Pin all MCP container images to SHA-256 digests; replace floating tags by Copilot · Pull Request #25072 · github/gh-aw

Copilot · 2026-04-07T11:27:51Z

All six MCP stack images were pulled by mutable tag with no digest pinning. node:lts-alpine was additionally a floating alias that silently shifts content on each Node.js LTS promotion — a supply-chain attack surface before the agent process even starts.

Constants

Floating tags replaced with specific version tags (pkg/constants/constants.go):

node:lts-alpine → node:22-alpine
python:alpine → python:3.12-alpine
alpine:latest → alpine:3.21

DefaultPlaywrightMCPDockerVersion added to pkg/constants/version_constants.go so the Playwright MCP image gets a pinned version tag (v0.0.68).

SHA-256 digests are not hardcoded as Go constants — they live in the lock file instead (see below).

Unified Lock File Format

Container digests are now stored in the "containers" section of .github/aw/actions-lock.json, alongside the existing "entries" section for GitHub Actions pins. The two sections share a single file and a single load/save lifecycle:

{
  "entries": {
    "actions/checkout@v4.2.2": { "repo": "...", "sha": "..." },
    ...
  },
  "containers": {
    "ghcr.io/github/github-mcp-server:v0.32.0": {
      "image": "ghcr.io/github/github-mcp-server",
      "version": "v0.32.0",
      "digest": "sha256:2763823c…",
      "source": "ghcr.io"
    },
    ...
  }
}

containers-lock.json does not exist — there is only one lock file.

ActionCache gains a Containers map[string]ContainerCacheEntry field, GetContainerDigest(), and SetContainer() methods. marshalSorted() writes "entries" first, then "containers".

pkg/workflow/container_cache.go — ContainerCache is a thin wrapper over *ActionCache. It exposes the same digest-lookup and set API but delegates all file I/O to the underlying ActionCache. NewContainerCacheFromActionCache() lets the compiler wrap its already-loaded action cache (zero extra disk reads).

Image Reference Construction

buildVersionedImageRef() in docker.go accepts a *ContainerCache and appends @sha256:… only when a matching entry exists in the cache. Custom version overrides remain unpinned (digest is unknowable at compile time):

// Default version + cache hit → immutable content address
"ghcr.io/github/github-mcp-server:v0.32.0@sha256:2763823c…"

// Custom version override → tag only (no digest known)
"ghcr.io/github/github-mcp-server:v1.2.3"

The ContainerCache is threaded through WorkflowData, MCPRendererOptions, GitHubMCPDockerOptions, and all renderer functions (collectDockerImages(), MCP_GATEWAY_DOCKER_COMMAND, GitHub MCP JSON/TOML config renderers, Playwright config renderers). Image deduplication in collectDockerImages() uses base-reference keying so that a digest-pinned version always wins over a plain-tag duplicate.

Digest Refresh via Update/Upgrade Commands

pkg/cli/update_containers.go — UpdateContainers() resolves fresh SHA-256 digests from OCI registry HTTP APIs (GHCR authenticated with GITHUB_TOKEN, Docker Hub and MCR anonymously) and writes results to the "containers" section of actions-lock.json.

UpdateContainers() is called automatically by both gh aw update and gh aw upgrade alongside the existing UpdateActions() step, keeping container digests fresh with each update cycle.

Compiled Output

All 182 .lock.yml workflow files recompiled — every default image reference in generated download_docker_images.sh invocations and MCP gateway container config now carries @sha256:.

…s with version-pinned images Agent-Logs-Url: https://github.com/github/gh-aw/sessions/8c47ab8e-73e3-41ae-88b7-c835ff933755 Co-authored-by: szabta89 <1330202+szabta89@users.noreply.github.com>

pelikhan · 2026-04-07T14:19:41Z

@copilot

keep floating shas in constants
integrate container version+sha resolution in update command
store container info version like action shas

…th update/upgrade commands Agent-Logs-Url: https://github.com/github/gh-aw/sessions/b7c65dbf-0da0-4989-a983-3e737df2a9c2 Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

…x duplicate comment Agent-Logs-Url: https://github.com/github/gh-aw/sessions/b7c65dbf-0da0-4989-a983-3e737df2a9c2 Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

Copilot · 2026-04-07T15:08:31Z

@copilot

keep floating shas in constants...

Done in commit 0a4eb13 (and a fixup in e5da791):

Floating SHAs removed from constants — no *Digest Go constants. Floating tags still fixed (node:lts-alpine → node:22-alpine, python:alpine → python:3.12-alpine, alpine:latest → alpine:3.21).
Container version+SHA resolution in update/upgrade — UpdateContainers() in pkg/cli/update_containers.go uses the OCI Distribution Spec HTTP API to resolve digests for all default images (GHCR, Docker Hub, MCR). Called automatically by both gh aw update and gh aw upgrade.
Stored like action SHAs — .github/aw/containers-lock.json holds {image:version → digest} entries (pre-seeded with the current known digests). The compiler loads it via ContainerCache (mirrors ActionCache) and appends @sha256:… to image references when an entry is present. Missing lock file is non-fatal.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

