chore: bump Codex 0.142.1, Copilot SDK 1.0.4#41430
Conversation
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
This PR performs routine patch-level version bumps for default engine/tool pins used by gh-aw, and updates generated workflow lock files to reflect the new pinned versions.
Changes:
- Bump
DefaultCopilotSDKVersionfrom1.0.3→1.0.4andDefaultCodexVersionfrom0.142.0→0.142.1. - Regenerate workflow
.lock.ymlfiles so the embeddedengine_versionsmetadata and install steps pin the updated versions.
Show a summary per file
| File | Description |
|---|---|
| pkg/constants/version_constants.go | Updates default pinned versions for Copilot SDK and Codex CLI. |
| .github/workflows/smoke-copilot-sdk.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/q.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/pr-triage-agent.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/pr-nitpick-reviewer.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/pr-code-quality-reviewer.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/plan.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/pdf-summary.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/org-health-report.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/mergefest.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/layout-spec-maintainer.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/jsweep.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/firewall.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/firewall-escape.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/draft-pr-cleanup.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/docs-noob-tester.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/discussion-task-miner.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/dictation-prompt.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/deployment-incident-monitor.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/delight.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/dead-code-remover.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/daily-workflow-updater.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/daily-testify-uber-super-expert.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/daily-syntax-error-quality.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/daily-spdd-spec-planner.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/daily-skill-optimizer.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/daily-sentrux-report.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/daily-secrets-analysis.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/daily-safe-output-integrator.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/daily-repo-chronicle.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/daily-performance-summary.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/daily-model-inventory.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/daily-malicious-code-scan.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/daily-issues-report.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 (Python package) in install step/metadata. |
| .github/workflows/daily-geo-optimizer.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/daily-formal-spec-verifier.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/daily-experiment-report.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/daily-compiler-threat-spec-optimizer.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/daily-compiler-quality.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/daily-cli-performance.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/daily-assign-issue-to-user.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/daily-architecture-diagram.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/daily-agent-of-the-day-blog-writer.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/craft.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/copilot-pr-prompt-analysis.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/copilot-pr-nlp-analysis.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/copilot-pr-merged-report.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/copilot-opt.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/copilot-cli-deep-research.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/cli-consistency-checker.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/code-scanning-fixer.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/brave.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/breaking-change-checker.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/ci-coach.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/artifacts-summary.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/architecture-guardian.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
| .github/workflows/agent-performance-analyzer.lock.yml | Regenerated lockfile to pin Copilot SDK 1.0.4 in metadata and install step. |
Copilot's findings
Tip
Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Files reviewed: 79/79 changed files
- Comments generated: 0
|
🧠 Matt Pocock Skills Reviewer has completed the skills-based review. ✅ |
|
|
|
🚀 Smoke Pi MISSION COMPLETE! Pi delivered. 🥧 |
|
✅ Design Decision Gate 🏗️ completed the design decision gate check. No ADR enforcement needed: PR does not have the 'implementation' label and has ≤100 new lines of code in business logic directories (default_business_additions=2). |
|
🎬 THE END — Smoke Claude MISSION: ACCOMPLISHED! The hero saves the day! ✨ |
|
🚀 Smoke Gemini MISSION COMPLETE! Gemini has spoken. ✨ |
|
✅ All tools validated successfully! Agent Container Smoke Test confirms agent container is ready. |
|
✅ Test Quality Sentinel completed test quality analysis. No test files were added or modified in this PR. Test Quality Sentinel skipped. PR #41430 ('chore: bump Codex 0.142.1, Copilot SDK 1.0.4') only modifies .lock.yml workflow files and pkg/constants/version_constants.go — no Go _test.go or JavaScript .test.cjs/.test.js files were touched. |
|
✅ PR Code Quality Reviewer completed the code quality review. |
|
📰 BREAKING: Smoke Copilot - AOAI (apikey) is now investigating this pull request. Sources say the story is developing... |
|
✨ The prophecy is fulfilled... Smoke Codex has completed its mystical journey. The stars align. 🌟 Caution agentic threat detected DetailsThe threat detection engine failed to produce results. Review the workflow run logs for details. |
|
📰 BREAKING: Smoke Copilot - AOAI (Entra) is now investigating this pull request. Sources say the story is developing... |
|
📰 BREAKING: Smoke Copilot is now investigating this pull request. Sources say the story is developing... |
|
Smoke test 28170777367
Warning Firewall blocked 1 domainThe following domain was blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "proxy.golang.org"See Network Configuration for more information.
|
Agent Container Tool Check
Result: 12/12 tools available ✅ Overall Status: PASS
|
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
There was a problem hiding this comment.
Reviewed patch-level version bumps: DefaultCodexVersion 0.142.0 → 0.142.1 and DefaultCopilotSDKVersion 1.0.3 → 1.0.4. All 79 lock files are consistently updated — version references symmetric with zero stray old-version strings remaining. No logic, security, or correctness issues.
🔎 Code quality review by PR Code Quality Reviewer · 42.4 AIC · ⌖ 6.82 AIC · ⊞ 5.2K
There was a problem hiding this comment.
💥 Automated smoke test review - all systems nominal!
