d2a829c..5fd5127725 100644 --- a/.github/workflows/daily-testify-uber-super-expert.lock.yml +++ b/.github/workflows/daily-testify-uber-super-expert.lock.yml @@ -153,7 +153,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -468,7 +470,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Daily Testify Uber Super Expert", experimental: false, supports_tools_allowlist: true, @@ -1611,7 +1613,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/daily-workflow-updater.lock.yml b/.github/workflows/daily-workflow-updater.lock.yml index 37d4b0a7a8..bfbe5d05af 100644 --- a/.github/workflows/daily-workflow-updater.lock.yml +++ b/.github/workflows/daily-workflow-updater.lock.yml @@ -136,7 +136,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -432,7 +434,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Daily Workflow Updater", experimental: false, supports_tools_allowlist: true, @@ -1150,7 +1152,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/deep-report.lock.yml b/.github/workflows/deep-report.lock.yml index e8bbb35b31..4842f1c029 100644 --- a/.github/workflows/deep-report.lock.yml +++ b/.github/workflows/deep-report.lock.yml @@ -194,8 +194,10 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install Codex - run: npm install -g --silent @openai/codex@0.92.0 + - name: Install Codex CLI + env: + CLI_VERSION: ${{ env.GH_AW_CODEX_VERSION || '0.92.0' }} + run: npm install -g --silent @openai/codex@"${CLI_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -613,7 +615,7 @@ jobs: engine_name: "Codex", model: process.env.GH_AW_MODEL_AGENT_CODEX || "", version: "", - agent_version: "0.92.0", + agent_version: process.env.GH_AW_CODEX_VERSION || "0.92.0", workflow_name: "DeepReport - Intelligence Gathering Agent", experimental: true, supports_tools_allowlist: true, @@ -1716,8 +1718,10 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install Codex - run: npm install -g --silent @openai/codex@0.92.0 + - name: Install Codex CLI + env: + CLI_VERSION: ${{ env.GH_AW_CODEX_VERSION || '0.92.0' }} + run: npm install -g --silent @openai/codex@"${CLI_VERSION}" - name: Run Codex run: | set -o pipefail diff --git a/.github/workflows/delight.lock.yml b/.github/workflows/delight.lock.yml index d56679804e..11fdf190ca 100644 --- a/.github/workflows/delight.lock.yml +++ b/.github/workflows/delight.lock.yml @@ -154,7 +154,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -513,7 +515,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Delight", experimental: false, supports_tools_allowlist: true, @@ -1718,7 +1720,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/dependabot-bundler.lock.yml b/.github/workflows/dependabot-bundler.lock.yml index f070215267..fa5f7822f1 100644 --- a/.github/workflows/dependabot-bundler.lock.yml +++ b/.github/workflows/dependabot-bundler.lock.yml @@ -156,7 +156,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -488,7 +490,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Dependabot Bundler", experimental: false, supports_tools_allowlist: true, @@ -1155,7 +1157,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/dependabot-go-checker.lock.yml b/.github/workflows/dependabot-go-checker.lock.yml index 0ca97fbfe3..061dfbe2ce 100644 --- a/.github/workflows/dependabot-go-checker.lock.yml +++ b/.github/workflows/dependabot-go-checker.lock.yml @@ -137,7 +137,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -482,7 +484,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Dependabot Dependency Checker", experimental: false, supports_tools_allowlist: true, @@ -1413,7 +1415,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/dev-hawk.lock.yml b/.github/workflows/dev-hawk.lock.yml index 91ca7fd220..b1b89fa0f8 100644 --- a/.github/workflows/dev-hawk.lock.yml +++ b/.github/workflows/dev-hawk.lock.yml @@ -166,7 +166,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -453,7 +455,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Dev Hawk", experimental: false, supports_tools_allowlist: true, @@ -1212,7 +1214,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/dev.lock.yml b/.github/workflows/dev.lock.yml index 2535cd34c8..2d8e19b377 100644 --- a/.github/workflows/dev.lock.yml +++ b/.github/workflows/dev.lock.yml @@ -133,7 +133,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -429,7 +431,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Dev", experimental: false, supports_tools_allowlist: true, @@ -966,7 +968,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/developer-docs-consolidator.lock.yml b/.github/workflows/developer-docs-consolidator.lock.yml index 9757f43cd2..b7dd2bf2fd 100644 --- a/.github/workflows/developer-docs-consolidator.lock.yml +++ b/.github/workflows/developer-docs-consolidator.lock.yml @@ -161,7 +161,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -521,7 +523,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "Developer Documentation Consolidator", experimental: true, supports_tools_allowlist: true, @@ -1782,7 +1784,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/dictation-prompt.lock.yml b/.github/workflows/dictation-prompt.lock.yml index 8deffbdb70..85caa07f31 100644 --- a/.github/workflows/dictation-prompt.lock.yml +++ b/.github/workflows/dictation-prompt.lock.yml @@ -139,7 +139,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -435,7 +437,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Dictation Prompt Generator", experimental: false, supports_tools_allowlist: true, @@ -1110,7 +1112,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/discussion-task-miner.lock.yml b/.github/workflows/discussion-task-miner.lock.yml index 9f5ef71c4f..20633ce935 100644 --- a/.github/workflows/discussion-task-miner.lock.yml +++ b/.github/workflows/discussion-task-miner.lock.yml @@ -154,7 +154,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -496,7 +498,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Discussion Task Miner - Code Quality Improvement Agent", experimental: false, supports_tools_allowlist: true, @@ -1489,7 +1491,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/docs-noob-tester.lock.yml b/.github/workflows/docs-noob-tester.lock.yml index 5565a13532..c9ae9d2333 100644 --- a/.github/workflows/docs-noob-tester.lock.yml +++ b/.github/workflows/docs-noob-tester.lock.yml @@ -140,7 +140,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -462,7 +464,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Documentation Noob Tester", experimental: false, supports_tools_allowlist: true, @@ -1195,7 +1197,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/draft-pr-cleanup.lock.yml b/.github/workflows/draft-pr-cleanup.lock.yml index 8cee38ea6d..986b2cdd92 100644 --- a/.github/workflows/draft-pr-cleanup.lock.yml +++ b/.github/workflows/draft-pr-cleanup.lock.yml @@ -135,7 +135,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -464,7 +466,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Draft PR Cleanup", experimental: false, supports_tools_allowlist: true, @@ -1214,7 +1216,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/duplicate-code-detector.lock.yml b/.github/workflows/duplicate-code-detector.lock.yml index d62b957bee..4cfcdba584 100644 --- a/.github/workflows/duplicate-code-detector.lock.yml +++ b/.github/workflows/duplicate-code-detector.lock.yml @@ -141,8 +141,10 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install Codex - run: npm install -g --silent @openai/codex@0.92.0 + - name: Install Codex CLI + env: + CLI_VERSION: ${{ env.GH_AW_CODEX_VERSION || '0.92.0' }} + run: npm install -g --silent @openai/codex@"${CLI_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -504,7 +506,7 @@ jobs: engine_name: "Codex", model: process.env.GH_AW_MODEL_AGENT_CODEX || "", version: "", - agent_version: "0.92.0", + agent_version: process.env.GH_AW_CODEX_VERSION || "0.92.0", workflow_name: "Duplicate Code Detector", experimental: true, supports_tools_allowlist: true, @@ -1229,8 +1231,10 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install Codex - run: npm install -g --silent @openai/codex@0.92.0 + - name: Install Codex CLI + env: + CLI_VERSION: ${{ env.GH_AW_CODEX_VERSION || '0.92.0' }} + run: npm install -g --silent @openai/codex@"${CLI_VERSION}" - name: Run Codex run: | set -o pipefail diff --git a/.github/workflows/example-custom-error-patterns.lock.yml b/.github/workflows/example-custom-error-patterns.lock.yml index 6980708b02..ec59d36f2e 100644 --- a/.github/workflows/example-custom-error-patterns.lock.yml +++ b/.github/workflows/example-custom-error-patterns.lock.yml @@ -122,7 +122,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -192,7 +194,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Example: Custom Error Patterns", experimental: false, supports_tools_allowlist: true, diff --git a/.github/workflows/example-permissions-warning.lock.yml b/.github/workflows/example-permissions-warning.lock.yml index 60aedb7c2b..8005741eb5 100644 --- a/.github/workflows/example-permissions-warning.lock.yml +++ b/.github/workflows/example-permissions-warning.lock.yml @@ -121,7 +121,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -190,7 +192,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Example: Properly Provisioned Permissions", experimental: false, supports_tools_allowlist: true, diff --git a/.github/workflows/example-workflow-analyzer.lock.yml b/.github/workflows/example-workflow-analyzer.lock.yml index fafc087749..3e00c80d52 100644 --- a/.github/workflows/example-workflow-analyzer.lock.yml +++ b/.github/workflows/example-workflow-analyzer.lock.yml @@ -149,7 +149,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -465,7 +467,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "Weekly Workflow Analysis", experimental: true, supports_tools_allowlist: true, @@ -1125,7 +1127,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/firewall-escape.lock.yml b/.github/workflows/firewall-escape.lock.yml index d7745eac6d..5e3a463657 100644 --- a/.github/workflows/firewall-escape.lock.yml +++ b/.github/workflows/firewall-escape.lock.yml @@ -166,7 +166,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -452,7 +454,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "The Great Escapi", experimental: false, supports_tools_allowlist: true, @@ -1314,7 +1316,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/firewall.lock.yml b/.github/workflows/firewall.lock.yml index d2dfb02ed1..a87661da9a 100644 --- a/.github/workflows/firewall.lock.yml +++ b/.github/workflows/firewall.lock.yml @@ -121,7 +121,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -191,7 +193,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Firewall Test Agent", experimental: false, supports_tools_allowlist: true, diff --git a/.github/workflows/github-mcp-structural-analysis.lock.yml b/.github/workflows/github-mcp-structural-analysis.lock.yml index ed086dea1d..542e62628d 100644 --- a/.github/workflows/github-mcp-structural-analysis.lock.yml +++ b/.github/workflows/github-mcp-structural-analysis.lock.yml @@ -185,7 +185,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -496,7 +498,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "GitHub MCP Structural Analysis", experimental: true, supports_tools_allowlist: true, @@ -1740,7 +1742,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/github-mcp-tools-report.lock.yml b/.github/workflows/github-mcp-tools-report.lock.yml index d510fdeeec..651e9fdbec 100644 --- a/.github/workflows/github-mcp-tools-report.lock.yml +++ b/.github/workflows/github-mcp-tools-report.lock.yml @@ -162,7 +162,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -507,7 +509,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "GitHub MCP Remote Server Tools Report Generator", experimental: true, supports_tools_allowlist: true, @@ -1629,7 +1631,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/github-remote-mcp-auth-test.lock.yml b/.github/workflows/github-remote-mcp-auth-test.lock.yml index 50e3fef3b9..9daec11f18 100644 --- a/.github/workflows/github-remote-mcp-auth-test.lock.yml +++ b/.github/workflows/github-remote-mcp-auth-test.lock.yml @@ -136,7 +136,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -431,7 +433,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "gpt-5.1-codex-mini", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "GitHub Remote MCP Authentication Test", experimental: false, supports_tools_allowlist: true, @@ -1110,7 +1112,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/glossary-maintainer.lock.yml b/.github/workflows/glossary-maintainer.lock.yml index eb16301cbb..90047091f3 100644 --- a/.github/workflows/glossary-maintainer.lock.yml +++ b/.github/workflows/glossary-maintainer.lock.yml @@ -152,7 +152,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -456,7 +458,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Glossary Maintainer", experimental: false, supports_tools_allowlist: true, @@ -1764,7 +1766,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/go-fan.lock.yml b/.github/workflows/go-fan.lock.yml index 1383ac16ff..6d45fd5ecf 100644 --- a/.github/workflows/go-fan.lock.yml +++ b/.github/workflows/go-fan.lock.yml @@ -159,7 +159,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -457,7 +459,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "Go Fan", experimental: true, supports_tools_allowlist: true, @@ -1411,7 +1413,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/go-logger.lock.yml b/.github/workflows/go-logger.lock.yml index 9f233dc5a2..18dc1ecb99 100644 --- a/.github/workflows/go-logger.lock.yml +++ b/.github/workflows/go-logger.lock.yml @@ -175,7 +175,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -600,7 +602,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "Go Logger Enhancement", experimental: true, supports_tools_allowlist: true, @@ -1522,7 +1524,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/go-pattern-detector.lock.yml b/.github/workflows/go-pattern-detector.lock.yml index becee522b0..dbb272210d 100644 --- a/.github/workflows/go-pattern-detector.lock.yml +++ b/.github/workflows/go-pattern-detector.lock.yml @@ -150,7 +150,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -457,7 +459,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "Go Pattern Detector", experimental: true, supports_tools_allowlist: true, @@ -1198,7 +1200,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/grumpy-reviewer.lock.yml b/.github/workflows/grumpy-reviewer.lock.yml index 8961c83322..531532d30f 100644 --- a/.github/workflows/grumpy-reviewer.lock.yml +++ b/.github/workflows/grumpy-reviewer.lock.yml @@ -181,7 +181,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -525,7 +527,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Grumpy Code Reviewer 🔥", experimental: false, supports_tools_allowlist: true, @@ -1187,7 +1189,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/hourly-ci-cleaner.lock.yml b/.github/workflows/hourly-ci-cleaner.lock.yml index c87bf1bf2b..d8d9065b3c 100644 --- a/.github/workflows/hourly-ci-cleaner.lock.yml +++ b/.github/workflows/hourly-ci-cleaner.lock.yml @@ -165,7 +165,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -461,7 +463,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "CI Cleaner", experimental: false, supports_tools_allowlist: true, @@ -1391,7 +1393,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/instructions-janitor.lock.yml b/.github/workflows/instructions-janitor.lock.yml index e0cfa10ce7..d924dd4ece 100644 --- a/.github/workflows/instructions-janitor.lock.yml +++ b/.github/workflows/instructions-janitor.lock.yml @@ -155,7 +155,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -447,7 +449,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "Instructions Janitor", experimental: true, supports_tools_allowlist: true, @@ -1223,7 +1225,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/issue-arborist.lock.yml b/.github/workflows/issue-arborist.lock.yml index 3ab7d858ac..04d6d0da0a 100644 --- a/.github/workflows/issue-arborist.lock.yml +++ b/.github/workflows/issue-arborist.lock.yml @@ -152,8 +152,10 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install Codex - run: npm install -g --silent @openai/codex@0.92.0 + - name: Install Codex CLI + env: + CLI_VERSION: ${{ env.GH_AW_CODEX_VERSION || '0.92.0' }} + run: npm install -g --silent @openai/codex@"${CLI_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -577,7 +579,7 @@ jobs: engine_name: "Codex", model: process.env.GH_AW_MODEL_AGENT_CODEX || "", version: "", - agent_version: "0.92.0", + agent_version: process.env.GH_AW_CODEX_VERSION || "0.92.0", workflow_name: "Issue Arborist", experimental: true, supports_tools_allowlist: true, @@ -1298,8 +1300,10 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install Codex - run: npm install -g --silent @openai/codex@0.92.0 + - name: Install Codex CLI + env: + CLI_VERSION: ${{ env.GH_AW_CODEX_VERSION || '0.92.0' }} + run: npm install -g --silent @openai/codex@"${CLI_VERSION}" - name: Run Codex run: | set -o pipefail diff --git a/.github/workflows/issue-monster.lock.yml b/.github/workflows/issue-monster.lock.yml index 19fb12e38f..85c9ac03f5 100644 --- a/.github/workflows/issue-monster.lock.yml +++ b/.github/workflows/issue-monster.lock.yml @@ -146,7 +146,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -460,7 +462,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "gpt-5.1-codex-mini", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Issue Monster", experimental: false, supports_tools_allowlist: true, @@ -1166,7 +1168,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/issue-triage-agent.lock.yml b/.github/workflows/issue-triage-agent.lock.yml index 8f6a78abdc..b91d51949a 100644 --- a/.github/workflows/issue-triage-agent.lock.yml +++ b/.github/workflows/issue-triage-agent.lock.yml @@ -120,7 +120,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -425,7 +427,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Issue Triage Agent", experimental: false, supports_tools_allowlist: true, @@ -1058,7 +1060,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/jsweep.lock.yml b/.github/workflows/jsweep.lock.yml index 573d9e4df1..3a4139626b 100644 --- a/.github/workflows/jsweep.lock.yml +++ b/.github/workflows/jsweep.lock.yml @@ -157,7 +157,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -461,7 +463,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "jsweep - JavaScript Unbloater", experimental: false, supports_tools_allowlist: true, @@ -1251,7 +1253,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/layout-spec-maintainer.lock.yml b/.github/workflows/layout-spec-maintainer.lock.yml index a9566c899a..aff535c517 100644 --- a/.github/workflows/layout-spec-maintainer.lock.yml +++ b/.github/workflows/layout-spec-maintainer.lock.yml @@ -144,7 +144,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -440,7 +442,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Layout Specification Maintainer", experimental: false, supports_tools_allowlist: true, @@ -1271,7 +1273,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/lockfile-stats.lock.yml b/.github/workflows/lockfile-stats.lock.yml index 089e582114..5b4d2f5120 100644 --- a/.github/workflows/lockfile-stats.lock.yml +++ b/.github/workflows/lockfile-stats.lock.yml @@ -159,7 +159,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -441,7 +443,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "Lockfile Statistics Analysis Agent", experimental: true, supports_tools_allowlist: true, @@ -1435,7 +1437,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/mcp-inspector.lock.yml b/.github/workflows/mcp-inspector.lock.yml index a63bec896f..443fcacbf3 100644 --- a/.github/workflows/mcp-inspector.lock.yml +++ b/.github/workflows/mcp-inspector.lock.yml @@ -194,7 +194,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -720,7 +722,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "MCP Inspector Agent", experimental: false, supports_tools_allowlist: true, @@ -1595,7 +1597,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/mergefest.lock.yml b/.github/workflows/mergefest.lock.yml index 1bd63532c2..b4dacbf3d6 100644 --- a/.github/workflows/mergefest.lock.yml +++ b/.github/workflows/mergefest.lock.yml @@ -158,7 +158,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -440,7 +442,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Mergefest", experimental: false, supports_tools_allowlist: true, @@ -1293,7 +1295,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/metrics-collector.lock.yml b/.github/workflows/metrics-collector.lock.yml index 9445b0af94..cce68b0cbb 100644 --- a/.github/workflows/metrics-collector.lock.yml +++ b/.github/workflows/metrics-collector.lock.yml @@ -137,7 +137,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -242,7 +244,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Metrics Collector - Infrastructure Agent", experimental: false, supports_tools_allowlist: true, diff --git a/.github/workflows/notion-issue-summary.lock.yml b/.github/workflows/notion-issue-summary.lock.yml index bf78c3604f..543bbe8165 100644 --- a/.github/workflows/notion-issue-summary.lock.yml +++ b/.github/workflows/notion-issue-summary.lock.yml @@ -142,7 +142,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -380,7 +382,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Issue Summary to Notion", experimental: false, supports_tools_allowlist: true, @@ -909,7 +911,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/org-health-report.lock.yml b/.github/workflows/org-health-report.lock.yml index 5cb1fbac39..dd40493557 100644 --- a/.github/workflows/org-health-report.lock.yml +++ b/.github/workflows/org-health-report.lock.yml @@ -180,7 +180,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Download container images @@ -484,7 +486,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Organization Health Report", experimental: false, supports_tools_allowlist: true, @@ -1875,7 +1877,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/pdf-summary.lock.yml b/.github/workflows/pdf-summary.lock.yml index f9176e9faa..c7413463e9 100644 --- a/.github/workflows/pdf-summary.lock.yml +++ b/.github/workflows/pdf-summary.lock.yml @@ -200,7 +200,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -528,7 +530,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Resource Summarizer Agent", experimental: false, supports_tools_allowlist: true, @@ -1225,7 +1227,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/plan.lock.yml b/.github/workflows/plan.lock.yml index 24d82b1b3f..79739ce16e 100644 --- a/.github/workflows/plan.lock.yml +++ b/.github/workflows/plan.lock.yml @@ -170,7 +170,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -534,7 +536,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Plan Command", experimental: false, supports_tools_allowlist: true, @@ -1165,7 +1167,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/poem-bot.lock.yml b/.github/workflows/poem-bot.lock.yml index 42a2df4f04..021ff86ae3 100644 --- a/.github/workflows/poem-bot.lock.yml +++ b/.github/workflows/poem-bot.lock.yml @@ -189,7 +189,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -1017,7 +1019,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: "gpt-5", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Poem Bot - A Creative Agentic Workflow", experimental: false, supports_tools_allowlist: true, @@ -1724,7 +1726,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/portfolio-analyst.lock.yml b/.github/workflows/portfolio-analyst.lock.yml index ec315a8e95..a4f4c66d44 100644 --- a/.github/workflows/portfolio-analyst.lock.yml +++ b/.github/workflows/portfolio-analyst.lock.yml @@ -202,7 +202,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -524,7 +526,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Automated Portfolio Analyst", experimental: false, supports_tools_allowlist: true, @@ -1805,7 +1807,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/pr-nitpick-reviewer.lock.yml b/.github/workflows/pr-nitpick-reviewer.lock.yml index 8503695ead..35f3eb98a0 100644 --- a/.github/workflows/pr-nitpick-reviewer.lock.yml +++ b/.github/workflows/pr-nitpick-reviewer.lock.yml @@ -199,7 +199,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -595,7 +597,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "PR Nitpick Reviewer 🔍", experimental: false, supports_tools_allowlist: true, @@ -1556,7 +1558,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/pr-triage-agent.lock.yml b/.github/workflows/pr-triage-agent.lock.yml index a936b1a190..ba93fd709b 100644 --- a/.github/workflows/pr-triage-agent.lock.yml +++ b/.github/workflows/pr-triage-agent.lock.yml @@ -144,7 +144,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -501,7 +503,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "PR Triage Agent", experimental: false, supports_tools_allowlist: true, @@ -1444,7 +1446,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/prompt-clustering-analysis.lock.yml b/.github/workflows/prompt-clustering-analysis.lock.yml index 4a7b34093c..281de86a6b 100644 --- a/.github/workflows/prompt-clustering-analysis.lock.yml +++ b/.github/workflows/prompt-clustering-analysis.lock.yml @@ -232,7 +232,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -518,7 +520,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "Copilot Agent Prompt Clustering Analysis", experimental: true, supports_tools_allowlist: true, @@ -1833,7 +1835,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/python-data-charts.lock.yml b/.github/workflows/python-data-charts.lock.yml index 348e8f0589..60ea6f6973 100644 --- a/.github/workflows/python-data-charts.lock.yml +++ b/.github/workflows/python-data-charts.lock.yml @@ -174,7 +174,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -524,7 +526,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Python Data Visualization Generator", experimental: false, supports_tools_allowlist: true, @@ -2035,7 +2037,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/q.lock.yml b/.github/workflows/q.lock.yml index 37b71a9bb8..ff03d1626b 100644 --- a/.github/workflows/q.lock.yml +++ b/.github/workflows/q.lock.yml @@ -227,7 +227,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -573,7 +575,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Q", experimental: false, supports_tools_allowlist: true, @@ -1501,7 +1503,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/release.lock.yml b/.github/workflows/release.lock.yml index 3616f6486d..e1e8575f9a 100644 --- a/.github/workflows/release.lock.yml +++ b/.github/workflows/release.lock.yml @@ -155,7 +155,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -446,7 +448,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Release", experimental: false, supports_tools_allowlist: true, @@ -1207,7 +1209,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/repo-audit-analyzer.lock.yml b/.github/workflows/repo-audit-analyzer.lock.yml index f1f8b054b5..4135b89bc6 100644 --- a/.github/workflows/repo-audit-analyzer.lock.yml +++ b/.github/workflows/repo-audit-analyzer.lock.yml @@ -157,7 +157,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -443,7 +445,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Repo Audit Analyzer", experimental: false, supports_tools_allowlist: true, @@ -1058,7 +1060,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/repo-tree-map.lock.yml b/.github/workflows/repo-tree-map.lock.yml index e1605530c6..fcdffa9618 100644 --- a/.github/workflows/repo-tree-map.lock.yml +++ b/.github/workflows/repo-tree-map.lock.yml @@ -140,7 +140,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -426,7 +428,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Repository Tree Map Generator", experimental: false, supports_tools_allowlist: true, @@ -1122,7 +1124,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/repository-quality-improver.lock.yml b/.github/workflows/repository-quality-improver.lock.yml index cea091b2d7..d4fae009c0 100644 --- a/.github/workflows/repository-quality-improver.lock.yml +++ b/.github/workflows/repository-quality-improver.lock.yml @@ -153,7 +153,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -447,7 +449,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Repository Quality Improvement Agent", experimental: false, supports_tools_allowlist: true, @@ -1585,7 +1587,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/research.lock.yml b/.github/workflows/research.lock.yml index 3852e84fbb..cbfa8eead7 100644 --- a/.github/workflows/research.lock.yml +++ b/.github/workflows/research.lock.yml @@ -143,7 +143,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -443,7 +445,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Basic Research Agent", experimental: false, supports_tools_allowlist: true, @@ -1061,7 +1063,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/safe-output-health.lock.yml b/.github/workflows/safe-output-health.lock.yml index 8f726dbf67..9e55df64f9 100644 --- a/.github/workflows/safe-output-health.lock.yml +++ b/.github/workflows/safe-output-health.lock.yml @@ -184,7 +184,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -470,7 +472,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "Safe Output Health Monitor", experimental: true, supports_tools_allowlist: true, @@ -1561,7 +1563,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/schema-consistency-checker.lock.yml b/.github/workflows/schema-consistency-checker.lock.yml index e9500dc493..584014e2c2 100644 --- a/.github/workflows/schema-consistency-checker.lock.yml +++ b/.github/workflows/schema-consistency-checker.lock.yml @@ -162,7 +162,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -445,7 +447,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "Schema Consistency Checker", experimental: true, supports_tools_allowlist: true, @@ -1429,7 +1431,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/scout.lock.yml b/.github/workflows/scout.lock.yml index 00d8317481..94cc3364c4 100644 --- a/.github/workflows/scout.lock.yml +++ b/.github/workflows/scout.lock.yml @@ -235,7 +235,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -524,7 +526,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "Scout", experimental: true, supports_tools_allowlist: true, @@ -1458,7 +1460,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/secret-scanning-triage.lock.yml b/.github/workflows/secret-scanning-triage.lock.yml index 4efb2abac9..ac2b59daf3 100644 --- a/.github/workflows/secret-scanning-triage.lock.yml +++ b/.github/workflows/secret-scanning-triage.lock.yml @@ -158,7 +158,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -563,7 +565,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Secret Scanning Triage", experimental: false, supports_tools_allowlist: true, @@ -1336,7 +1338,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/security-alert-burndown.lock.yml b/.github/workflows/security-alert-burndown.lock.yml index abdc5984d7..3d062d314c 100644 --- a/.github/workflows/security-alert-burndown.lock.yml +++ b/.github/workflows/security-alert-burndown.lock.yml @@ -134,7 +134,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -733,7 +735,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Security Alert Burndown", experimental: false, supports_tools_allowlist: true, @@ -2139,7 +2141,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/security-compliance.lock.yml b/.github/workflows/security-compliance.lock.yml index a94a3c193e..0ba98898c8 100644 --- a/.github/workflows/security-compliance.lock.yml +++ b/.github/workflows/security-compliance.lock.yml @@ -151,7 +151,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -458,7 +460,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Security Compliance Campaign", experimental: false, supports_tools_allowlist: true, @@ -1268,7 +1270,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/security-fix-pr.lock.yml b/.github/workflows/security-fix-pr.lock.yml index bc10518bf4..5912db0505 100644 --- a/.github/workflows/security-fix-pr.lock.yml +++ b/.github/workflows/security-fix-pr.lock.yml @@ -161,7 +161,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -461,7 +463,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Security Fix PR", experimental: false, supports_tools_allowlist: true, @@ -1160,7 +1162,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/security-guard.lock.yml b/.github/workflows/security-guard.lock.yml index 2b1581b054..d40ea13b76 100644 --- a/.github/workflows/security-guard.lock.yml +++ b/.github/workflows/security-guard.lock.yml @@ -140,7 +140,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -409,7 +411,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Security Guard Agent 🛡️", experimental: false, supports_tools_allowlist: true, @@ -1128,7 +1130,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/security-review.lock.yml b/.github/workflows/security-review.lock.yml index 5b438f6d0e..54f57fd0b7 100644 --- a/.github/workflows/security-review.lock.yml +++ b/.github/workflows/security-review.lock.yml @@ -185,7 +185,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -564,7 +566,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Security Review Agent 🔒", experimental: false, supports_tools_allowlist: true, @@ -1305,7 +1307,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/semantic-function-refactor.lock.yml b/.github/workflows/semantic-function-refactor.lock.yml index 98ef5b0784..4c32f35bd2 100644 --- a/.github/workflows/semantic-function-refactor.lock.yml +++ b/.github/workflows/semantic-function-refactor.lock.yml @@ -148,7 +148,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -489,7 +491,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "Semantic Function Refactoring", experimental: true, supports_tools_allowlist: true, @@ -1575,7 +1577,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/sergo.lock.yml b/.github/workflows/sergo.lock.yml index 25fbce0445..f1078e8fe7 100644 --- a/.github/workflows/sergo.lock.yml +++ b/.github/workflows/sergo.lock.yml @@ -160,7 +160,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -458,7 +460,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "Sergo - Serena Go Expert", experimental: true, supports_tools_allowlist: true, @@ -1673,7 +1675,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/slide-deck-maintainer.lock.yml b/.github/workflows/slide-deck-maintainer.lock.yml index 0c69bca4ad..1d5e090464 100644 --- a/.github/workflows/slide-deck-maintainer.lock.yml +++ b/.github/workflows/slide-deck-maintainer.lock.yml @@ -165,7 +165,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -468,7 +470,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Slide Deck Maintainer", experimental: false, supports_tools_allowlist: true, @@ -1266,7 +1268,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/smoke-claude.lock.yml b/.github/workflows/smoke-claude.lock.yml index 02d2e5925f..0e5ac108f6 100644 --- a/.github/workflows/smoke-claude.lock.yml +++ b/.github/workflows/smoke-claude.lock.yml @@ -194,7 +194,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -1187,7 +1189,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "Smoke Claude", experimental: true, supports_tools_allowlist: true, @@ -2083,7 +2085,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/smoke-codex.lock.yml b/.github/workflows/smoke-codex.lock.yml index 599f65a1ab..657fbdfb4b 100644 --- a/.github/workflows/smoke-codex.lock.yml +++ b/.github/workflows/smoke-codex.lock.yml @@ -188,8 +188,10 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install Codex - run: npm install -g --silent @openai/codex@0.92.0 + - name: Install Codex CLI + env: + CLI_VERSION: ${{ env.GH_AW_CODEX_VERSION || '0.92.0' }} + run: npm install -g --silent @openai/codex@"${CLI_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -1229,7 +1231,7 @@ jobs: engine_name: "Codex", model: process.env.GH_AW_MODEL_AGENT_CODEX || "", version: "", - agent_version: "0.92.0", + agent_version: process.env.GH_AW_CODEX_VERSION || "0.92.0", workflow_name: "Smoke Codex", experimental: true, supports_tools_allowlist: true, @@ -1877,8 +1879,10 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install Codex - run: npm install -g --silent @openai/codex@0.92.0 + - name: Install Codex CLI + env: + CLI_VERSION: ${{ env.GH_AW_CODEX_VERSION || '0.92.0' }} + run: npm install -g --silent @openai/codex@"${CLI_VERSION}" - name: Run Codex run: | set -o pipefail diff --git a/.github/workflows/smoke-copilot.lock.yml b/.github/workflows/smoke-copilot.lock.yml index 461eecc2b6..3cff304262 100644 --- a/.github/workflows/smoke-copilot.lock.yml +++ b/.github/workflows/smoke-copilot.lock.yml @@ -183,7 +183,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -1139,7 +1141,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Smoke Copilot", experimental: false, supports_tools_allowlist: true, @@ -1811,7 +1813,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/stale-repo-identifier.lock.yml b/.github/workflows/stale-repo-identifier.lock.yml index dcbe14e019..4992060e65 100644 --- a/.github/workflows/stale-repo-identifier.lock.yml +++ b/.github/workflows/stale-repo-identifier.lock.yml @@ -222,7 +222,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Download container images @@ -547,7 +549,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Stale Repository Identifier", experimental: false, supports_tools_allowlist: true, @@ -1741,7 +1743,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/static-analysis-report.lock.yml b/.github/workflows/static-analysis-report.lock.yml index 989ef7ebaf..082d075ac9 100644 --- a/.github/workflows/static-analysis-report.lock.yml +++ b/.github/workflows/static-analysis-report.lock.yml @@ -183,7 +183,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -469,7 +471,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "Static Analysis Report", experimental: true, supports_tools_allowlist: true, @@ -1482,7 +1484,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/step-name-alignment.lock.yml b/.github/workflows/step-name-alignment.lock.yml index 2ab6cb874e..b078d49054 100644 --- a/.github/workflows/step-name-alignment.lock.yml +++ b/.github/workflows/step-name-alignment.lock.yml @@ -155,7 +155,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -458,7 +460,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "Step Name Alignment", experimental: true, supports_tools_allowlist: true, @@ -1457,7 +1459,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/sub-issue-closer.lock.yml b/.github/workflows/sub-issue-closer.lock.yml index 8921ae72d6..b20aaeb30b 100644 --- a/.github/workflows/sub-issue-closer.lock.yml +++ b/.github/workflows/sub-issue-closer.lock.yml @@ -135,7 +135,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -494,7 +496,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Sub-Issue Closer", experimental: false, supports_tools_allowlist: true, @@ -1122,7 +1124,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/super-linter.lock.yml b/.github/workflows/super-linter.lock.yml index cb3b7a4d3d..26e79c0759 100644 --- a/.github/workflows/super-linter.lock.yml +++ b/.github/workflows/super-linter.lock.yml @@ -159,7 +159,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -466,7 +468,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Super Linter Report", experimental: false, supports_tools_allowlist: true, @@ -1182,7 +1184,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/technical-doc-writer.lock.yml b/.github/workflows/technical-doc-writer.lock.yml index 0b0eb03521..dd6528a323 100644 --- a/.github/workflows/technical-doc-writer.lock.yml +++ b/.github/workflows/technical-doc-writer.lock.yml @@ -171,7 +171,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -531,7 +533,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Rebuild the documentation after making changes", experimental: false, supports_tools_allowlist: true, @@ -1667,7 +1669,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/terminal-stylist.lock.yml b/.github/workflows/terminal-stylist.lock.yml index 41171c962a..ebb7d386d5 100644 --- a/.github/workflows/terminal-stylist.lock.yml +++ b/.github/workflows/terminal-stylist.lock.yml @@ -134,7 +134,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -428,7 +430,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Terminal Stylist", experimental: false, supports_tools_allowlist: true, @@ -1059,7 +1061,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/test-create-pr-error-handling.lock.yml b/.github/workflows/test-create-pr-error-handling.lock.yml index d68883356e..8211b69a21 100644 --- a/.github/workflows/test-create-pr-error-handling.lock.yml +++ b/.github/workflows/test-create-pr-error-handling.lock.yml @@ -152,7 +152,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -444,7 +446,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "Test Create PR Error Handling", experimental: true, supports_tools_allowlist: true, @@ -1062,7 +1064,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/tidy.lock.yml b/.github/workflows/tidy.lock.yml index 12fc1d2dd6..7acc8087d9 100644 --- a/.github/workflows/tidy.lock.yml +++ b/.github/workflows/tidy.lock.yml @@ -181,7 +181,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -525,7 +527,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Tidy", experimental: false, supports_tools_allowlist: true, @@ -1160,7 +1162,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/typist.lock.yml b/.github/workflows/typist.lock.yml index cc8faa24e7..657336b099 100644 --- a/.github/workflows/typist.lock.yml +++ b/.github/workflows/typist.lock.yml @@ -147,7 +147,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -445,7 +447,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "Typist - Go Type Analysis", experimental: true, supports_tools_allowlist: true, @@ -1562,7 +1564,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/ubuntu-image-analyzer.lock.yml b/.github/workflows/ubuntu-image-analyzer.lock.yml index a4abb14299..383f0f3ff4 100644 --- a/.github/workflows/ubuntu-image-analyzer.lock.yml +++ b/.github/workflows/ubuntu-image-analyzer.lock.yml @@ -140,7 +140,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -436,7 +438,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Ubuntu Actions Image Analyzer", experimental: false, supports_tools_allowlist: true, @@ -1439,7 +1441,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/unbloat-docs.lock.yml b/.github/workflows/unbloat-docs.lock.yml index 4c096a5100..bf7775ec89 100644 --- a/.github/workflows/unbloat-docs.lock.yml +++ b/.github/workflows/unbloat-docs.lock.yml @@ -200,7 +200,9 @@ jobs: - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -575,7 +577,7 @@ jobs: engine_name: "Claude Code", model: process.env.GH_AW_MODEL_AGENT_CLAUDE || "", version: "", - agent_version: "2.1.20", + agent_version: process.env.GH_AW_CLAUDE_VERSION || "2.1.20", workflow_name: "Documentation Unbloat", experimental: true, supports_tools_allowlist: true, @@ -1630,7 +1632,9 @@ jobs: node-version: '24' package-manager-cache: false - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.20 + env: + CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '2.1.20' }} + run: npm install -g --silent @anthropic-ai/claude-code@"${CLI_VERSION}" - name: Execute Claude Code CLI id: agentic_execution # Allowed tools (sorted): diff --git a/.github/workflows/video-analyzer.lock.yml b/.github/workflows/video-analyzer.lock.yml index 2274d97f24..87ee963cf5 100644 --- a/.github/workflows/video-analyzer.lock.yml +++ b/.github/workflows/video-analyzer.lock.yml @@ -150,7 +150,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -457,7 +459,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Video Analysis Agent", experimental: false, supports_tools_allowlist: true, @@ -1256,7 +1258,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/weekly-issue-summary.lock.yml b/.github/workflows/weekly-issue-summary.lock.yml index 3da67209e7..ead1debd6e 100644 --- a/.github/workflows/weekly-issue-summary.lock.yml +++ b/.github/workflows/weekly-issue-summary.lock.yml @@ -157,7 +157,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -472,7 +474,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Weekly Issue Summary", experimental: false, supports_tools_allowlist: true, @@ -1674,7 +1676,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/workflow-generator.lock.yml b/.github/workflows/workflow-generator.lock.yml index 589e93aaba..e579f38eb2 100644 --- a/.github/workflows/workflow-generator.lock.yml +++ b/.github/workflows/workflow-generator.lock.yml @@ -164,7 +164,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -533,7 +535,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Workflow Generator", experimental: false, supports_tools_allowlist: true, @@ -1132,7 +1134,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/workflow-health-manager.lock.yml b/.github/workflows/workflow-health-manager.lock.yml index 00e62e5418..13e0cf2b2a 100644 --- a/.github/workflows/workflow-health-manager.lock.yml +++ b/.github/workflows/workflow-health-manager.lock.yml @@ -152,7 +152,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -584,7 +586,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Workflow Health Manager - Meta-Orchestrator", experimental: false, supports_tools_allowlist: true, @@ -1625,7 +1627,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/workflow-normalizer.lock.yml b/.github/workflows/workflow-normalizer.lock.yml index 07553a33d6..600e3d3747 100644 --- a/.github/workflows/workflow-normalizer.lock.yml +++ b/.github/workflows/workflow-normalizer.lock.yml @@ -158,7 +158,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -472,7 +474,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Workflow Normalizer", experimental: false, supports_tools_allowlist: true, @@ -1262,7 +1264,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/.github/workflows/workflow-skill-extractor.lock.yml b/.github/workflows/workflow-skill-extractor.lock.yml index ef9edb206b..adeed77055 100644 --- a/.github/workflows/workflow-skill-extractor.lock.yml +++ b/.github/workflows/workflow-skill-extractor.lock.yml @@ -141,7 +141,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Install awf binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - name: Determine automatic lockdown mode for GitHub MCP server @@ -500,7 +502,7 @@ jobs: engine_name: "GitHub Copilot CLI", model: process.env.GH_AW_MODEL_AGENT_COPILOT || "", version: "", - agent_version: "0.0.395", + agent_version: process.env.GH_AW_COPILOT_VERSION || "0.0.395", workflow_name: "Workflow Skill Extractor", experimental: false, supports_tools_allowlist: true, @@ -1499,7 +1501,9 @@ jobs: env: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI - run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.395 + env: + COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.395' }} + run: /opt/gh-aw/actions/install_copilot_cli.sh "${COPILOT_VERSION}" - name: Execute GitHub Copilot CLI id: agentic_execution # Copilot CLI tool arguments (sorted): diff --git a/pkg/constants/constants.go b/pkg/constants/constants.go index e25341a16c..cc095d4bbe 100644 --- a/pkg/constants/constants.go +++ b/pkg/constants/constants.go @@ -264,6 +264,18 @@ const DefaultCopilotVersion Version = "0.0.395" // Updated to gpt-5.1-codex-mini after gpt-5-mini deprecation on 2026-01-17 const DefaultCopilotDetectionModel ModelName = "gpt-5.1-codex-mini" +// Environment variable names for engine version configuration +const ( + // EnvVarCopilotVersion allows overriding the default Copilot CLI version + EnvVarCopilotVersion = "GH_AW_COPILOT_VERSION" + + // EnvVarClaudeVersion allows overriding the default Claude Code CLI version + EnvVarClaudeVersion = "GH_AW_CLAUDE_VERSION" + + // EnvVarCodexVersion allows overriding the default Codex CLI version + EnvVarCodexVersion = "GH_AW_CODEX_VERSION" +) + // Environment variable names for model configuration const ( // EnvVarModelAgentCopilot configures the default Copilot model for agent execution diff --git a/pkg/workflow/aw_info_agent_version_test.go b/pkg/workflow/aw_info_agent_version_test.go index fc8a9bd134..7b76723eff 100644 --- a/pkg/workflow/aw_info_agent_version_test.go +++ b/pkg/workflow/aw_info_agent_version_test.go @@ -101,10 +101,36 @@ func TestAgentVersionInAwInfo(t *testing.T) { output := yaml.String() // Check that agent_version is set correctly - expectedLine := `agent_version: "` + tt.expectedAgentVersion + `"` - if !strings.Contains(output, expectedLine) { - t.Errorf("%s: Expected output to contain '%s', got:\n%s", - tt.description, expectedLine, output) + if tt.explicitVersion != "" { + // For explicit versions, check for the static string + expectedLine := `agent_version: "` + tt.expectedAgentVersion + `"` + if !strings.Contains(output, expectedLine) { + t.Errorf("%s: Expected output to contain '%s', got:\n%s", + tt.description, expectedLine, output) + } + } else if tt.engineID == "copilot" || tt.engineID == "claude" || tt.engineID == "codex" { + // For default versions with supported engines, check for environment variable pattern + var envVarName string + switch tt.engineID { + case "copilot": + envVarName = constants.EnvVarCopilotVersion + case "claude": + envVarName = constants.EnvVarClaudeVersion + case "codex": + envVarName = constants.EnvVarCodexVersion + } + expectedPattern := "agent_version: process.env." + envVarName + ` || "` + tt.expectedAgentVersion + `"` + if !strings.Contains(output, expectedPattern) { + t.Errorf("%s: Expected output to contain environment variable pattern '%s', got:\n%s", + tt.description, expectedPattern, output) + } + } else { + // For custom engines without explicit version, check for the static string + expectedLine := `agent_version: "` + tt.expectedAgentVersion + `"` + if !strings.Contains(output, expectedLine) { + t.Errorf("%s: Expected output to contain '%s', got:\n%s", + tt.description, expectedLine, output) + } } // Also verify that the version field matches (for non-custom engines with defaults) diff --git a/pkg/workflow/claude_engine.go b/pkg/workflow/claude_engine.go index f88eafcbca..9d7e2577a5 100644 --- a/pkg/workflow/claude_engine.go +++ b/pkg/workflow/claude_engine.go @@ -85,19 +85,23 @@ func (e *ClaudeEngine) GetInstallationSteps(workflowData *WorkflowData) []GitHub ) steps = append(steps, secretValidation) - // Determine Claude version + // Determine Claude version (supports environment variable override) + // Priority: workflow config > environment variable > default constant claudeVersion := config.Version if workflowData.EngineConfig != nil && workflowData.EngineConfig.Version != "" { claudeVersion = workflowData.EngineConfig.Version } + // Version will be resolved at runtime using: ${{ env.GH_AW_CLAUDE_VERSION || "default-version" }} - // Add Node.js setup step first (before sandbox installation) - npmSteps := GenerateNpmInstallSteps( + // Add Node.js setup and Claude CLI installation steps with environment variable override + npmSteps := GenerateNpmInstallStepsWithEnvOverride( config.NpmPackage, claudeVersion, + constants.EnvVarClaudeVersion, config.InstallStepName, config.CliName, true, // Include Node.js setup + true, // Install globally ) if len(npmSteps) > 0 { diff --git a/pkg/workflow/claude_engine_test.go b/pkg/workflow/claude_engine_test.go index b5c7a8e498..e32f1310d6 100644 --- a/pkg/workflow/claude_engine_test.go +++ b/pkg/workflow/claude_engine_test.go @@ -1,7 +1,6 @@ package workflow import ( - "fmt" "strings" "testing" @@ -64,9 +63,12 @@ func TestClaudeEngine(t *testing.T) { if !strings.Contains(installStep, "Install Claude Code CLI") { t.Errorf("Expected 'Install Claude Code CLI' in installation step, got: %s", installStep) } - expectedInstallCommand := fmt.Sprintf("npm install -g --silent @anthropic-ai/claude-code@%s", constants.DefaultClaudeCodeVersion) - if !strings.Contains(installStep, expectedInstallCommand) { - t.Errorf("Expected '%s' in install step, got: %s", expectedInstallCommand, installStep) + // Check for environment variable pattern + if !strings.Contains(installStep, "CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || '"+string(constants.DefaultClaudeCodeVersion)+"' }}") { + t.Errorf("Expected environment variable pattern in install step, got: %s", installStep) + } + if !strings.Contains(installStep, "@anthropic-ai/claude-code@\"${CLI_VERSION}\"") { + t.Errorf("Expected CLI_VERSION variable reference in npm install command, got: %s", installStep) } // Test execution steps @@ -261,10 +263,11 @@ func TestClaudeEngineWithVersion(t *testing.T) { t.Fatalf("Expected 3 installation steps (secret validation + Node.js setup + install), got %d", len(installSteps)) } - // Check that install step uses the custom version (third step, index 2) + // Check that install step uses the custom version with environment variable pattern installStep := strings.Join([]string(installSteps[2]), "\n") - if !strings.Contains(installStep, "npm install -g --silent @anthropic-ai/claude-code@v1.2.3") { - t.Errorf("Expected npm install with custom version v1.2.3 in install step:\n%s", installStep) + expectedEnvPattern := "CLI_VERSION: ${{ env.GH_AW_CLAUDE_VERSION || 'v1.2.3' }}" + if !strings.Contains(installStep, expectedEnvPattern) || !strings.Contains(installStep, "@anthropic-ai/claude-code@\"${CLI_VERSION}\"") { + t.Errorf("Expected npm install with custom version v1.2.3 using environment variable pattern in install step:\n%s", installStep) } steps := engine.GetExecutionSteps(workflowData, "test-log") diff --git a/pkg/workflow/codex_engine.go b/pkg/workflow/codex_engine.go index 7bf51384f8..a57786ec0b 100644 --- a/pkg/workflow/codex_engine.go +++ b/pkg/workflow/codex_engine.go @@ -77,12 +77,14 @@ func (e *CodexEngine) GetInstallationSteps(workflowData *WorkflowData) []GitHubA // Use base installation steps (secret validation + npm install) steps := GetBaseInstallationSteps(EngineInstallConfig{ - Secrets: []string{"CODEX_API_KEY", "OPENAI_API_KEY"}, - DocsURL: "https://githubnext.github.io/gh-aw/reference/engines/#openai-codex", - NpmPackage: "@openai/codex", - Version: string(constants.DefaultCodexVersion), - Name: "Codex", - CliName: "codex", + Secrets: []string{"CODEX_API_KEY", "OPENAI_API_KEY"}, + DocsURL: "https://githubnext.github.io/gh-aw/reference/engines/#openai-codex", + NpmPackage: "@openai/codex", + Version: string(constants.DefaultCodexVersion), + Name: "Codex", + CliName: "codex", + EnvVarName: constants.EnvVarCodexVersion, + InstallStepName: "Install Codex CLI", }, workflowData) // Add AWF installation step if firewall is enabled diff --git a/pkg/workflow/codex_engine_test.go b/pkg/workflow/codex_engine_test.go index 4b02407438..84b7da4783 100644 --- a/pkg/workflow/codex_engine_test.go +++ b/pkg/workflow/codex_engine_test.go @@ -102,23 +102,22 @@ func TestCodexEngine(t *testing.T) { func TestCodexEngineWithVersion(t *testing.T) { engine := NewCodexEngine() - // Test installation steps without version (should use pinned default version) + // Test installation steps without version (should use pinned default version with env var override) stepsNoVersion := engine.GetInstallationSteps(&WorkflowData{}) foundNoVersionInstall := false - expectedPackage := fmt.Sprintf("@openai/codex@%s", constants.DefaultCodexVersion) + expectedEnvPattern := fmt.Sprintf("CLI_VERSION: ${{ env.GH_AW_CODEX_VERSION || '%s' }}", constants.DefaultCodexVersion) for _, step := range stepsNoVersion { - for _, line := range step { - if strings.Contains(line, "npm install") && strings.Contains(line, expectedPackage) { - foundNoVersionInstall = true - break - } + stepContent := strings.Join(step, "\n") + if strings.Contains(stepContent, expectedEnvPattern) && strings.Contains(stepContent, "@openai/codex@\"${CLI_VERSION}\"") { + foundNoVersionInstall = true + break } } if !foundNoVersionInstall { - t.Errorf("Expected npm install command with @%s when no version specified", constants.DefaultCodexVersion) + t.Errorf("Expected npm install command with env var override pattern for default version %s", constants.DefaultCodexVersion) } - // Test installation steps with version + // Test installation steps with custom version engineConfig := &EngineConfig{ ID: "codex", Version: "3.0.1", @@ -128,16 +127,16 @@ func TestCodexEngineWithVersion(t *testing.T) { } stepsWithVersion := engine.GetInstallationSteps(workflowData) foundVersionInstall := false + expectedCustomEnvPattern := "CLI_VERSION: ${{ env.GH_AW_CODEX_VERSION || '3.0.1' }}" for _, step := range stepsWithVersion { - for _, line := range step { - if strings.Contains(line, "npm install") && strings.Contains(line, "@openai/codex@3.0.1") { - foundVersionInstall = true - break - } + stepContent := strings.Join(step, "\n") + if strings.Contains(stepContent, expectedCustomEnvPattern) && strings.Contains(stepContent, "@openai/codex@\"${CLI_VERSION}\"") { + foundVersionInstall = true + break } } if !foundVersionInstall { - t.Error("Expected versioned npm install command with @openai/codex@3.0.1") + t.Error("Expected versioned npm install command with env var override pattern for version 3.0.1") } } diff --git a/pkg/workflow/compiler_yaml.go b/pkg/workflow/compiler_yaml.go index c710208b92..00fe48a998 100644 --- a/pkg/workflow/compiler_yaml.go +++ b/pkg/workflow/compiler_yaml.go @@ -350,10 +350,39 @@ func (c *Compiler) generateCreateAwInfo(yaml *strings.Builder, data *WorkflowDat } fmt.Fprintf(yaml, " version: \"%s\",\n", version) - // Agent version - use the actual installation version (includes defaults) - // This matches what BuildStandardNpmEngineInstallSteps uses - agentVersion := getInstallationVersion(data, engine) - fmt.Fprintf(yaml, " agent_version: \"%s\",\n", agentVersion) + // Agent version - resolve from explicit config, environment variable, or default + // If version is explicitly configured, use it directly + // Otherwise, resolve from environment variable at runtime (matches installation behavior) + versionConfigured := data.EngineConfig != nil && data.EngineConfig.Version != "" + if versionConfigured { + // Explicit version - output as static string + fmt.Fprintf(yaml, " agent_version: \"%s\",\n", data.EngineConfig.Version) + } else { + // Version from environment variable with default fallback - resolve at runtime + var versionEnvVar string + var defaultVersion string + + switch engineID { + case "copilot": + versionEnvVar = constants.EnvVarCopilotVersion + defaultVersion = string(constants.DefaultCopilotVersion) + case "claude": + versionEnvVar = constants.EnvVarClaudeVersion + defaultVersion = string(constants.DefaultClaudeCodeVersion) + case "codex": + versionEnvVar = constants.EnvVarCodexVersion + defaultVersion = string(constants.DefaultCodexVersion) + default: + // For custom or unknown engines, use static default + defaultVersion = getInstallationVersion(data, engine) + fmt.Fprintf(yaml, " agent_version: \"%s\",\n", defaultVersion) + goto skipEnvVar + } + + // Generate JavaScript to resolve version from environment variable at runtime + fmt.Fprintf(yaml, " agent_version: process.env.%s || \"%s\",\n", versionEnvVar, defaultVersion) + skipEnvVar: + } // CLI version - only include for released builds // Excludes development builds containing "dev", "dirty", or "test" diff --git a/pkg/workflow/copilot_engine_installation.go b/pkg/workflow/copilot_engine_installation.go index a923210368..e714993bbb 100644 --- a/pkg/workflow/copilot_engine_installation.go +++ b/pkg/workflow/copilot_engine_installation.go @@ -65,11 +65,13 @@ func (e *CopilotEngine) GetInstallationSteps(workflowData *WorkflowData) []GitHu ) steps = append(steps, secretValidation) - // Determine Copilot version + // Determine Copilot version (supports environment variable override) + // Priority: workflow config > environment variable > default constant copilotVersion := config.Version if workflowData.EngineConfig != nil && workflowData.EngineConfig.Version != "" { copilotVersion = workflowData.EngineConfig.Version } + // Version will be resolved at runtime using: ${{ env.GH_AW_COPILOT_VERSION || "default-version" }} // Determine if Copilot should be installed globally or locally // For SRT, install locally so npx can find it without network access diff --git a/pkg/workflow/copilot_installer_test.go b/pkg/workflow/copilot_installer_test.go index e98a3ca5fb..87e3f6f356 100644 --- a/pkg/workflow/copilot_installer_test.go +++ b/pkg/workflow/copilot_installer_test.go @@ -22,7 +22,8 @@ func TestGenerateCopilotInstallerSteps(t *testing.T) { stepName: "Install GitHub Copilot CLI", expectedVersion: "0.0.369", shouldContain: []string{ - "/opt/gh-aw/actions/install_copilot_cli.sh 0.0.369", + "COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '0.0.369' }}", + "/opt/gh-aw/actions/install_copilot_cli.sh \"${COPILOT_VERSION}\"", "name: Install GitHub Copilot CLI", }, shouldNotContain: []string{ @@ -35,7 +36,8 @@ func TestGenerateCopilotInstallerSteps(t *testing.T) { stepName: "Install GitHub Copilot CLI", expectedVersion: "v0.0.370", shouldContain: []string{ - "/opt/gh-aw/actions/install_copilot_cli.sh v0.0.370", + "COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || 'v0.0.370' }}", + "/opt/gh-aw/actions/install_copilot_cli.sh \"${COPILOT_VERSION}\"", }, shouldNotContain: []string{ "gh.io/copilot-install | sudo bash", @@ -47,7 +49,8 @@ func TestGenerateCopilotInstallerSteps(t *testing.T) { stepName: "Custom Install Step", expectedVersion: "1.2.3", shouldContain: []string{ - "/opt/gh-aw/actions/install_copilot_cli.sh 1.2.3", + "COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '1.2.3' }}", + "/opt/gh-aw/actions/install_copilot_cli.sh \"${COPILOT_VERSION}\"", "name: Custom Install Step", }, shouldNotContain: []string{ @@ -60,7 +63,8 @@ func TestGenerateCopilotInstallerSteps(t *testing.T) { stepName: "Install GitHub Copilot CLI", expectedVersion: string(constants.DefaultCopilotVersion), // Should use DefaultCopilotVersion shouldContain: []string{ - "/opt/gh-aw/actions/install_copilot_cli.sh " + string(constants.DefaultCopilotVersion), + "COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '" + string(constants.DefaultCopilotVersion) + "' }}", + "/opt/gh-aw/actions/install_copilot_cli.sh \"${COPILOT_VERSION}\"", }, shouldNotContain: []string{ "gh.io/copilot-install | sudo bash", @@ -93,10 +97,10 @@ func TestGenerateCopilotInstallerSteps(t *testing.T) { } } - // Verify the version is correctly passed to the install script - expectedVersionLine := "/opt/gh-aw/actions/install_copilot_cli.sh " + tt.expectedVersion + // Verify the version is correctly set as default in the env var + expectedVersionLine := "COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '" + tt.expectedVersion + "' }}" if !strings.Contains(stepContent, expectedVersionLine) { - t.Errorf("Expected version to be set to '%s', but step content was:\n%s", tt.expectedVersion, stepContent) + t.Errorf("Expected version to be set to '%s' in environment variable, but step content was:\n%s", tt.expectedVersion, stepContent) } }) } @@ -132,10 +136,10 @@ func TestCopilotInstallerVersionPassthrough(t *testing.T) { t.Fatal("Could not find install step with install_copilot_cli.sh") } - // Should contain the default version from constants - expectedVersionLine := "/opt/gh-aw/actions/install_copilot_cli.sh " + string(constants.DefaultCopilotVersion) + // Should contain the default version from constants as the fallback in the env var + expectedVersionLine := "COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '" + string(constants.DefaultCopilotVersion) + "' }}" if !strings.Contains(installStep, expectedVersionLine) { - t.Errorf("Expected default version %s in install step, got:\n%s", string(constants.DefaultCopilotVersion), installStep) + t.Errorf("Expected default version %s in install step environment variable, got:\n%s", string(constants.DefaultCopilotVersion), installStep) } } @@ -167,9 +171,9 @@ func TestCopilotInstallerCustomVersion(t *testing.T) { t.Fatal("Could not find install step with install_copilot_cli.sh") } - // Should contain the custom version - expectedVersionLine := "/opt/gh-aw/actions/install_copilot_cli.sh " + customVersion + // Should contain the custom version as the fallback in the env var + expectedVersionLine := "COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '" + customVersion + "' }}" if !strings.Contains(installStep, expectedVersionLine) { - t.Errorf("Expected custom version %s in install step, got:\n%s", customVersion, installStep) + t.Errorf("Expected custom version %s in install step environment variable, got:\n%s", customVersion, installStep) } } diff --git a/pkg/workflow/copilot_srt.go b/pkg/workflow/copilot_srt.go index c06530bd25..e00be83935 100644 --- a/pkg/workflow/copilot_srt.go +++ b/pkg/workflow/copilot_srt.go @@ -23,9 +23,12 @@ func GenerateCopilotInstallerSteps(version, stepName string) []GitHubActionStep // Use the install_copilot_cli.sh script from actions/setup/sh // This script includes retry logic for robustness against transient network failures + // Support environment variable override: ${{ env.GH_AW_COPILOT_VERSION || "default-version" }} stepLines := []string{ fmt.Sprintf(" - name: %s", stepName), - fmt.Sprintf(" run: /opt/gh-aw/actions/install_copilot_cli.sh %s", version), + " env:", + fmt.Sprintf(" COPILOT_VERSION: ${{ env.GH_AW_COPILOT_VERSION || '%s' }}", version), + " run: /opt/gh-aw/actions/install_copilot_cli.sh \"${COPILOT_VERSION}\"", } return []GitHubActionStep{GitHubActionStep(stepLines)} diff --git a/pkg/workflow/engine_helpers.go b/pkg/workflow/engine_helpers.go index 71f2d6b8d8..74453a1b3a 100644 --- a/pkg/workflow/engine_helpers.go +++ b/pkg/workflow/engine_helpers.go @@ -59,6 +59,9 @@ type EngineInstallConfig struct { CliName string // InstallStepName is the display name for the npm install step (e.g., "Install Claude Code CLI") InstallStepName string + // EnvVarName is the environment variable name for version override (e.g., "GH_AW_CODEX_VERSION") + // If empty, no environment variable override is supported + EnvVarName string } // GetBaseInstallationSteps returns the common installation steps for an engine. @@ -90,14 +93,35 @@ func GetBaseInstallationSteps(config EngineInstallConfig, workflowData *Workflow stepName = fmt.Sprintf("Install %s", config.Name) } - // Add npm package installation steps - npmSteps := BuildStandardNpmEngineInstallSteps( - config.NpmPackage, - config.Version, - stepName, - config.CliName, - workflowData, - ) + // Determine version (use engine config if provided, otherwise use default) + version := config.Version + if workflowData.EngineConfig != nil && workflowData.EngineConfig.Version != "" { + version = workflowData.EngineConfig.Version + } + + // Add npm package installation steps with environment variable override support + var npmSteps []GitHubActionStep + if config.EnvVarName != "" { + // Use environment variable override for version + npmSteps = GenerateNpmInstallStepsWithEnvOverride( + config.NpmPackage, + version, + config.EnvVarName, + stepName, + config.CliName, + true, // Include Node.js setup + true, // Install globally + ) + } else { + // Use standard npm installation without environment variable override + npmSteps = BuildStandardNpmEngineInstallSteps( + config.NpmPackage, + version, + stepName, + config.CliName, + workflowData, + ) + } steps = append(steps, npmSteps...) return steps diff --git a/pkg/workflow/nodejs.go b/pkg/workflow/nodejs.go index aa7adbe6dc..d37b1ef07b 100644 --- a/pkg/workflow/nodejs.go +++ b/pkg/workflow/nodejs.go @@ -36,6 +36,15 @@ func GenerateNpmInstallSteps(packageName, version, stepName, cacheKeyPrefix stri } // GenerateNpmInstallStepsWithScope generates npm installation steps with control over global vs local installation +// Parameters: +// - packageName: The npm package name +// - version: The package version (can be a runtime expression like "${{ env.VAR }}") +// - stepName: The display name for the install step +// - cacheKeyPrefix: Unused, kept for API compatibility +// - includeNodeSetup: If true, includes Node.js setup step +// - isGlobal: If true, installs globally with -g flag +// +// Returns steps for installing the npm package with optional Node.js setup func GenerateNpmInstallStepsWithScope(packageName, version, stepName, cacheKeyPrefix string, includeNodeSetup bool, isGlobal bool) []GitHubActionStep { nodejsLog.Printf("Generating npm install steps: package=%s, version=%s, includeNodeSetup=%v, isGlobal=%v", packageName, version, includeNodeSetup, isGlobal) @@ -60,3 +69,46 @@ func GenerateNpmInstallStepsWithScope(packageName, version, stepName, cacheKeyPr return steps } + +// GenerateNpmInstallStepsWithEnvOverride generates npm installation steps with environment variable override support +// This function allows runtime version override through environment variables like GH_AW_CLAUDE_VERSION +// +// Parameters: +// - packageName: The npm package name (e.g., "@anthropic-ai/claude-code") +// - defaultVersion: The default version to use if env var is not set +// - envVarName: The environment variable name for version override (e.g., "GH_AW_CLAUDE_VERSION") +// - stepName: The display name for the install step +// - cacheKeyPrefix: Unused, kept for API compatibility +// - includeNodeSetup: If true, includes Node.js setup step +// - isGlobal: If true, installs globally with -g flag +// +// Returns steps for installing the npm package with optional Node.js setup +func GenerateNpmInstallStepsWithEnvOverride(packageName, defaultVersion, envVarName, stepName, cacheKeyPrefix string, includeNodeSetup bool, isGlobal bool) []GitHubActionStep { + nodejsLog.Printf("Generating npm install steps with env override: package=%s, defaultVersion=%s, envVar=%s", packageName, defaultVersion, envVarName) + + var steps []GitHubActionStep + + // Add Node.js setup if requested + if includeNodeSetup { + nodejsLog.Print("Including Node.js setup step") + steps = append(steps, GenerateNodeJsSetupStep()) + } + + // Add npm install step with environment variable override + globalFlag := "" + if isGlobal { + globalFlag = "-g " + } + + // Use GitHub Actions environment variable syntax: ${{ env.VAR || 'default' }} + stepLines := []string{ + fmt.Sprintf(" - name: %s", stepName), + " env:", + fmt.Sprintf(" CLI_VERSION: ${{ env.%s || '%s' }}", envVarName, defaultVersion), + fmt.Sprintf(" run: npm install %s--silent %s@\"${CLI_VERSION}\"", globalFlag, packageName), + } + + steps = append(steps, GitHubActionStep(stepLines)) + + return steps +} diff --git a/specs/artifacts.md b/specs/artifacts.md index 525a2a05eb..1aa4f748c5 100644 --- a/specs/artifacts.md +++ b/specs/artifacts.md @@ -27,7 +27,7 @@ This section provides an overview of artifacts organized by job name, with dupli - **Used in**: 77 workflow(s) - agent-performance-analyzer.md, agent-persona-explorer.md, ai-moderator.md, archie.md, brave.md, breaking-change-checker.md, changeset.md, chroma-issue-indexer.md, ci-coach.md, ci-doctor.md, cli-consistency-checker.md, cloclo.md, code-scanning-fixer.md, codex-github-remote-mcp-test.md, commit-changes-analyzer.md, copilot-pr-merged-report.md, copilot-pr-nlp-analysis.md, craft.md, daily-choice-test.md, daily-copilot-token-report.md, daily-fact.md, daily-file-diet.md, daily-issues-report.md, daily-news.md, daily-observability-report.md, daily-repo-chronicle.md, daily-team-status.md, deep-report.md, dependabot-bundler.md, dependabot-go-checker.md, dev-hawk.md, dev.md, dictation-prompt.md, example-custom-error-patterns.md, example-permissions-warning.md, firewall.md, github-mcp-structural-analysis.md, glossary-maintainer.md, go-fan.md, go-pattern-detector.md, grumpy-reviewer.md, hourly-ci-cleaner.md, issue-classifier.md, issue-triage-agent.md, layout-spec-maintainer.md, mergefest.md, metrics-collector.md, notion-issue-summary.md, pdf-summary.md, plan.md, poem-bot.md, pr-nitpick-reviewer.md, pr-triage-agent.md, python-data-charts.md, q.md, release.md, repo-audit-analyzer.md, repository-quality-improver.md, research.md, scout.md, secret-scanning-triage.md, security-alert-burndown.md, security-compliance.md, security-fix-pr.md, security-guard.md, security-review.md, slide-deck-maintainer.md, stale-repo-identifier.md, super-linter.md, technical-doc-writer.md, test-create-pr-error-handling.md, tidy.md, typist.md, video-analyzer.md, weekly-issue-summary.md, workflow-generator.md, workflow-health-manager.md - `agent-output` - **Paths**: `${{ env.GH_AW_AGENT_OUTPUT }}` - - **Used in**: 70 workflow(s) - agent-performance-analyzer.md, agent-persona-explorer.md, ai-moderator.md, archie.md, brave.md, breaking-change-checker.md, changeset.md, ci-coach.md, ci-doctor.md, cli-consistency-checker.md, cloclo.md, code-scanning-fixer.md, commit-changes-analyzer.md, copilot-pr-merged-report.md, copilot-pr-nlp-analysis.md, craft.md, daily-choice-test.md, daily-copilot-token-report.md, daily-fact.md, daily-file-diet.md, daily-issues-report.md, daily-news.md, daily-observability-report.md, daily-repo-chronicle.md, daily-team-status.md, deep-report.md, dependabot-bundler.md, dependabot-go-checker.md, dev-hawk.md, dictation-prompt.md, github-mcp-structural-analysis.md, glossary-maintainer.md, go-fan.md, go-pattern-detector.md, grumpy-reviewer.md, hourly-ci-cleaner.md, issue-classifier.md, issue-triage-agent.md, layout-spec-maintainer.md, mergefest.md, notion-issue-summary.md, pdf-summary.md, plan.md, poem-bot.md, pr-nitpick-reviewer.md, pr-triage-agent.md, python-data-charts.md, q.md, release.md, repo-audit-analyzer.md, repository-quality-improver.md, research.md, scout.md, secret-scanning-triage.md, security-alert-burndown.md, security-compliance.md, security-fix-pr.md, security-guard.md, security-review.md, slide-deck-maintainer.md, stale-repo-identifier.md, super-linter.md, technical-doc-writer.md, test-create-pr-error-handling.md, tidy.md, typist.md, video-analyzer.md, weekly-issue-summary.md, workflow-generator.md, workflow-health-manager.md + - **Used in**: 71 