https://api.github.com/graphql
- Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw (http block)
- Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw 1628666/b001/worrev-parse /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git --show-toplevel bash /usr/bin/git git (http block)
- Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw git /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git --show-toplevel git /usr/bin/git git (http block)
https://api.github.com/orgs/test-owner/actions/secrets
- Triggering command: /usr/bin/gh gh api /orgs/test-owner/actions/secrets --jq .secrets[].name --show-toplevel git /usr/bin/git --show-toplevel git ache/uv/0.11.3/x86_64/bash git rev-�� --show-toplevel git /usr/bin/gh --show-toplevel git ache/uv/0.11.3/x86_64/bash gh (http block)
https://api.github.com/repos/actions/ai-inference/git/ref/tags/v1
- Triggering command: /usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq .object.sha --noprofile git /snap/bin/bash --local gpg.program ache/go/1.25.8/x--show-toplevel bash --no�� --noprofile git /home/REDACTED/.config/composer/vendor/bin/bash HEAD (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq .object.sha 64/bin/bash git /opt/hostedtoolcache/node/24.14.1/x64/bin/node --show-toplevel ache/go/1.25.8/xrev-parse /usr/bin/git node js/f�� 64/pkg/tool/linu--show-toplevel git /home/REDACTED/.cargo/bin/bash --show-toplevel 64/pkg/tool/linurev-parse /usr/bin/git bash (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq .object.sha 1/x64/bin/node git /usr/local/bin/bash --show-toplevel git (http block)
https://api.github.com/repos/actions/checkout/git/ref/tags/v3
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq .object.sha --noprofile -pack n-dir/bash /lib/php/sessiongit (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq .object.sha --show-toplevel git 1/x64/bin/node --show-toplevel x_amd64/vet /usr/bin/git git cjs --show-toplevel git ache/node/24.14.1/x64/bin/node --show-toplevel x_amd64/vet /usr/bin/git git (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq .object.sha --show-toplevel git ache/node/24.14.1/x64/bin/node --show-toplevel git /usr/bin/git git _har�� --show-toplevel git ache/node/24.14.1/x64/bin/node --show-toplevel git /usr/bin/git git (http block)
https://api.github.com/repos/actions/checkout/git/ref/tags/v5
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha --noprofile conntrack x_amd64/vet INVALID,NEW -j DROP x_amd64/vet --no�� --noprofile (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha --noprofile bash /usr/bin/git --noprofile (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha --show-toplevel 64/pkg/tool/linux_amd64/vet /usr/bin/git command -v debiagit (http block)
https://api.github.com/repos/actions/checkout/git/ref/tags/v6
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha --noprofile -tests /home/REDACTED/.local/bin/bash get (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha --noprofile -tests /home/REDACTED/.config/composer/vendor/bin/bash get --local ash bash --no�� --noprofile git /usr/bin/git --local committer.name rgo/bin/bash git (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha --show-toplevel 64/pkg/tool/linux_amd64/vet /usr/bin/git --noprofile cfg x_amd64/asm git rev-�� --show-toplevel x_amd64/asm /usr/bin/git --noprofile cfg x_amd64/asm git (http block)
https://api.github.com/repos/actions/github-script/git/ref/tags/v8
- Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha s/buildGitHubMCPServerImageRef(string(constants\.DefaultGitHubMCPServerVersion))/buildGitHubMCPSgit /home/REDACTED/work/gh-aw/gh-aw/pkg/workflow/codex_engine_test.go /home/REDACTED/.local/bin/bash /home/REDACTED/worgit /home/REDACTED/worrev-parse p/bin/bash bash --no�� --noprofile git /usr/bin/git nedImageRef g/workflow/ 64/bin/bash git (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha --noprofile git /home/REDACTED/.dotnet/tools/bash get --local /usr/local/sbin/--show-toplevel bash --no�� --noprofile git /home/REDACTED/work/_temp/uv-python-dir/bash --local committer.name p/bin/bash bash (http block)
https://api.github.com/repos/actions/setup-go/git/ref/tags/v4
- Triggering command: /usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq .object.sha --noprofile -tests 7622955/b367/vet.cfg get --local rgo/bin/bash bash --no�� --noprofile git 7335125/b367/vet.cfg --local committer.name ache/node/24.14.--show-toplevel /tmp/go-build3907622955/b001/workflow.test (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq .object.sha --show-toplevel git /usr/bin/git --show-toplevel 64/pkg/tool/linurev-parse /usr/bin/git git rev-�� --show-toplevel git /opt/hostedtoolcache/node/24.14.1/x64/bin/node --show-toplevel ache/go/1.25.8/xrev-parse /usr/bin/git node (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq .object.sha /usr/bin/git git /opt/hostedtoolcache/node/24.14.1/x64/bin/node --show-toplevel git /usr/bin/git node js/f�� 1/x64/bin/node git /opt/hostedtoolcache/go/1.25.8/x64/bin/bash --show-toplevel git /usr/bin/git bash (http block)
https://api.github.com/repos/actions/setup-node/git/ref/tags/v4
- Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq .object.sha --noprofile -tests 7622955/b123/vet.cfg get --local (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq .object.sha --show-toplevel git /usr/bin/git --show-toplevel 64/pkg/tool/linurev-parse /usr/bin/git git rev-�� --show-toplevel git /opt/hostedtoolcache/node/24.14.1/x64/bin/node --show-toplevel ache/go/1.25.8/xrev-parse /usr/bin/git node (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq .object.sha /usr/bin/git git /opt/hostedtoolcache/node/24.14.1/x64/bin/node --show-toplevel git /usr/bin/git node js/f�� 1/x64/bin/node git /home/REDACTED/.local/bin/bash --show-toplevel git /usr/bin/git bash (http block)
https://api.github.com/repos/actions/upload-artifact/git/ref/tags/v4
- Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v4 --jq .object.sha se 940634/b140/vet.cfg 64/pkg/tool/linux_amd64/vet (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v4 --jq .object.sha --show-toplevel gh 1/x64/bin/node /repos/nonexistegit --jq /usr/bin/git git rev-�� --show-toplevel git 1/x64/bin/node --show-toplevel x_amd64/vet /usr/bin/git git (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v4 --jq .object.sha --show-toplevel git 1/x64/bin/node --show-toplevel git /usr/bin/git git cjs --show-toplevel git kflow.test --show-toplevel git /usr/bin/git kflow.test (http block)
https://api.github.com/repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b
- Triggering command: /usr/bin/gh gh api /repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b --jq .object.sha --show-toplevel 5513804/b388/importcfg /usr/bin/git 5513804/b388/embnode GOPROXY ache/go/1.25.8/x64/bin/go git rev-�� --show-toplevel 1d4e30c9f818565f23281ced /opt/hostedtoolcache/node/24.14.1/x64/bin/npm /tmp/go-build275infocmp -trimpath /opt/hostedtoolcxterm-color /opt/hostedtoolcache/node/24.14.1/x64/bin/npm (http block)
- Triggering command: /usr/bin/gh gh api /repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b --jq .object.sha --show-toplevel Uyqt0Hs9FH5owewGJ3/X6JJxA3D_7Y747wyT_7b/y7sG_iSWv3DHDchEkdtO /usr/bin/git "prettier" --chenode GOPROXY _.a git |g --show-toplevel go /opt/hostedtoolcache/go/1.25.8/x64/bin/node -json GO111MODULE ache/go/1.25.8/x/home/REDACTED/work/gh-aw/gh-aw/.github/workflows node (http block)
- Triggering command: /usr/bin/gh gh api /repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b --jq .object.sha --show-toplevel go /usr/bin/git -json GO111MODULE ache/go/1.25.8/x64/bin/go git rev-�� --show-toplevel (http block)
https://api.github.com/repos/github/gh-aw
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw --jq .visibility --show-toplevel go /usr/bin/basename -json GO111MODULE /opt/hostedtoolc/home/REDACTED/work/gh-aw/gh-aw/.github/workflows basename /tmp�� GOMODCACHE go r: $owner, name: $name) { hasDiscussionsEnabled } } -json GO111MODULE /usr/bin/git x_amd64/link (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw --jq .visibility --show-toplevel go /usr/bin/git -json GO111MODULE /opt/hostedtoolc/home/REDACTED/work/gh-aw/gh-aw/.github/workflows git rev-�� HEAD go r: $owner, name: $name) { hasDiscussionsEnabled } } -json GO111MODULE /opt/hostedtoolcinspect git (http block)
https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v0.1.2
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v0.1.2 --jq .object.sha --noprofile git /usr/local/.ghcup/bin/bash get --local x_amd64/asm bash --no�� --noprofile x_amd64/asm (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v0.1.2 --jq .object.sha --show-toplevel git /usr/bin/git --show-toplevel x_amd64/compile /usr/bin/git git rev-�� --show-toplevel git (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v0.1.2 --jq .object.sha /usr/bin/git git /opt/hostedtoolcache/node/24.14.1/x64/bin/node --show-toplevel git /usr/bin/git node js/f�� 1/x64/bin/node git (http block)
https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.0.0
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.0.0 --jq .object.sha rojJ/BsCEpKCTlnO_QdOprojJ (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.0.0 --jq .object.sha --show-toplevel git 1/x64/bin/node --show-toplevel x_amd64/vet /usr/bin/git git rev-�� --show-toplevel git 1/x64/bin/node --show-toplevel x_amd64/vet /usr/bin/git git (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.0.0 --jq .object.sha --show-toplevel git 1/x64/bin/node --show-toplevel git /usr/bin/git git cjs --show-toplevel git ache/node/24.14.1/x64/bin/node --show-toplevel git /usr/bin/git git (http block)
https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.2.3
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.2.3 --jq .object.sha se 940634/b073/vet.cfg de/node/bin/bash (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.2.3 --jq .object.sha /repos/github/gh-aw/git/ref/tags/v0.47.4 --jq 1/x64/bin/node --show-toplevel x_amd64/vet /usr/bin/git git rev-�� --show-toplevel git 1/x64/bin/node --show-toplevel x_amd64/vet /usr/bin/git git (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.2.3 --jq .object.sha --show-toplevel git 1/x64/bin/node --show-toplevel git /usr/bin/git git cjs --show-toplevel git ache/node/24.14.1/x64/bin/node --show-toplevel git /usr/bin/git git (http block)
https://api.github.com/repos/github/gh-aw/actions/runs/1/artifacts
- Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/1/artifacts --jq .artifacts[].name git 1/x64/bin/node --show-toplevel git /usr/bin/git git rev-�� --show-toplevel git 1/x64/bin/node --show-toplevel git /usr/bin/git git (http block)
- Triggering command: /usr/bin/gh gh run download 1 --dir test-logs/run-1 git 1/x64/bin/node --show-toplevel -tests /usr/bin/git git rev-�� 3257581211/.github/workflows git 1/x64/bin/node --show-toplevel git /usr/bin/git git (http block)
https://api.github.com/repos/github/gh-aw/actions/runs/12345/artifacts
- Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/12345/artifacts --jq .artifacts[].name git 1/x64/bin/node --show-toplevel git /usr/bin/git git rev-�� --show-toplevel git 1/x64/bin/node --show-toplevel git /usr/bin/git git (http block)
- Triggering command: /usr/bin/gh gh run download 12345 --dir test-logs/run-12345 git 1/x64/bin/node --show-toplevel git /usr/bin/git git rev-�� --show-toplevel git 1/x64/bin/node --show-toplevel git /usr/bin/git git (http block)
https://api.github.com/repos/github/gh-aw/actions/runs/12346/artifacts
- Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/12346/artifacts --jq .artifacts[].name git 1/x64/bin/node --show-toplevel git /usr/bin/git git rev-�� --show-toplevel git 1/x64/bin/node --show-toplevel git /usr/bin/git git (http block)
- Triggering command: /usr/bin/gh gh run download 12346 --dir test-logs/run-12346 git 1/x64/bin/node --show-toplevel git /usr/bin/git git rev-�� --show-toplevel git 1/x64/bin/node --show-toplevel git /usr/bin/git git (http block)
https://api.github.com/repos/github/gh-aw/actions/runs/2/artifacts
- Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/2/artifacts --jq .artifacts[].name git 1/x64/bin/node --show-toplevel git /usr/bin/git git rev-�� 636246779/.github/workflows git 1/x64/bin/node --show-toplevel git /usr/bin/git git (http block)
- Triggering command: /usr/bin/gh gh run download 2 --dir test-logs/run-2 git 1/x64/bin/node --show-toplevel -extld=gcc /usr/bin/git git rev-�� 3257581211/.github/workflows git 1/x64/bin/node --show-toplevel git /usr/bin/git git (http block)
https://api.github.com/repos/github/gh-aw/actions/runs/3/artifacts
- Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/3/artifacts --jq .artifacts[].name git 1/x64/bin/node --show-toplevel git /usr/bin/git git rev-�� 636246779/.github/workflows git 1/x64/bin/node --show-toplevel git /usr/bin/git git (http block)
- Triggering command: /usr/bin/gh gh run download 3 --dir test-logs/run-3 git 1/x64/bin/node --show-toplevel git /usr/bin/git git rev-�� --show-toplevel git 1/x64/bin/node --show-toplevel git /usr/bin/git git (http block)
https://api.github.com/repos/github/gh-aw/actions/runs/4/artifacts
- Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/4/artifacts --jq .artifacts[].name git 1/x64/bin/node --show-toplevel git /usr/bin/git git rev-�� 636246779/.github/workflows git 1/x64/bin/node --show-toplevel git /usr/bin/git git (http block)
- Triggering command: /usr/bin/gh gh run download 4 --dir test-logs/run-4 git 1/x64/bin/node --show-toplevel -tests /usr/bin/git git rev-�� 3257581211/.github/workflows git 1/x64/bin/node --show-toplevel git /usr/bin/git git (http block)
https://api.github.com/repos/github/gh-aw/actions/runs/5/artifacts
- Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/5/artifacts --jq .artifacts[].name git 1/x64/bin/node --show-toplevel git /usr/bin/git git rev-�� --show-toplevel git 1/x64/bin/node --show-toplevel git /usr/bin/git git (http block)
- Triggering command: /usr/bin/gh gh run download 5 --dir test-logs/run-5 git 1/x64/bin/node --show-toplevel git /usr/bin/git git rev-�� --show-toplevel git 1/x64/bin/node 4 -type d -namegit git /usr/bin/git git (http block)
https://api.github.com/repos/github/gh-aw/actions/workflows
- Triggering command: /usr/bin/gh gh workflow list --json name,state,path --show-toplevel git /usr/bin/git --show-toplevel git bin/bash git rev-�� --show-toplevel git /usr/bin/gh --show-toplevel git bin/bash gh (http block)
- Triggering command: /usr/bin/gh gh run list --json databaseId,number,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle --workflow nonexistent-workflow-12345 --limit 100 git /opt/hostedtoolc-m node /opt�� install --package-lock-only /usr/bin/git 1/x64/bin/node git /opt/hostedtoolc/tmp/TestGuardPolicyMinIntegrityOnlyrepos_only_without_min-integrity1729257256/001 git (http block)
- Triggering command: /usr/bin/gh gh run list --json databaseId,number,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle --workflow nonexistent-workflow-12345 --limit 6 -test.timeout=5minit /usr/bin/git git itbr�� --show-toplevel git 1/x64/bin/node --show-toplevel git /usr/bin/git git (http block)
https://api.github.com/repos/github/gh-aw/git/ref/tags/v0.47.4
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v0.47.4 --jq .object.sha --show-toplevel x_amd64/vet /usr/bin/git --slice=azure-wagit --scope x_amd64/vet git rev-�� --show-toplevel x_amd64/vet /usr/bin/git bin/WALinuxAgent/bin/sh -collect-logs x_amd64/vet git (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v0.47.4 --jq .object.sha --show-toplevel git /usr/bin/git --show-toplevel /opt/hostedtoolcrev-parse /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git --show-toplevel /opt/hostedtoolc-c /usr/bin/git git (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v0.47.4 --jq .object.sha --show-toplevel git /usr/bin/git --show-toplevel git /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git --show-toplevel git /usr/bin/git git (http block)
https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.0.0
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq .object.sha PServerVersion))/buildGitHubMCPServerImageRef(string(constants.DefaultGitHubMCPServerVersion), nbash (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq .object.sha --show-toplevel kflow.test /usr/bin/git -unreachable=falnode /tmp/go-build785js/fuzz_mentions_harness.cjs 940634/b292/vet.cfg git rev-�� --show-toplevel /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet /usr/bin/git -unreachable=falnode /tmp/go-build785js/fuzz_sanitize_label_harness.cjs /opt/hostedtoolcache/go/1.25.8/x--show-toplevel git (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq .object.sha --show-toplevel git /usr/bin/git --show-toplevel git ache/node/24.14.1/x64/bin/node git rev-�� --show-toplevel git /usr/bin/git --show-toplevel git ache/node/24.14.-bool git (http block)
https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.2.3
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.2.3 --jq .object.sha --show-toplevel git /usr/bin/git --show-toplevel git /opt/hostedtoolcache/node/24.14.1/x64/bin/node git rev-�� --show-toplevel node /usr/bin/git 1/x64/bin/node git /opt/hostedtoolc/tmp/TestGuardPolicyTrustedUsersCompiledOutput3703927540/001 git (http block)
https://api.github.com/repos/github/gh-aw/git/ref/tags/v2.0.0
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq .object.sha --show-toplevel git /usr/bin/git --show-toplevel git /opt/hostedtoolc--pack_header=2,3 git rev-�� --show-toplevel node /usr/bin/git 1/x64/bin/node git /opt/hostedtoolc/tmp/TestGuardPolicyTrustedUsersExpressionCompiledOutput57721717/001 git (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq .object.sha --show-toplevel git re-branch --show-toplevel git /opt/hostedtoolc--symref git rev-�� --show-toplevel node /usr/bin/git 1/x64/bin/node git /opt/hostedtoolc/tmp/TestGuardPolicyTrustedUsersRequiresMinIntegrity757887861/001 git (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq .object.sha --show-toplevel node /usr/bin/git x_amd64/compile git /opt/hostedtoolc-stringintconv git rev-�� -aw/git/ref/tags/v0.47.4 node /usr/bin/git 1/x64/bin/node git /opt/hostedtoolc/tmp/TestGuardPolicyTrustedUsersRequiresMinIntegrity757887861/001 git (http block)
https://api.github.com/repos/github/gh-aw/git/ref/tags/v3.0.0
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v3.0.0 --jq .object.sha --show-toplevel git /usr/bin/git --show-toplevel git /opt/hostedtoolcfor-each-ref git rev-�� --show-toplevel node /usr/bin/git 1/x64/bin/node git /opt/hostedtoolc/tmp/TestGuardPolicyTrustedUsersExpressionCompiledOutput57721717/001 git (http block)
https://api.github.com/repos/githubnext/agentics/git/ref/tags/-
- Triggering command: /usr/bin/gh gh api /repos/githubnext/agentics/git/ref/tags/- --jq .object.sha --show-toplevel go $name) { hasDiscussionsEnabled } } -json GO111MODULE /opt/hostedtoolcgraphql /opt/hostedtoolc-f inst�� --package-lock-o-f go /usr/bin/git -json GO111MODULE /opt/hostedtoolc/home/REDACTED/work/gh-aw/gh-aw/.github/workflows git (http block)
- Triggering command: /usr/bin/gh gh api /repos/githubnext/agentics/git/ref/tags/- --jq .object.sha --show-toplevel go $name) { hasDiscussionsEnabled } } -json GO111MODULE tnet/tools/bash git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE /opt/hostedtoolc/home/REDACTED/work/gh-aw/gh-aw/.github/workflows git (http block)
https://api.github.com/repos/nonexistent/action/git/ref/tags/v999.999.999
- Triggering command: /usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq .object.sha --noprofile (http block)
- Triggering command: /usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq .object.sha --show-toplevel /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet /usr/bin/git -unreachable=falnode /tmp/go-build785js/fuzz_mentions_harness.cjs sh git rev-�� --show-toplevel /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet /usr/bin/git -unreachable=falnode /tmp/go-build785js/fuzz_sanitize_label_harness.cjs /opt/hostedtoolcache/go/1.25.8/x--show-toplevel git (http block)
- Triggering command: /usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq .object.sha --show-toplevel git /usr/bin/git --show-toplevel git ache/node/24.14.1/x64/bin/node git rev-�� --show-toplevel git /usr/bin/git --show-toplevel git /usr/bin/git git (http block)
https://api.github.com/repos/nonexistent/repo/actions/runs/12345
- Triggering command: /usr/bin/gh gh run view 12345 --repo nonexistent/repo --json status,conclusion --show-toplevel git /usr/bin/git git arne�� --show-toplevel git 1/x64/bin/node --show-toplevel git /usr/bin/git git (http block)
https://api.github.com/repos/owner/repo/actions/workflows
- Triggering command: /usr/bin/gh gh workflow list --json name,state,path --repo owner/repo /usr/bin/git --show-toplevel git /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git --show-toplevel git /opt/hostedtoolc-bool git (http block)
- Triggering command: /usr/bin/gh gh workflow list --json name,state,path --repo owner/repo -importcfg /tmp/go-build2730227982/b123/importcfg -embedcfg /tmp/go-build2730227982/b123/embedcfg -pack rev-�� --show-toplevel git (http block)
https://api.github.com/repos/owner/repo/contents/file.md
- Triggering command: /tmp/go-build2730227982/b001/cli.test /tmp/go-build2730227982/b001/cli.test -test.testlogfile=/tmp/go-build2730227982/b001/testlog.txt -test.paniconexit0 -test.timeout=5m0s rev-�� --show-toplevel 64/pkg/tool/linux_amd64/link /usr/bin/git kflow.test git ortcfg.link git rev-�� --show-toplevel UJqe6Dwejt3u5X3Of7/42O6flhgnS_8p-vNc64s/XHcfprTK--jq /usr/bin/git --show-toplevel git g_.a git (http block)
https://api.github.com/repos/test-owner/test-repo/actions/secrets
- Triggering command: /usr/bin/gh gh api /repos/test-owner/test-repo/actions/secrets --jq .secrets[].name --show-toplevel git /usr/bin/git --show-toplevel git ache/node/24.14.1/x64/bin/node git rev-�� --show-toplevel git /usr/bin/gh --show-toplevel git /opt/hostedtoolc-timeout=300s gh (http block)