Warning
Firewall blocked 6 domains
The following domains were blocked by the firewall during workflow execution:
accounts.google.comandroid.clients.google.comclients2.google.comcontentautofill.googleapis.comsafebrowsingohttpgateway.googleapis.comwww.google.com
To allow these domains, add them to the
network.allowedlist in your workflow frontmatter:
network:
allowed:
- defaults
- "accounts.google.com"
- "android.clients.google.com"
- "clients2.google.com"
- "contentautofill.googleapis.com"
- "safebrowsingohttpgateway.googleapis.com"
- "www.google.com"See Network Configuration for more information.
💥 [THE END] — Illustrated by Smoke Claude · 91.5 AIC · ⌖ 27.4 AIC · ⊞ 8.7K
| @@ -1,4 +1,4 @@ | |||
| # gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"6e96864e45231e2e1ed183134d3db2b0f37e9ec139a6949c030bec03b95dd6a8","body_hash":"6512aa78d584595ac0838c49bb2f70b3ef676213326662eb2abbae0805dc673b","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65","copilot-sdk":"1.0.3"}} | |||
| # gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"6e96864e45231e2e1ed183134d3db2b0f37e9ec139a6949c030bec03b95dd6a8","body_hash":"6512aa78d584595ac0838c49bb2f70b3ef676213326662eb2abbae0805dc673b","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.65","copilot-sdk":"1.0.4"}} | |||
| # gh-aw-manifest: {"version":1,"secrets":["GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0","version":"v7.0.0"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-go","sha":"4a3601121dd01d1626a1e23e37211e3254c1c06c","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"},{"repo":"docker/build-push-action","sha":"f9f3042f7e2789586610d6e8b85c8f03e5195baf","version":"v7.2.0"},{"repo":"docker/setup-buildx-action","sha":"d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5","version":"v4.1.0"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10","digest":"sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.10@sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10","digest":"sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.10@sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.27.10"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10","digest":"sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.10@sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.30","digest":"sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.30@sha256:4d0101d8740c99b755181d19dc0067ac7eb40433d1c354fd715358bee4a296c1"},{"image":"ghcr.io/github/gh-aw-node","digest":"sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b","pinned_image":"ghcr.io/github/gh-aw-node@sha256:529d02eb970b1161aa25c593a9c3df57fdfad5a8add328cb3b6eccef66f3183b"},{"image":"ghcr.io/github/github-mcp-server:v1.4.0","digest":"sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036","pinned_image":"ghcr.io/github/github-mcp-server:v1.4.0@sha256:2afb26356481d1a350e14544a6e160f7f7ec1561a1ea309b823665abf0309036"}]} | |||
There was a problem hiding this comment.
🔎 Smoke test: verified the header pin bump is consistent with the lock recompile. Looks good.
| run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.27.10 | ||
| - name: Install GitHub Copilot SDK (Node.js) | ||
| run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.3 | ||
| run: cd "${GITHUB_WORKSPACE}" && npm install --ignore-scripts --no-save @github/copilot-sdk@1.0.4 |
There was a problem hiding this comment.
🔎 Smoke test: pinned action SHA update here aligns with the version bump. Nice.
|
Caution agentic threat detected DetailsThe threat detection engine failed to produce results. Review the workflow run logs for details. Smoke test FAIL\n- Merged PRs: fix: revert sandbox.agent.sudo to true in glossary-maintainer workflow; [spec-extractor] Update package specifications for tty, types, typeutil, workflow\n- PASS: Serena, Playwright, file write, bash verify, build, comment memory, cache memory\n- FAIL: web-fetch, issue field\n- Overall: FAIL Warning Firewall blocked 6 domainsThe following domains were blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "accounts.google.com"
- "android.clients.google.com"
- "clients2.google.com"
- "contentautofill.googleapis.com"
- "safebrowsingohttpgateway.googleapis.com"
- "www.google.com"See Network Configuration for more information.
|
|
Caution agentic threat detected DetailsThe threat detection engine failed to produce results. Review the workflow run logs for details. Comment MemoryNote This comment is managed by comment memory.It stores persistent context for this thread in the code block at the top of this comment. Warning Firewall blocked 6 domainsThe following domains were blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "accounts.google.com"
- "android.clients.google.com"
- "clients2.google.com"
- "contentautofill.googleapis.com"
- "safebrowsingohttpgateway.googleapis.com"
- "www.google.com"See Network Configuration for more information.
|
|
Smoke Test Results: 1✅ 2✅ 3❌ 4❌ 5✅ Overall: FAIL Warning Firewall blocked 6 domainsThe following domains were blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "accounts.google.com"
- "android.clients.google.com"
- "clients2.google.com"
- "contentautofill.googleapis.com"
- "safebrowsingohttpgateway.googleapis.com"
- "www.google.com"See Network Configuration for more information.
|
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Fixed in the latest commit. The |
|
@copilot remove "sandbox.agent.sudo: false" from smoke agentic workflows |
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Done — removed |
This comment has been minimized.
This comment has been minimized.
|
👋 Automated bump looks clean! The version constant changes in
|
Routine patch-level version bumps detected by the CLI Version Checker workflow.
Changes
pkg/constants/version_constants.goDefaultCodexVersion:0.142.0→0.142.1(Windows proxy support; no impact on Linux runners)DefaultCopilotSDKVersion:1.0.3→1.0.4(patch release, no public changelog)✨ PR Review Safe Output Test - Run 28170777208
Warning
Firewall blocked 6 domains
The following domains were blocked by the firewall during workflow execution:
accounts.google.comandroid.clients.google.comclients2.google.comcontentautofill.googleapis.comsafebrowsingohttpgateway.googleapis.comwww.google.comSee Network Configuration for more information.