workflow(s) - agent-performance-analyzer.md, agent-persona-explorer.md, ai-moderator.md, archie.md, brave.md, breaking-change-checker.md, changeset.md, ci-coach.md, ci-doctor.md, cli-consistency-checker.md, cloclo.md, code-scanning-fixer.md, commit-changes-analyzer.md, copilot-pr-merged-report.md, copilot-pr-nlp-analysis.md, craft.md, daily-choice-test.md, daily-copilot-token-report.md, daily-fact.md, daily-file-diet.md, daily-issues-report.md, daily-news.md, daily-observability-report.md, daily-repo-chronicle.md, daily-team-status.md, deep-report.md, dependabot-bundler.md, dependabot-go-checker.md, dev-hawk.md, dev.md, dictation-prompt.md, github-mcp-structural-analysis.md, glossary-maintainer.md, go-fan.md, go-pattern-detector.md, grumpy-reviewer.md, hourly-ci-cleaner.md, issue-classifier.md, issue-triage-agent.md, layout-spec-maintainer.md, mergefest.md, notion-issue-summary.md, pdf-summary.md, plan.md, poem-bot.md, pr-nitpick-reviewer.md, pr-triage-agent.md, python-data-charts.md, q.md, release.md, repo-audit-analyzer.md, repository-quality-improver.md, research.md, scout.md, secret-scanning-triage.md, security-alert-burndown.md, security-compliance.md, security-fix-pr.md, security-guard.md, security-review.md, slide-deck-maintainer.md, stale-repo-identifier.md, super-linter.md, technical-doc-writer.md, test-create-pr-error-handling.md, tidy.md, typist.md, video-analyzer.md, weekly-issue-summary.md, workflow-generator.md, workflow-health-manager.md - `agent_outputs` - **Paths**: `/tmp/gh-aw/mcp-config/logs/`, `/tmp/gh-aw/redacted-urls.log`, `/tmp/gh-aw/sandbox/agent/logs/` - **Used in**: 67 workflow(s) - agent-performance-analyzer.md, agent-persona-explorer.md, ai-moderator.md, archie.md, brave.md, breaking-change-checker.md, changeset.md, chroma-issue-indexer.md, ci-coach.md, ci-doctor.md, cli-consistency-checker.md, code-scanning-fixer.md, codex-github-remote-mcp-test.md, copilot-pr-merged-report.md, copilot-pr-nlp-analysis.md, craft.md, daily-copilot-token-report.md, daily-fact.md, daily-file-diet.md, daily-issues-report.md, daily-news.md, daily-observability-report.md, daily-repo-chronicle.md, daily-team-status.md, deep-report.md, dependabot-bundler.md, dependabot-go-checker.md, dev-hawk.md, dev.md, dictation-prompt.md, example-custom-error-patterns.md, example-permissions-warning.md, firewall.md, glossary-maintainer.md, grumpy-reviewer.md, hourly-ci-cleaner.md, issue-triage-agent.md, layout-spec-maintainer.md, mergefest.md, metrics-collector.md, notion-issue-summary.md, pdf-summary.md, plan.md, poem-bot.md, pr-nitpick-reviewer.md, pr-triage-agent.md, python-data-charts.md, q.md, release.md, repo-audit-analyzer.md, repository-quality-improver.md, research.md, secret-scanning-triage.md, security-alert-burndown.md, security-compliance.md, security-fix-pr.md, security-guard.md, security-review.md, slide-deck-maintainer.md, stale-repo-identifier.md, super-linter.md, technical-doc-writer.md, tidy.md, video-analyzer.md, weekly-issue-summary.md, workflow-generator.md, workflow-health-manager.md @@ -54,7 +54,7 @@ This section provides an overview of artifacts organized by job name, with dupli - **Used in**: 9 workflow(s) - agent-performance-analyzer.md, copilot-pr-nlp-analysis.md, daily-copilot-token-report.md, daily-news.md, deep-report.md, metrics-collector.md, pr-triage-agent.md, security-compliance.md, workflow-health-manager.md - `safe-output` - **Paths**: `${{ env.GH_AW_SAFE_OUTPUTS }}` - - **Used in**: 70 workflow(s) - agent-performance-analyzer.md, agent-persona-explorer.md, ai-moderator.md, archie.md, brave.md, breaking-change-checker.md, changeset.md, ci-coach.md, ci-doctor.md, cli-consistency-checker.md, cloclo.md, code-scanning-fixer.md, commit-changes-analyzer.md, copilot-pr-merged-report.md, copilot-pr-nlp-analysis.md, craft.md, daily-choice-test.md, daily-copilot-token-report.md, daily-fact.md, daily-file-diet.md, daily-issues-report.md, daily-news.md, daily-observability-report.md, daily-repo-chronicle.md, daily-team-status.md, deep-report.md, dependabot-bundler.md, dependabot-go-checker.md, dev-hawk.md, dictation-prompt.md, github-mcp-structural-analysis.md, glossary-maintainer.md, go-fan.md, go-pattern-detector.md, grumpy-reviewer.md, hourly-ci-cleaner.md, issue-classifier.md, issue-triage-agent.md, layout-spec-maintainer.md, mergefest.md, notion-issue-summary.md, pdf-summary.md, plan.md, poem-bot.md, pr-nitpick-reviewer.md, pr-triage-agent.md, python-data-charts.md, q.md, release.md, repo-audit-analyzer.md, repository-quality-improver.md, research.md, scout.md, secret-scanning-triage.md, security-alert-burndown.md, security-compliance.md, security-fix-pr.md, security-guard.md, security-review.md, slide-deck-maintainer.md, stale-repo-identifier.md, super-linter.md, technical-doc-writer.md, test-create-pr-error-handling.md, tidy.md, typist.md, video-analyzer.md, weekly-issue-summary.md, workflow-generator.md, workflow-health-manager.md + - **Used in**: 71 workflow(s) - agent-performance-analyzer.md, agent-persona-explorer.md, ai-moderator.md, archie.md, brave.md, breaking-change-checker.md, changeset.md, ci-coach.md, ci-doctor.md, cli-consistency-checker.md, cloclo.md, code-scanning-fixer.md, commit-changes-analyzer.md, copilot-pr-merged-report.md, copilot-pr-nlp-analysis.md, craft.md, daily-choice-test.md, daily-copilot-token-report.md, daily-fact.md, daily-file-diet.md, daily-issues-report.md, daily-news.md, daily-observability-report.md, daily-repo-chronicle.md, daily-team-status.md, deep-report.md, dependabot-bundler.md, dependabot-go-checker.md, dev-hawk.md, dev.md, dictation-prompt.md, github-mcp-structural-analysis.md, glossary-maintainer.md, go-fan.md, go-pattern-detector.md, grumpy-reviewer.md, hourly-ci-cleaner.md, issue-classifier.md, issue-triage-agent.md, layout-spec-maintainer.md, mergefest.md, notion-issue-summary.md, pdf-summary.md, plan.md, poem-bot.md, pr-nitpick-reviewer.md, pr-triage-agent.md, python-data-charts.md, q.md, release.md, repo-audit-analyzer.md, repository-quality-improver.md, research.md, scout.md, secret-scanning-triage.md, security-alert-burndown.md, security-compliance.md, security-fix-pr.md, security-guard.md, security-review.md, slide-deck-maintainer.md, stale-repo-identifier.md, super-linter.md, technical-doc-writer.md, test-create-pr-error-handling.md, tidy.md, typist.md, video-analyzer.md, weekly-issue-summary.md, workflow-generator.md, workflow-health-manager.md - `safe-outputs-assets` - **Paths**: `/tmp/gh-aw/safeoutputs/assets/` - **Used in**: 12 workflow(s) - copilot-pr-nlp-analysis.md, daily-copilot-token-report.md, daily-issues-report.md, daily-news.md, daily-repo-chronicle.md, deep-report.md, github-mcp-structural-analysis.md, poem-bot.md, python-data-charts.md, stale-repo-identifier.md, technical-doc-writer.md, weekly-issue-summary.md @@ -77,7 +77,7 @@ This section provides an overview of artifacts organized by job name, with dupli - `agent-output` - **Download paths**: `/tmp/gh-aw/safeoutputs/` - - **Used in**: 70 workflow(s) - agent-performance-analyzer.md, agent-persona-explorer.md, ai-moderator.md, archie.md, brave.md, breaking-change-checker.md, changeset.md, ci-coach.md, ci-doctor.md, cli-consistency-checker.md, cloclo.md, code-scanning-fixer.md, commit-changes-analyzer.md, copilot-pr-merged-report.md, copilot-pr-nlp-analysis.md, craft.md, daily-choice-test.md, daily-copilot-token-report.md, daily-fact.md, daily-file-diet.md, daily-issues-report.md, daily-news.md, daily-observability-report.md, daily-repo-chronicle.md, daily-team-status.md, deep-report.md, dependabot-bundler.md, dependabot-go-checker.md, dev-hawk.md, dictation-prompt.md, github-mcp-structural-analysis.md, glossary-maintainer.md, go-fan.md, go-pattern-detector.md, grumpy-reviewer.md, hourly-ci-cleaner.md, issue-classifier.md, issue-triage-agent.md, layout-spec-maintainer.md, mergefest.md, notion-issue-summary.md, pdf-summary.md, plan.md, poem-bot.md, pr-nitpick-reviewer.md, pr-triage-agent.md, python-data-charts.md, q.md, release.md, repo-audit-analyzer.md, repository-quality-improver.md, research.md, scout.md, secret-scanning-triage.md, security-alert-burndown.md, security-compliance.md, security-fix-pr.md, security-guard.md, security-review.md, slide-deck-maintainer.md, stale-repo-identifier.md, super-linter.md, technical-doc-writer.md, test-create-pr-error-handling.md, tidy.md, typist.md, video-analyzer.md, weekly-issue-summary.md, workflow-generator.md, workflow-health-manager.md + - **Used in**: 71 workflow(s) - agent-performance-analyzer.md, agent-persona-explorer.md, ai-moderator.md, archie.md, brave.md, breaking-change-checker.md, changeset.md, ci-coach.md, ci-doctor.md, cli-consistency-checker.md, cloclo.md, code-scanning-fixer.md, commit-changes-analyzer.md, copilot-pr-merged-report.md, copilot-pr-nlp-analysis.md, craft.md, daily-choice-test.md, daily-copilot-token-report.md, daily-fact.md, daily-file-diet.md, daily-issues-report.md, daily-news.md, daily-observability-report.md, daily-repo-chronicle.md, daily-team-status.md, deep-report.md, dependabot-bundler.md, dependabot-go-checker.md, dev-hawk.md, dev.md, dictation-prompt.md, github-mcp-structural-analysis.md, glossary-maintainer.md, go-fan.md, go-pattern-detector.md, grumpy-reviewer.md, hourly-ci-cleaner.md, issue-classifier.md, issue-triage-agent.md, layout-spec-maintainer.md, mergefest.md, notion-issue-summary.md, pdf-summary.md, plan.md, poem-bot.md, pr-nitpick-reviewer.md, pr-triage-agent.md, python-data-charts.md, q.md, release.md, repo-audit-analyzer.md, repository-quality-improver.md, research.md, scout.md, secret-scanning-triage.md, security-alert-burndown.md, security-compliance.md, security-fix-pr.md, security-guard.md, security-review.md, slide-deck-maintainer.md, stale-repo-identifier.md, super-linter.md, technical-doc-writer.md, test-create-pr-error-handling.md, tidy.md, typist.md, video-analyzer.md, weekly-issue-summary.md, workflow-generator.md, workflow-health-manager.md ### Job: `detection` @@ -85,16 +85,16 @@ This section provides an overview of artifacts organized by job name, with dupli - `threat-detection.log` - **Paths**: `/tmp/gh-aw/threat-detection/detection.log` - - **Used in**: 69 workflow(s) - agent-performance-analyzer.md, agent-persona-explorer.md, archie.md, brave.md, breaking-change-checker.md, changeset.md, ci-coach.md, ci-doctor.md, cli-consistency-checker.md, cloclo.md, code-scanning-fixer.md, commit-changes-analyzer.md, copilot-pr-merged-report.md, copilot-pr-nlp-analysis.md, craft.md, daily-choice-test.md, daily-copilot-token-report.md, daily-fact.md, daily-file-diet.md, daily-issues-report.md, daily-news.md, daily-observability-report.md, daily-repo-chronicle.md, daily-team-status.md, deep-report.md, dependabot-bundler.md, dependabot-go-checker.md, dev-hawk.md, dictation-prompt.md, github-mcp-structural-analysis.md, glossary-maintainer.md, go-fan.md, go-pattern-detector.md, grumpy-reviewer.md, hourly-ci-cleaner.md, issue-classifier.md, issue-triage-agent.md, layout-spec-maintainer.md, mergefest.md, notion-issue-summary.md, pdf-summary.md, plan.md, poem-bot.md, pr-nitpick-reviewer.md, pr-triage-agent.md, python-data-charts.md, q.md, release.md, repo-audit-analyzer.md, repository-quality-improver.md, research.md, scout.md, secret-scanning-triage.md, security-alert-burndown.md, security-compliance.md, security-fix-pr.md, security-guard.md, security-review.md, slide-deck-maintainer.md, stale-repo-identifier.md, super-linter.md, technical-doc-writer.md, test-create-pr-error-handling.md, tidy.md, typist.md, video-analyzer.md, weekly-issue-summary.md, workflow-generator.md, workflow-health-manager.md + - **Used in**: 70 workflow(s) - agent-performance-analyzer.md, agent-persona-explorer.md, archie.md, brave.md, breaking-change-checker.md, changeset.md, ci-coach.md, ci-doctor.md, cli-consistency-checker.md, cloclo.md, code-scanning-fixer.md, commit-changes-analyzer.md, copilot-pr-merged-report.md, copilot-pr-nlp-analysis.md, craft.md, daily-choice-test.md, daily-copilot-token-report.md, daily-fact.md, daily-file-diet.md, daily-issues-report.md, daily-news.md, daily-observability-report.md, daily-repo-chronicle.md, daily-team-status.md, deep-report.md, dependabot-bundler.md, dependabot-go-checker.md, dev-hawk.md, dev.md, dictation-prompt.md, github-mcp-structural-analysis.md, glossary-maintainer.md, go-fan.md, go-pattern-detector.md, grumpy-reviewer.md, hourly-ci-cleaner.md, issue-classifier.md, issue-triage-agent.md, layout-spec-maintainer.md, mergefest.md, notion-issue-summary.md, pdf-summary.md, plan.md, poem-bot.md, pr-nitpick-reviewer.md, pr-triage-agent.md, python-data-charts.md, q.md, release.md, repo-audit-analyzer.md, repository-quality-improver.md, research.md, scout.md, secret-scanning-triage.md, security-alert-burndown.md, security-compliance.md, security-fix-pr.md, security-guard.md, security-review.md, slide-deck-maintainer.md, stale-repo-identifier.md, super-linter.md, technical-doc-writer.md, test-create-pr-error-handling.md, tidy.md, typist.md, video-analyzer.md, weekly-issue-summary.md, workflow-generator.md, workflow-health-manager.md **Artifacts Downloaded:** - `agent-artifacts` - **Download paths**: `/tmp/gh-aw/threat-detection/` - - **Used in**: 69 workflow(s) - agent-performance-analyzer.md, agent-persona-explorer.md, archie.md, brave.md, breaking-change-checker.md, changeset.md, ci-coach.md, ci-doctor.md, cli-consistency-checker.md, cloclo.md, code-scanning-fixer.md, commit-changes-analyzer.md, copilot-pr-merged-report.md, copilot-pr-nlp-analysis.md, craft.md, daily-choice-test.md, daily-copilot-token-report.md, daily-fact.md, daily-file-diet.md, daily-issues-report.md, daily-news.md, daily-observability-report.md, daily-repo-chronicle.md, daily-team-status.md, deep-report.md, dependabot-bundler.md, dependabot-go-checker.md, dev-hawk.md, dictation-prompt.md, github-mcp-structural-analysis.md, glossary-maintainer.md, go-fan.md, go-pattern-detector.md, grumpy-reviewer.md, hourly-ci-cleaner.md, issue-classifier.md, issue-triage-agent.md, layout-spec-maintainer.md, mergefest.md, notion-issue-summary.md, pdf-summary.md, plan.md, poem-bot.md, pr-nitpick-reviewer.md, pr-triage-agent.md, python-data-charts.md, q.md, release.md, repo-audit-analyzer.md, repository-quality-improver.md, research.md, scout.md, secret-scanning-triage.md, security-alert-burndown.md, security-compliance.md, security-fix-pr.md, security-guard.md, security-review.md, slide-deck-maintainer.md, stale-repo-identifier.md, super-linter.md, technical-doc-writer.md, test-create-pr-error-handling.md, tidy.md, typist.md, video-analyzer.md, weekly-issue-summary.md, workflow-generator.md, workflow-health-manager.md + - **Used in**: 70 workflow(s) - agent-performance-analyzer.md, agent-persona-explorer.md, archie.md, brave.md, breaking-change-checker.md, changeset.md, ci-coach.md, ci-doctor.md, cli-consistency-checker.md, cloclo.md, code-scanning-fixer.md, commit-changes-analyzer.md, copilot-pr-merged-report.md, copilot-pr-nlp-analysis.md, craft.md, daily-choice-test.md, daily-copilot-token-report.md, daily-fact.md, daily-file-diet.md, daily-issues-report.md, daily-news.md, daily-observability-report.md, daily-repo-chronicle.md, daily-team-status.md, deep-report.md, dependabot-bundler.md, dependabot-go-checker.md, dev-hawk.md, dev.md, dictation-prompt.md, github-mcp-structural-analysis.md, glossary-maintainer.md, go-fan.md, go-pattern-detector.md, grumpy-reviewer.md, hourly-ci-cleaner.md, issue-classifier.md, issue-triage-agent.md, layout-spec-maintainer.md, mergefest.md, notion-issue-summary.md, pdf-summary.md, plan.md, poem-bot.md, pr-nitpick-reviewer.md, pr-triage-agent.md, python-data-charts.md, q.md, release.md, repo-audit-analyzer.md, repository-quality-improver.md, research.md, scout.md, secret-scanning-triage.md, security-alert-burndown.md, security-compliance.md, security-fix-pr.md, security-guard.md, security-review.md, slide-deck-maintainer.md, stale-repo-identifier.md, super-linter.md, technical-doc-writer.md, test-create-pr-error-handling.md, tidy.md, typist.md, video-analyzer.md, weekly-issue-summary.md, workflow-generator.md, workflow-health-manager.md - `agent-output` - **Download paths**: `/tmp/gh-aw/threat-detection/` - - **Used in**: 69 workflow(s) - agent-performance-analyzer.md, agent-persona-explorer.md, archie.md, brave.md, breaking-change-checker.md, changeset.md, ci-coach.md, ci-doctor.md, cli-consistency-checker.md, cloclo.md, code-scanning-fixer.md, commit-changes-analyzer.md, copilot-pr-merged-report.md, copilot-pr-nlp-analysis.md, craft.md, daily-choice-test.md, daily-copilot-token-report.md, daily-fact.md, daily-file-diet.md, daily-issues-report.md, daily-news.md, daily-observability-report.md, daily-repo-chronicle.md, daily-team-status.md, deep-report.md, dependabot-bundler.md, dependabot-go-checker.md, dev-hawk.md, dictation-prompt.md, github-mcp-structural-analysis.md, glossary-maintainer.md, go-fan.md, go-pattern-detector.md, grumpy-reviewer.md, hourly-ci-cleaner.md, issue-classifier.md, issue-triage-agent.md, layout-spec-maintainer.md, mergefest.md, notion-issue-summary.md, pdf-summary.md, plan.md, poem-bot.md, pr-nitpick-reviewer.md, pr-triage-agent.md, python-data-charts.md, q.md, release.md, repo-audit-analyzer.md, repository-quality-improver.md, research.md, scout.md, secret-scanning-triage.md, security-alert-burndown.md, security-compliance.md, security-fix-pr.md, security-guard.md, security-review.md, slide-deck-maintainer.md, stale-repo-identifier.md, super-linter.md, technical-doc-writer.md, test-create-pr-error-handling.md, tidy.md, typist.md, video-analyzer.md, weekly-issue-summary.md, workflow-generator.md, workflow-health-manager.md + - **Used in**: 70 workflow(s) - agent-performance-analyzer.md, agent-persona-explorer.md, archie.md, brave.md, breaking-change-checker.md, changeset.md, ci-coach.md, ci-doctor.md, cli-consistency-checker.md, cloclo.md, code-scanning-fixer.md, commit-changes-analyzer.md, copilot-pr-merged-report.md, copilot-pr-nlp-analysis.md, craft.md, daily-choice-test.md, daily-copilot-token-report.md, daily-fact.md, daily-file-diet.md, daily-issues-report.md, daily-news.md, daily-observability-report.md, daily-repo-chronicle.md, daily-team-status.md, deep-report.md, dependabot-bundler.md, dependabot-go-checker.md, dev-hawk.md, dev.md, dictation-prompt.md, github-mcp-structural-analysis.md, glossary-maintainer.md, go-fan.md, go-pattern-detector.md, grumpy-reviewer.md, hourly-ci-cleaner.md, issue-classifier.md, issue-triage-agent.md, layout-spec-maintainer.md, mergefest.md, notion-issue-summary.md, pdf-summary.md, plan.md, poem-bot.md, pr-nitpick-reviewer.md, pr-triage-agent.md, python-data-charts.md, q.md, release.md, repo-audit-analyzer.md, repository-quality-improver.md, research.md, scout.md, secret-scanning-triage.md, security-alert-burndown.md, security-compliance.md, security-fix-pr.md, security-guard.md, security-review.md, slide-deck-maintainer.md, stale-repo-identifier.md, super-linter.md, technical-doc-writer.md, test-create-pr-error-handling.md, tidy.md, typist.md, video-analyzer.md, weekly-issue-summary.md, workflow-generator.md, workflow-health-manager.md ### Job: `notion_add_comment` @@ -129,10 +129,10 @@ This section provides an overview of artifacts organized by job name, with dupli - `agent-artifacts` - **Download paths**: `/tmp/gh-aw/` - - **Used in**: 18 workflow(s) - changeset.md, ci-coach.md, cloclo.md, code-scanning-fixer.md, craft.md, dependabot-bundler.md, dictation-prompt.md, glossary-maintainer.md, hourly-ci-cleaner.md, layout-spec-maintainer.md, mergefest.md, poem-bot.md, q.md, secret-scanning-triage.md, slide-deck-maintainer.md, technical-doc-writer.md, test-create-pr-error-handling.md, tidy.md + - **Used in**: 19 workflow(s) - changeset.md, ci-coach.md, cloclo.md, code-scanning-fixer.md, craft.md, dependabot-bundler.md, dev.md, dictation-prompt.md, glossary-maintainer.md, hourly-ci-cleaner.md, layout-spec-maintainer.md, mergefest.md, poem-bot.md, q.md, secret-scanning-triage.md, slide-deck-maintainer.md, technical-doc-writer.md, test-create-pr-error-handling.md, tidy.md - `agent-output` - **Download paths**: `/tmp/gh-aw/safeoutputs/` - - **Used in**: 70 workflow(s) - agent-performance-analyzer.md, agent-persona-explorer.md, ai-moderator.md, archie.md, brave.md, breaking-change-checker.md, changeset.md, ci-coach.md, ci-doctor.md, cli-consistency-checker.md, cloclo.md, code-scanning-fixer.md, commit-changes-analyzer.md, copilot-pr-merged-report.md, copilot-pr-nlp-analysis.md, craft.md, daily-choice-test.md, daily-copilot-token-report.md, daily-fact.md, daily-file-diet.md, daily-issues-report.md, daily-news.md, daily-observability-report.md, daily-repo-chronicle.md, daily-team-status.md, deep-report.md, dependabot-bundler.md, dependabot-go-checker.md, dev-hawk.md, dictation-prompt.md, github-mcp-structural-analysis.md, glossary-maintainer.md, go-fan.md, go-pattern-detector.md, grumpy-reviewer.md, hourly-ci-cleaner.md, issue-classifier.md, issue-triage-agent.md, layout-spec-maintainer.md, mergefest.md, notion-issue-summary.md, pdf-summary.md, plan.md, poem-bot.md, pr-nitpick-reviewer.md, pr-triage-agent.md, python-data-charts.md, q.md, release.md, repo-audit-analyzer.md, repository-quality-improver.md, research.md, scout.md, secret-scanning-triage.md, security-alert-burndown.md, security-compliance.md, security-fix-pr.md, security-guard.md, security-review.md, slide-deck-maintainer.md, stale-repo-identifier.md, super-linter.md, technical-doc-writer.md, test-create-pr-error-handling.md, tidy.md, typist.md, video-analyzer.md, weekly-issue-summary.md, workflow-generator.md, workflow-health-manager.md + - **Used in**: 71 workflow(s) - agent-performance-analyzer.md, agent-persona-explorer.md, ai-moderator.md, archie.md, brave.md, breaking-change-checker.md, changeset.md, ci-coach.md, ci-doctor.md, cli-consistency-checker.md, cloclo.md, code-scanning-fixer.md, commit-changes-analyzer.md, copilot-pr-merged-report.md, copilot-pr-nlp-analysis.md, craft.md, daily-choice-test.md, daily-copilot-token-report.md, daily-fact.md, daily-file-diet.md, daily-issues-report.md, daily-news.md, daily-observability-report.md, daily-repo-chronicle.md, daily-team-status.md, deep-report.md, dependabot-bundler.md, dependabot-go-checker.md, dev-hawk.md, dev.md, dictation-prompt.md, github-mcp-structural-analysis.md, glossary-maintainer.md, go-fan.md, go-pattern-detector.md, grumpy-reviewer.md, hourly-ci-cleaner.md, issue-classifier.md, issue-triage-agent.md, layout-spec-maintainer.md, mergefest.md, notion-issue-summary.md, pdf-summary.md, plan.md, poem-bot.md, pr-nitpick-reviewer.md, pr-triage-agent.md, python-data-charts.md, q.md, release.md, repo-audit-analyzer.md, repository-quality-improver.md, research.md, scout.md, secret-scanning-triage.md, security-alert-burndown.md, security-compliance.md, security-fix-pr.md, security-guard.md, security-review.md, slide-deck-maintainer.md, stale-repo-identifier.md, super-linter.md, technical-doc-writer.md, test-create-pr-error-handling.md, tidy.md, typist.md, video-analyzer.md, weekly-issue-summary.md, workflow-generator.md, workflow-health-manager.md ### Job: `super_linter` @@ -2365,6 +2365,14 @@ This section provides an overview of artifacts organized by job name, with dupli **Uploads:** +- **Artifact**: `safe-output` + - **Upload paths**: + - `${{ env.GH_AW_SAFE_OUTPUTS }}` + +- **Artifact**: `agent-output` + - **Upload paths**: + - `${{ env.GH_AW_AGENT_OUTPUT }}` + - **Artifact**: `agent_outputs` - **Upload paths**: - `/tmp/gh-aw/sandbox/agent/logs/` @@ -2377,6 +2385,45 @@ This section provides an overview of artifacts organized by job name, with dupli - `/tmp/gh-aw/mcp-logs/` - `/tmp/gh-aw/sandbox/firewall/logs/` - `/tmp/gh-aw/agent-stdio.log` + - `/tmp/gh-aw/aw.patch` + +#### Job: `conclusion` + +**Downloads:** + +- **Artifact**: `agent-output` (by name) + - **Download path**: `/tmp/gh-aw/safeoutputs/` + - **Depends on jobs**: [activation agent detection safe_outputs] + +#### Job: `detection` + +**Uploads:** + +- **Artifact**: `threat-detection.log` + - **Upload paths**: + - `/tmp/gh-aw/threat-detection/detection.log` + +**Downloads:** + +- **Artifact**: `agent-artifacts` (by name) + - **Download path**: `/tmp/gh-aw/threat-detection/` + - **Depends on jobs**: [agent] + +- **Artifact**: `agent-output` (by name) + - **Download path**: `/tmp/gh-aw/threat-detection/` + - **Depends on jobs**: [agent] + +#### Job: `safe_outputs` + +**Downloads:** + +- **Artifact**: `agent-output` (by name) + - **Download path**: `/tmp/gh-aw/safeoutputs/` + - **Depends on jobs**: [activation agent detection] + +- **Artifact**: `agent-artifacts` (by name) + - **Download path**: `/tmp/gh-aw/` + - **Depends on jobs**: [activation agent detection] ### dictation-prompt.md