If you need me to access, download, or install something from one of these locations, you can either:

Configure Actions setup steps to set up my environment, which run before the firewall is enabled
Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

pelikhan · 2026-04-07T15:17:08Z

@copilot merge container info in actions-lock.JSON. Update JSON format.

…rs-lock.json Agent-Logs-Url: https://github.com/github/gh-aw/sessions/47f16cdd-dc8f-4657-8a12-bbc75162a901 Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

Agent-Logs-Url: https://github.com/github/gh-aw/sessions/47f16cdd-dc8f-4657-8a12-bbc75162a901 Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

Copilot · 2026-04-07T15:37:40Z

@copilot merge container info in actions-lock.JSON. Update JSON format.

Done in commit 112932c.

Container digests are now stored in the "containers" section of .github/aw/actions-lock.json alongside the existing "entries" (action SHAs):

{
  "entries": {
    "actions/checkout@v4.2.2": { "repo": "...", "sha": "..." },
    ...
  },
  "containers": {
    "ghcr.io/github/github-mcp-server:v0.32.0": {
      "image": "ghcr.io/github/github-mcp-server",
      "version": "v0.32.0",
      "digest": "sha256:2763823c...",
      "source": "ghcr.io"
    },
    ...
  }
}

containers-lock.json is deleted. ContainerCache is now a thin wrapper over ActionCache, sharing the same file and load/save lifecycle. getSharedContainerCache() reuses the compiler's existing action cache (no second disk read).

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

https://api.github.com/graphql
- Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw (http block)
- Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
- Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw git modules/@npmcli/--show-toplevel git rev-�� --show-toplevel git /usr/bin/git js/**/*.json' --git git ache/node/24.14.--show-toplevel git (http block)
https://api.github.com/repos/actions/ai-inference/git/ref/tags/v1
- Triggering command: /usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq .object.sha -unreachable=false /tmp/go-build1635577381/b063/vet.cfg 5577381/b351/vet.cfg ithub/workflows (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq .object.sha -json GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE /home/REDACTED/.cargo/bin/bash GOINSECURE GOMOD GOMODCACHE bash (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq .object.sha MsQW/hh1XjvjAggz9dEKyMsQW git /home/REDACTED/work/gh-aw/gh-aw/node_modules/.bin/sh --show-toplevel go /usr/bin/git 650699/b071/importcfg -c 650699/b071/embedcfg git /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/compile rs.go go /usr/bin/git /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/compile (http block)
https://api.github.com/repos/actions/checkout/git/ref/tags/v3
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq .object.sha te 'scripts/**/*.js' --ignore-path .prettierigno-errorsas .cfg 64/pkg/tool/linux_amd64/vet (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq .object.sha -json GO111MODULE ache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env " GO111MODULE ache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq .object.sha ormat:pkg-json --silent >/dev/null 2>&1 git /home/REDACTED/.cargo/bin/git --show-toplevel go /usr/bin/git git add 9e846fe9da0649c0561a95e7:pkg/workflow/mcp_config_test.go -v es/.bin/node --show-toplevel go /usr/bin/git git (http block)
https://api.github.com/repos/actions/checkout/git/ref/tags/v5
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha --noprofile /flatted/flatted.go me: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha -bool -buildtags /usr/bin/git -errorsas -ifaceassert -nilfunc git rev-�� --show-toplevel -tests /usr/bin/git --noprofile (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha --show-toplevel x_amd64/vet /usr/bin/git */*.ts' '**/*.jsgit -f x_amd64/vet git rev-�� --show-toplevel x_amd64/vet /usr/bin/git -t security 64/pkg/tool/linu--show-toplevel git (http block)
https://api.github.com/repos/actions/checkout/git/ref/tags/v6
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha prettier --write 5577381/b174/vet.cfg !../../../pkg/wogit --ignore-path ../../../.pretti--show-toplevel /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet -uns�� -unreachable=false /tmp/go-build1635577381/b058/vet.cfg 5577381/b282/vet.cfg ignore-path ../.git (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha "prettier" --write '../../../**/*.json' '!../../../pkg/workflow/js/**/*.json' --ignore-path ../.git git /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet rror commit.gpgsign /home/REDACTED/.co--show-toplevel /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet -uns�� -unreachable=false /tmp/go-build1635577381/b164/vet.cfg 5577381/b317/vet.cfg ithub/workflows (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha --show-toplevel x_amd64/vet /usr/bin/git /home/REDACTED/worgit config x_amd64/vet git rev-�� --show-toplevel x_amd64/vet /usr/bin/git */*.ts' '**/*.jsgit config x_amd64/vet git (http block)
https://api.github.com/repos/actions/github-script/git/ref/tags/v8
- Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha npx prettier --write '../../../**/*.json' '!../../../pkg/workflow/js/**/*.json' --ignore-path 64/pkg/tool/linux_amd64/link 5577381/b158/vet.cfg =error 2>&1 gpg.program ortcfg.link /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet -uns�� -unreachable=false /tmp/go-build1635577381/b031/vet.cfg 5577381/b296/vet.cfg ignore-path ../.git (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha "prettier" --write '../../../**/*.json' '!../../../pkg/workflow/js/**/*.json' --ignore-path ../.git git /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet rror commit.gpgsign ache/go/1.25.8/x--show-toplevel /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet -uns�� -unreachable=false /tmp/go-build1635577381/b090/vet.cfg 5577381/b308/vet.cfg ithub/workflows (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha "prettier" --write '../../../**/*.json' '!../../../pkg/workflow/js/**/*.json' --ignore-path ../.git git 5577381/b160/vet.cfg rror commit.gpgsign sh /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet -ato�� -bool -buildtags 5577381/b324/vet.cfg -errorsas -ifaceassert -nilfunc /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet (http block)
https://api.github.com/repos/actions/setup-go/git/ref/tags/v4
- Triggering command: /usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq .object.sha prettier --write /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet !../../../pkg/wogit --ignore-path ../../../.pretti--show-toplevel /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet -uns�� -unreachable=false /tmp/go-build1635577381/b085/vet.cfg 5577381/b309/vet.cfg --noprofile :latest ash /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq .object.sha -json GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq .object.sha e5da7919c1f0137a9e846fe9da0649c0561a95e7:pkg/workflow/mcp_config_playwright_renderer.go on rkflow/js/**/*.json /../../.prettiergit erignore /usr/bin/git sh -c npx prettier --write '**/*.cjs' '**/*.ts' '**/*.json' --ignore-path ../../../.pr**/*.json git /home/REDACTED/.local/bin/sh --show-toplevel tainers-lock.jsorev-parse /usr/bin/git sh (http block)
https://api.github.com/repos/actions/setup-node/git/ref/tags/v4
- Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq .object.sha prettier --write /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet !../../../pkg/wogit --ignore-path ../../../.pretti--show-toplevel /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet -uns�� -unreachable=false /tmp/go-build1635577381/b128/vet.cfg 5577381/b305/vet.cfg content = f.reagit (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq .object.sha -json GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq .object.sha on rkflow/js/**/*.json /home/REDACTED/work/gh-aw/gh-aw/actions/setup/js/node_modules/.bin/sh erignore (http block)
https://api.github.com/repos/actions/upload-artifact/git/ref/tags/v4
- Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v4 --jq .object.sha graphql .cfg 64/pkg/tool/linux_amd64/vet nore owner=github -f 64/pkg/tool/linux_amd64/vet -C te '**/*.cjs' '**/*.ts' '**/*.json' --ignore-path ../../../.prettierignore .cfg 64/pkg/tool/linux_amd64/vet (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v4 --jq .object.sha -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v4 --jq .object.sha 64/bin/go 7-code-review.json ode --show-toplevel go ode-review.json node tion�� 9e846fe9da0649c0561a95e7:pkg/cli/update_containers.go git de_modules/.bin/sh -code-review.jsogit go YoHEUdB7Orq-.jso--show-toplevel node (http block)
https://api.github.com/repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b
- Triggering command: /usr/bin/gh gh api /repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b --jq .object.sha it} (http block)
https://api.github.com/repos/github/gh-aw
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw --jq .visibility ACCEPT (http block)
https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v0.1.2
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v0.1.2 --jq .object.sha prettier --write /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet !../../../pkg/wogit --ignore-path ../../../.pretti--show-toplevel /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet -uns�� -unreachable=false /tmp/go-build1635577381/b027/vet.cfg (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v0.1.2 --jq .object.sha -json GO111MODULE /opt/hostedtoolcache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v0.1.2 --jq .object.sha te '../../../**/*.json' '!../../../pkg/workflow/js/**/*.json' --ignore-path ../../../.prettieriggit git /opt/hostedtoolcache/go/1.25.8/x64/bin/gofmt --show-toplevel go /usr/bin/git /opt/hostedtoolcache/go/1.25.8/x64/bin/gofmt -l -w actions/setup/js/node_modules/flatted/golang/pkg/flatted/flatted.go (http block)
https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.0.0
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.0.0 --jq .object.sha /home/REDACTED/work/gh-aw/gh-aw/.github/workflows .cfg 64/pkg/tool/linux_amd64/vet nore (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.0.0 --jq .object.sha -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.0.0 --jq .object.sha 64/bin/go gh it /repos/actions/ugit --jq /usr/bin/git node tion�� 9e846fe9da0649c0561a95e7:pkg/cli/upgrade_command.go git n-dir/sh --show-toplevel go /usr/bin/git git (http block)
https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.2.3
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.2.3 --jq .object.sha 2801305/b001/_pkg_.a .cfg 64/pkg/tool/linux_amd64/vet nore (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.2.3 --jq .object.sha -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.2.3 --jq .object.sha 64/bin/go git 86_64/node --show-toplevel go /usr/bin/git node tion�� 9e846fe9da0649c0561a95e7:pkg/cli/upgrade_command.go git it --show-toplevel go /usr/bin/git git (http block)
https://api.github.com/repos/github/gh-aw/git/ref/tags/v0.47.4
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v0.47.4 --jq .object.sha --show-toplevel -tests /usr/bin/git js/**/*.json' --git (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v0.47.4 --jq .object.sha --show-toplevel GOPROXY /usr/bin/git GOSUMDB GOWORK 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v0.47.4 --jq .object.sha --show-toplevel git /usr/bin/git _test.go gh ols/linux64/java--show-toplevel git rev-�� --show-toplevel ols/linux64/java**/*.cjs /usr/bin/git ath ../../../.pr/bin/sh git 1/x64/bin/node git (http block)
https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.0.0
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq .object.sha js/**/*.json' --ignore-path ../../../.prettierignore (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq .object.sha GOSUMDB GOWORK 64/bin/go GOINSECURE GOMOD GOMODCACHE go env heck '**/*.cjs' GOINSECURE GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq .object.sha _playwright_renderer.go git 1/x64/bin/node --show-toplevel GOPROXY /usr/bin/git git rev-�� ath ../../../.pr**/*.json git 1/x64/bin/node --show-toplevel aw/sessions/47f1-c /usr/bin/git git (http block)
https://api.github.com/repos/githubnext/agentics/git/ref/tags/-
- Triggering command: /usr/bin/gh gh api /repos/githubnext/agentics/git/ref/tags/- --jq .object.sha (http block)
https://api.github.com/repos/nonexistent/action/git/ref/tags/v999.999.999
- Triggering command: /usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq .object.sha js/**/*.json' --ignore-path ../../../.prettierignore (http block)
- Triggering command: /usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq .object.sha GOSUMDB GOWORK 64/bin/go GOINSECURE GOMOD GOMODCACHE go env heck '**/*.cjs' GOINSECURE GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
- Triggering command: /usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq .object.sha _playwright_renderer.go git 1/x64/bin/node --show-toplevel GOPROXY /usr/bin/git git rev-�� ath ../../../.pr**/*.json git 1/x64/bin/node --show-toplevel aw/sessions/47f1-c /usr/bin/git git (http block)

If you need me to access, download, or install something from one of these locations, you can either:

Configure Actions setup steps to set up my environment, which run before the firewall is enabled
Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

Copilot

Pull request overview

This PR hardens the MCP workflow supply chain by replacing floating container tags with pinned version tags and optionally appending immutable @sha256: digests sourced from a unified lock file (.github/aw/actions-lock.json).

Changes:

Introduces container-digest caching alongside action pins in actions-lock.json, with compiler plumbing to append @sha256: when available.
Pins previously floating base image tags (Node/Python/Alpine) to specific versions and adds a dedicated Playwright MCP Docker version constant.
Recompiles workflow lock outputs so default image references include digest pins.

Show a summary per file

File	Description
pkg/workflow/threat_detection.go	Threads shared container cache into image collection for AWF threat-detection steps.
pkg/workflow/testdata/TestWasmGolden_CompileFixtures/with-imports.golden	Updates golden output to include digest-pinned image refs.
pkg/workflow/testdata/TestWasmGolden_CompileFixtures/basic-copilot.golden	Updates golden output to include digest-pinned image refs.
pkg/workflow/non_github_mcp_guard_policy_test.go	Updates helper signatures to pass optional container cache.
pkg/workflow/mcp_setup_generator.go	Builds MCP gateway image refs via digest-aware helper.
pkg/workflow/mcp_setup_generator_test.go	Adjusts expectations to use digest-aware helper (cache nil in tests).
pkg/workflow/mcp_rendering.go	Passes container cache into renderer options.
pkg/workflow/mcp_renderer_types.go	Adds `ContainerCache` to renderer option structs.
pkg/workflow/mcp_renderer_github.go	Uses digest-aware image ref builder for GitHub MCP server refs.
pkg/workflow/mcp_renderer_builtin.go	Uses digest-aware refs for Playwright and Alpine images in TOML rendering.
pkg/workflow/mcp_config_test.go	Makes assertions tolerant of optional `@sha256:` suffixes.
pkg/workflow/mcp_config_refactor_test.go	Updates expected Alpine image constant and helper signature.
pkg/workflow/mcp_config_playwright_renderer.go	Pins Playwright MCP docker image by version and optional digest.
pkg/workflow/mcp_config_copilot_test.go	Updates expected default Node image constant (pinned tag).
pkg/workflow/mcp_config_compilation_test.go	Updates expected Alpine image constant and digest-tolerant assertions.
pkg/workflow/mcp_config_builtin.go	Uses digest-aware Alpine ref in Agentic Workflows MCP JSON rendering.
pkg/workflow/docker_predownload_test.go	Updates expected default node image ref to pinned constant.
pkg/workflow/docker_api_proxy_test.go	Updates `collectDockerImages` call signature.
pkg/workflow/data/action_pins.json	Adds `containers` section data alongside action pin entries.
pkg/workflow/copilot_github_mcp_test.go	Updates expected GitHub MCP image ref generation.
pkg/workflow/copilot_engine_test.go	Updates expected GitHub MCP image ref generation.
pkg/workflow/container_cache.go	Adds `ContainerCache` wrapper over `ActionCache` for digest lookup/set.
pkg/workflow/compiler_types.go	Adds shared container cache to compiler and attaches it to `WorkflowData`.
pkg/workflow/compiler_string_api.go	Injects container cache into `WorkflowData` for string parsing pathway.
pkg/workflow/compiler_orchestrator_workflow.go	Injects container cache into `WorkflowData` for file parsing pathway.
pkg/workflow/codex_mcp.go	Passes container cache into MCP renderer options for Codex engine.
pkg/workflow/codex_engine_test.go	Updates expected GitHub MCP image ref generation.
pkg/workflow/action_cache.go	Extends lock file model to include `containers` and writes sorted containers section.
pkg/constants/version_constants.go	Adds `DefaultPlaywrightMCPDockerVersion`.
pkg/constants/constants.go	Replaces floating tags with pinned version tags for Node/Python/Alpine defaults.
pkg/cli/upgrade_command.go	Runs `UpdateContainers()` during upgrade to refresh container digests.
pkg/cli/update_command.go	Runs `UpdateContainers()` during update to refresh container digests.
pkg/cli/update_containers.go	Adds OCI-registry digest resolution and writes results to `actions-lock.json`.
.github/workflows/typist.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/tidy.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/test-workflow.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/test-dispatcher.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/test-create-pr-error-handling.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/step-name-alignment.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/static-analysis-report.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/sergo.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/schema-feature-coverage.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/schema-consistency-checker.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/safe-output-health.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/repo-tree-map.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/release.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/metrics-collector.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/lockfile-stats.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/instructions-janitor.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/hourly-ci-cleaner.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/go-fan.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/github-remote-mcp-auth-test.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/github-mcp-tools-report.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/github-mcp-structural-analysis.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/firewall.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/example-permissions-warning.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/dev.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/delight.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/deep-report.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/daily-malicious-code-scan.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/craft.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/copilot-session-insights.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/copilot-agent-analysis.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/commit-changes-analyzer.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/codex-github-remote-mcp-test.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/cli-version-checker.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/claude-code-user-docs-review.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/ci-doctor.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/changeset.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/bot-detection.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/artifacts-summary.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/ai-moderator.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/workflows/ace-editor.lock.yml	Recompiled workflow output with digest-pinned image refs.
.github/aw/actions-lock.json	Adds `containers` section with digest pins for default images.

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Files reviewed: 184/217 changed files
Comments generated: 2

Copilot · 2026-04-07T16:18:16Z

pkg/workflow/action_cache.go

 // ActionCache manages cached action pin resolutions.
 type ActionCache struct {
-	Entries map[string]ActionCacheEntry `json:"entries"` // key: "repo@version"
-	path    string
-	dirty   bool // tracks if cache has unsaved changes
+	Entries    map[string]ActionCacheEntry    `json:"entries"`              // key: "repo@version"
+	Containers map[string]ContainerCacheEntry `json:"containers,omitempty"` // key: "image:version"
+	path       string
+	dirty      bool // tracks if cache has unsaved changes
 }


Now that ActionCache also persists container digests, Save() can’t treat the cache as “empty” based only on Entries. As written, if Entries is empty but Containers is non-empty (e.g., UpdateContainers in a repo with no existing actions-lock.json entries), Save() will delete/avoid writing the lock file and container digests will be lost. Update Save() to consider both maps (and adjust related logging) so containers-only caches are persisted.

Copilot · 2026-04-07T16:18:16Z

pkg/cli/update_containers.go

+// fetchRegistryToken retrieves a Bearer token from a Docker-compatible token endpoint.
+// If tokenOverride is non-empty, it is used as the Basic auth credential (for GHCR PAT).
+func fetchRegistryToken(authURL, tokenOverride string) (string, error) {
+	req, err := http.NewRequest(http.MethodGet, authURL, nil)
+	if err != nil {
+		return "", err
+	}
+	if tokenOverride != "" {
+		req.Header.Set("Authorization", "Bearer "+tokenOverride)
+	}


The comment says tokenOverride is used as a “Basic auth credential”, but the implementation sets an Authorization: Bearer ... header. Please update the comment to match the actual auth behavior (or adjust the code if Basic auth was intended).

pelikhan · 2026-04-07T16:30:26Z

@copilot merge main, recompile, review comments

…-image-digest-pinning # Conflicts: # pkg/workflow/compiler_types.go Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

Copilot · 2026-04-07T16:47:27Z

@copilot merge main, recompile, review comments

Done in commit b0cbb59:

Merged main (resolved conflict in compiler_types.go — kept both containerCache from this PR and safeUpdate/priorManifests from main)
Recompiled all 182 lock files
Fixed ActionCache.Save() empty check to consider both Entries AND Containers (previously a containers-only cache would be silently discarded)
Fixed fetchRegistryToken comment from "Basic auth credential" to "******" to match the actual Authorization: Bearer implementation

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

https://api.github.com/graphql
- Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw (http block)
- Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw GO111MODULE x_amd64/vet git rev-�� --show-toplevel x_amd64/vet /usr/bin/git -json GO111MODULE 64/pkg/tool/linu--show-toplevel git (http block)
- Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw git /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git --show-toplevel git 1/x64/bin/node git (http block)
https://api.github.com/repos/actions/ai-inference/git/ref/tags/v1
- Triggering command: /usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq .object.sha --show-toplevel -tests /usr/bin/git -json GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq .object.sha --show-toplevel git /usr/bin/git --show-toplevel /opt/hostedtoolcrev-parse /opt/hostedtoolc--show-toplevel git rev-�� --show-toplevel node /usr/bin/git install --package-lock-orev-parse /usr/bin/git git (http block)
https://api.github.com/repos/actions/checkout/git/ref/tags/v3
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq .object.sha -json GO111MODULE ache/go/1.25.8/x64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE ache/go/1.25.8/x64/pkg/tool/linux_amd64/vet (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq .object.sha --show-toplevel git ache/node/24.14.1/x64/bin/node --show-toplevel 64/pkg/tool/linurev-parse /usr/bin/git git _cod�� --show-toplevel git ache/node/24.14.1/x64/bin/node --show-toplevel 64/pkg/tool/linurev-parse /usr/bin/git git (http block)
https://api.github.com/repos/actions/checkout/git/ref/tags/v5
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha -json GO111MODULE _modules/.bin/no-nilfunc GOINSECURE GOMOD GOMODCACHE go ode_�� -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/git th .prettierignogit GO111MODULE x_amd64/vet git (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha --show-toplevel 64/pkg/tool/linux_amd64/vet /usr/bin/git -json GO111MODULE ache/go/1.25.8/x--show-toplevel git rev-�� --show-toplevel ache/go/1.25.8/x64/pkg/tool/linux_amd64/vet /usr/bin/git se 7542989/b046/vetrev-parse .cfg git (http block)
https://api.github.com/repos/actions/checkout/git/ref/tags/v6
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha -unreachable=false /tmp/go-build3977542989/b190/vet.cfg /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet -json GO111MODULE 64/bin/go /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet -ato�� -bool -buildtags /usr/bin/git -errorsas -ifaceassert -nilfunc git (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha -unreachable=false /tmp/go-build3977542989/b197/vet.cfg /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet -json GO111MODULE 64/bin/go /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet -ato�� -bool -buildtags /usr/bin/git -errorsas -ifaceassert -nilfunc git (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha --show-toplevel 64/pkg/tool/linux_amd64/vet /usr/bin/git -json .cfg 64/pkg/tool/linu--show-toplevel git rev-�� --show-toplevel 64/pkg/tool/linux_amd64/vet /usr/bin/git -json GO111MODULE ache/go/1.25.8/x--show-toplevel git (http block)
https://api.github.com/repos/actions/github-script/git/ref/tags/v8
- Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha -bool -buildtags /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet -errorsas -ifaceassert -nilfunc /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet -ato�� -bool -buildtags /usr/bin/git -errorsas -ifaceassert -nilfunc git (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha -unreachable=false /tmp/go-build3977542989/b198/vet.cfg /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet -json GO111MODULE 64/bin/go /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet -ato�� -bool -buildtags /usr/bin/git -errorsas -ifaceassert -nilfunc git (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha -unreachable=false /tmp/go-build3977542989/b204/vet.cfg /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet -json GO111MODULE 64/bin/go /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet -ato�� -bool -buildtags /usr/bin/git -errorsas -ifaceassert -nilfunc git (http block)
https://api.github.com/repos/actions/setup-go/git/ref/tags/v4
- Triggering command: /usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq .object.sha -unreachable=false /tmp/go-build3977542989/b194/vet.cfg /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet -json GO111MODULE 64/bin/go /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet -ato�� -bool -buildtags /usr/bin/git -errorsas -ifaceassert -nilfunc git (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq .object.sha ache/go/1.25.8/x--show-toplevel git /opt/hostedtoolcache/node/24.14.1/x64/bin/node --show-toplevel ache/go/1.25.8/xrev-parse -d node js/f�� /opt/hostedtoolc--show-toplevel git /usr/bin/git --show-toplevel /opt/hostedtoolcrev-parse e/git-upload-pac--show-toplevel git (http block)
https://api.github.com/repos/actions/setup-node/git/ref/tags/v4
- Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq .object.sha -unreachable=false /tmp/go-build3977542989/b195/vet.cfg /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet -json GO111MODULE 64/bin/go /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet -ato�� -bool -buildtags /usr/bin/git -errorsas -ifaceassert -nilfunc git (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq .object.sha ache/go/1.25.8/x--show-toplevel git /opt/hostedtoolcache/node/24.14.1/x64/bin/node --show-toplevel ache/go/1.25.8/xrev-parse /usr/bin/git node js/f�� /opt/hostedtoolc--show-toplevel git /usr/bin/git --show-toplevel /opt/hostedtoolcrev-parse /usr/bin/git git (http block)
https://api.github.com/repos/actions/upload-artifact/git/ref/tags/v4
- Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v4 --jq .object.sha -json .cfg 64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/vet env ck '**/*.cjs' '**/*.ts' '**/*.json' --ignore-pat-errorsas .cfg 64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/vet (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v4 --jq .object.sha --show-toplevel git 1/x64/bin/node --show-toplevel x_amd64/vet /usr/bin/git git js --show-toplevel git 64/pkg/tool/linux_amd64/vet --show-toplevel go /usr/bin/git 64/pkg/tool/linux_amd64/vet (http block)
https://api.github.com/repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b
- Triggering command: /usr/bin/gh gh api /repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b --jq .object.sha (http block)
- Triggering command: /usr/bin/gh gh api /repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b --jq .object.sha --show-toplevel git $name) { hasDiscussionsEnabled } } --show-toplevel git /usr/bin/git git rev-�� --show-toplevel git (http block)
- Triggering command: /usr/bin/gh gh api /repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b --jq .object.sha --show-toplevel git /usr/bin/git --show-toplevel git /usr/bin/git git rev-�� --show-toplevel git ache/node/24.14.1/x64/bin/node --show-toplevel git /usr/bin/git git (http block)
https://api.github.com/repos/github/gh-aw
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw --jq .visibility (http block)
https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v0.1.2
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v0.1.2 --jq .object.sha -unreachable=false /tmp/go-build3977542989/b172/vet.cfg /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet -json GO111MODULE (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v0.1.2 --jq .object.sha ache/go/1.25.8/x--show-toplevel git /opt/hostedtoolcache/node/24.14.1/x64/bin/node --show-toplevel ache/go/1.25.8/xrev-parse /usr/bin/git node js/f�� /opt/hostedtoolc--show-toplevel git /usr/bin/git --show-toplevel /opt/hostedtoolcrev-parse /usr/bin/git git (http block)
https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.0.0
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.0.0 --jq .object.sha -json GO111MODULE 64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/vet k/gh�� -json .cfg .cfg GOINSECURE GOMOD erignore go (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.0.0 --jq .object.sha --show-toplevel git 1/x64/bin/node --show-toplevel x_amd64/vet /usr/bin/git git js --show-toplevel git /usr/bin/git --show-toplevel 64/pkg/tool/linurev-parse /usr/bin/git git (http block)
https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.2.3
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.2.3 --jq .object.sha -json .cfg 64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/vet k/gh�� [ -x /usr/lib/php/sessionclean ] && if [ ! -d -errorsas GOPROXY /opt/hostedtoolcache/go/1.25.8/x64/bin/go GOSUMDB GOWORK erignore go (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.2.3 --jq .object.sha --show-toplevel git 1/x64/bin/node --show-toplevel x_amd64/vet /usr/bin/git git js --show-toplevel git /usr/bin/git --show-toplevel 64/pkg/tool/linurev-parse /usr/bin/git git (http block)
https://api.github.com/repos/github/gh-aw/git/ref/tags/v0.47.4
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v0.47.4 --jq .object.sha --show-toplevel go /usr/bin/git th .prettierignogit GO111MODULE x_amd64/vet git rev-�� --show-toplevel x_amd64/vet /usr/bin/git -json GO111MODULE x_amd64/vet git (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v0.47.4 --jq .object.sha --show-toplevel git /usr/bin/git -m Add new feature /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git --show-toplevel git /usr/bin/git git (http block)
https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.0.0
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq .object.sha re GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq .object.sha --show-toplevel /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet /opt/hostedtoolcache/node/24.14.1/x64/bin/npm -bool -buildtags /opt/hostedtoolcache/go/1.25.8/x--show-toplevel /opt/hostedtoolcache/node/24.14.1/x64/bin/npm inst�� --package-lock-only /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet /usr/bin/git -bool -buildtags /usr/bin/git git (http block)
https://api.github.com/repos/githubnext/agentics/git/ref/tags/-
- Triggering command: /usr/bin/gh gh api /repos/githubnext/agentics/git/ref/tags/- --jq .object.sha (http block)
- Triggering command: /usr/bin/gh gh api /repos/githubnext/agentics/git/ref/tags/- --jq .object.sha xterm-color git ache/node/24.14.1/x64/bin/node uest|push_to_pul/usr/bin/gh git /usr/bin/git git _inc�� --show-toplevel git ache/node/24.14.-f --show-toplevel git /usr/bin/git git (http block)
https://api.github.com/repos/nonexistent/action/git/ref/tags/v999.999.999
- Triggering command: /usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq .object.sha re GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
- Triggering command: /usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq .object.sha --show-toplevel /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet /home/REDACTED/work/_temp/uv-python-dir/node -unreachable=falnode /tmp/go-build397js/fuzz_mentions_harness.cjs /opt/hostedtoolcache/go/1.25.8/x--show-toplevel node /opt�� install --package-lock-only /usr/bin/git -bool -buildtags /usr/bin/git git (http block)

If you need me to access, download, or install something from one of these locations, you can either:

Configure Actions setup steps to set up my environment, which run before the firewall is enabled
Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

github-actions · 2026-04-07T17:10:46Z

💫 TO BE CONTINUED... Smoke Claude failed! Our hero faces unexpected challenges...

github-actions · 2026-04-07T17:10:48Z

📰 BREAKING: Smoke Copilot is now investigating this pull request. Sources say the story is developing...

github-actions · 2026-04-07T17:11:03Z

❌ Tool validation failed! Agent Container Smoke Test detected missing tools: failed

github-actions · 2026-04-07T17:11:12Z

🌑 The shadows whisper... Smoke Codex failed. The oracle requires further meditation...

github-actions · 2026-04-07T17:13:25Z

📰 DEVELOPING STORY: Smoke Copilot reports failed. Our correspondents are investigating the incident...

pelikhan · 2026-04-07T17:17:50Z

@copilot investigate https://github.com/github/gh-aw/actions/runs/24094321454/job/70288892570#step:25:1

…date golden tests Agent-Logs-Url: https://github.com/github/gh-aw/sessions/f4e311a1-a306-4e94-be00-8654fa8966db Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

Copilot · 2026-04-07T17:29:31Z

@copilot investigate https://github.com/github/gh-aw/actions/runs/24094321454/job/70288892570#step:25:1

The failure was in "Start MCP Gateway" (step 25). The MCP Gateway config schema rejects @sha256: digests in the container field — its pattern only allows tag-based references like image:tag.

The code was passing the full digest-pinned ref (e.g. ghcr.io/github/github-mcp-server:v0.32.0@sha256:2763823c...) directly into the "container" field of the gateway JSON/TOML config, which caused the schema validation to fail.

Fixed in commit c43459e: the container field in MCP Gateway configs now uses baseImageRef() to strip the @sha256: part. The full digest-pinned reference is still used in the download_docker_images.sh script for immutable docker pull commands — so the security benefit is preserved (image content is pinned at pull time). Updated golden test files accordingly.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

https://api.github.com/graphql
- Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw (http block)
- Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw ,short (http block)
https://api.github.com/repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b
- Triggering command: /usr/bin/gh gh api /repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b --jq .object.sha (http block)
https://api.github.com/repos/github/gh-aw
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw --jq .visibility (http block)
https://api.github.com/repos/githubnext/agentics/git/ref/tags/-
- Triggering command: /usr/bin/gh gh api /repos/githubnext/agentics/git/ref/tags/- --jq .object.sha (http block)

If you need me to access, download, or install something from one of these locations, you can either:

Configure Actions setup steps to set up my environment, which run before the firewall is enabled
Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

Initial plan

6402537

Copilot AI assigned Copilot and szabta89 Apr 7, 2026

Copilot started work on behalf of szabta89 April 7, 2026 11:27 View session

Copilot AI linked an issue Apr 7, 2026 that may be closed by this pull request

MCP container images pulled without SHA-256 digest pinning; node:lts-alpine uses floating LTS tag #25071

Open

Pin all MCP container images to SHA-256 digests; replace floating tag…

2c3b2ff

…s with version-pinned images Agent-Logs-Url: https://github.com/github/gh-aw/sessions/8c47ab8e-73e3-41ae-88b7-c835ff933755 Co-authored-by: szabta89 <1330202+szabta89@users.noreply.github.com>

Copilot AI changed the title ~~[WIP] Fix containers to use SHA-256 digest pinning~~ Pin all MCP container images to SHA-256 digests; replace floating tags Apr 7, 2026

Copilot AI requested a review from szabta89 April 7, 2026 12:10

Copilot finished work on behalf of szabta89 April 7, 2026 12:10

pelikhan mentioned this pull request Apr 7, 2026

List of containers github/gh-aw-firewall#1751

Open

Copilot started work on behalf of pelikhan April 7, 2026 14:19 View session

This was referenced Apr 7, 2026

Smoke Test: Copilot - 24087078884 #25108

Closed

Smoke Test: Claude - 24087078851 #25109

Closed

Copilot AI and others added 2 commits April 7, 2026 14:59

feat: add containers-lock.json cache for digest pinning; integrate wi…

0a4eb13

…th update/upgrade commands Agent-Logs-Url: https://github.com/github/gh-aw/sessions/b7c65dbf-0da0-4989-a983-3e737df2a9c2 Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

fix: deduplicate images by base ref; prefer digest-pinned version; fi…

e5da791

…x duplicate comment Agent-Logs-Url: https://github.com/github/gh-aw/sessions/b7c65dbf-0da0-4989-a983-3e737df2a9c2 Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

Copilot AI requested a review from pelikhan April 7, 2026 15:09

Copilot finished work on behalf of pelikhan April 7, 2026 15:09

Copilot started work on behalf of pelikhan April 7, 2026 15:17 View session

feat: merge container digests into actions-lock.json; remove containe…

112932c

…rs-lock.json Agent-Logs-Url: https://github.com/github/gh-aw/sessions/47f16cdd-dc8f-4657-8a12-bbc75162a901 Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

github-actions bot mentioned this pull request Apr 7, 2026

Smoke Test: Claude - 24089595196 #25121

Closed

docs: clarify nil guard in ContainerCache.GetDigest

5116f89

Agent-Logs-Url: https://github.com/github/gh-aw/sessions/47f16cdd-dc8f-4657-8a12-bbc75162a901 Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

Copilot finished work on behalf of pelikhan April 7, 2026 15:39

pelikhan marked this pull request as ready for review April 7, 2026 16:11

Copilot AI review requested due to automatic review settings April 7, 2026 16:11

Copilot started reviewing on behalf of pelikhan April 7, 2026 16:12 View session

Copilot AI reviewed Apr 7, 2026

View reviewed changes

github-actions bot mentioned this pull request Apr 7, 2026

Smoke Test: Claude - 24091825535 #25129

Closed

Copilot started work on behalf of pelikhan April 7, 2026 16:30 View session

Merge remote-tracking branch 'origin/main' into copilot/fix-container…

b0cbb59

…-image-digest-pinning # Conflicts: # pkg/workflow/compiler_types.go Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

Copilot finished work on behalf of pelikhan April 7, 2026 16:48

pelikhan added the smoke label Apr 7, 2026

github-actions bot removed the smoke label Apr 7, 2026

Copilot started work on behalf of pelikhan April 7, 2026 17:18 View session

fix: strip @sha256 digest from MCP Gateway config container field; up…

c43459e

…date golden tests Agent-Logs-Url: https://github.com/github/gh-aw/sessions/f4e311a1-a306-4e94-be00-8654fa8966db Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

Copilot finished work on behalf of pelikhan April 7, 2026 17:30

github-actions bot mentioned this pull request Apr 7, 2026

[aw] No-Op Runs #25141

Open

Conversation

Copilot AI commented Apr 7, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Constants

Unified Lock File Format

Image Reference Construction

Digest Refresh via Update/Upgrade Commands

Compiled Output

Uh oh!

pelikhan commented Apr 7, 2026

Uh oh!

Copilot AI commented Apr 7, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

I tried to connect to the following addresses, but was blocked by firewall rules:

Uh oh!

pelikhan commented Apr 7, 2026

Uh oh!

Copilot AI commented Apr 7, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

I tried to connect to the following addresses, but was blocked by firewall rules:

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Copilot's findings

Uh oh!

Copilot AI Apr 7, 2026

Choose a reason for hiding this comment

Uh oh!

Copilot AI Apr 7, 2026

Choose a reason for hiding this comment

Uh oh!

pelikhan commented Apr 7, 2026

Uh oh!

Copilot AI commented Apr 7, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

I tried to connect to the following addresses, but was blocked by firewall rules:

Uh oh!

github-actions bot commented Apr 7, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

github-actions bot commented Apr 7, 2026

Uh oh!

github-actions bot commented Apr 7, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

github-actions bot commented Apr 7, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

github-actions bot commented Apr 7, 2026

Uh oh!

pelikhan commented Apr 7, 2026

Uh oh!

Copilot AI commented Apr 7, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

I tried to connect to the following addresses, but was blocked by firewall rules:

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

Copilot AI commented Apr 7, 2026 •

edited

Loading

Copilot AI commented Apr 7, 2026 •

edited

Loading

Copilot AI commented Apr 7, 2026 •

edited

Loading

Copilot AI commented Apr 7, 2026 •

edited

Loading

github-actions bot commented Apr 7, 2026 •

edited

Loading

github-actions bot commented Apr 7, 2026 •

edited

Loading

github-actions bot commented Apr 7, 2026 •

edited

Loading

Copilot AI commented Apr 7, 2026 •

edited

Loading