[ca] Update CLI versions: Copilot 0.0.388, MCP Gateway v0.0.74

[github-actions]

Version Updates Summary

This issue tracks the CLI version updates applied to pkg/constants/constants.go:

1. GitHub Copilot CLI: 0.0.387 → 0.0.388
2. MCP Gateway: v0.0.71 → v0.0.74

---

Update 1: GitHub Copilot CLI

• Previous Version: 0.0.387
• New Version: 0.0.388
• Release Date: January 2026
• Breaking Changes: None detected
• Impact: Low - single version increment

Package Information

• NPM Package: https://www.npmjs.com/package/@github/copilot
• Repository: https://github.com/github/copilot-cli (private)
• Latest Prerelease: 0.0.389-0

Changes Analysis

Since the GitHub Copilot CLI repository is private, detailed changelog information is not publicly accessible. The version increment from 0.0.387 to 0.0.388 suggests:

• Minor bug fixes or improvements
• No breaking changes (patch-level increment)
• Standard maintenance update

CLI Discovery

Unable to install and test CLI due to GitHub Actions environment permissions. The tool would need to be installed in a development environment to discover new commands or flags via copilot --help and subcommand exploration.

Impact Assessment

• Risk Level: Low
• Affected Features: All Copilot engine workflows
• Migration Required: No
• Testing Required: Yes - full integration test run recommended per warning in constants.go

---

Update 2: MCP Gateway (gh-aw-mcpg)

• Previous Version: v0.0.71
• New Version: v0.0.74
• Timeline: 3 intermediate releases (v0.0.72, v0.0.73, v0.0.74)
• Release Dates:
  • v0.0.72: January 20, 2026 18:14 UTC
  • v0.0.73: January 20, 2026 18:20 UTC
  • v0.0.74: January 20, 2026 21:44 UTC
• Breaking Changes: None
• Impact: Low - maintenance releases with refactoring and bug fixes

Package Information

• Repository: https://github.com/githubnext/gh-aw-mcpg
• Docker Image: ghcr.io/githubnext/gh-aw-mcpg:v0.0.74
• Supported Platforms: linux/amd64, linux/arm64

Release v0.0.72 Highlights

Theme: Code quality and testing improvements

• Refactoring: Consolidated files and eliminated duplicate initialization patterns using Go generics (Refactor: Consolidate files, eliminate duplicate init patterns with generics, standardize validation naming gh-aw-mcpg#382)
• Dependency Upgrade: Updated TOML parser to v1.6.0 with metadata validation and enhanced error reporting (Upgrade toml to v1.6.0 with metadata validation and enhanced error reporting gh-aw-mcpg#383)
• Server Package: Eliminated duplicate code for better maintainability (Refactor: Eliminate duplicate code in server package gh-aw-mcpg#384)
• Testing: Added comprehensive tests for HTTP transport infrastructure ([test] Add comprehensive tests for transport.go (HTTP server infrastructure) gh-aw-mcpg#373)
• Debugging: Added debug logging to internal guard context ([log] Add debug logging to internal/guard/context.go gh-aw-mcpg#379)
• Linting: Resolved all linting errors and improved code consistency (fix: resolve linting and test errors gh-aw-mcpg#386, refactor: use tagged switch for status code comparison (QF1003) gh-aw-mcpg#387)

Release v0.0.73 Highlights

Theme: Same as v0.0.72 (consolidated release)

This release contains the same changes as v0.0.72 with additional packaging:

• SBOM files (sbom.cdx.json, sbom.spdx.json) added to release artifacts
• Improved release notes formatting

Release v0.0.74 Highlights

Theme: Session management fixes and documentation improvements

Bug Fixes

• MCP Session Persistence (fix: MCP session management in gateway tests gh-aw-mcpg#391):

  • Fixed session IDs surviving shell subprocesses
  • Fixed "method is invalid during session initialization" errors in test suites
  • Enhanced Docker API version detection to query daemon capabilities dynamically

• Code Quality (Eliminate duplicate code in authorization parsing and HTTP transport connection gh-aw-mcpg#388):

  • Reduced ~70 lines of duplicate code by centralizing authorization header parsing
  • Refactored HTTP transport connection boilerplate
  • Eliminated authorization logic duplication across routed.go and transport.go

Documentation Updates

• Compatibility Accuracy (Update documentation: Serena MCP server passes all tests including gateway gh-aw-mcpg#394):

  • Updated MCP server compatibility docs to reflect both GitHub MCP and Serena MCP servers passing comprehensive tests
  • Added "Gateway Tests" column to compatibility tables
  • Removed misleading stateless vs stateful architecture discussions

• Feature Documentation (Remove DIFC documentation from user-facing docs gh-aw-mcpg#393):

  • Removed DIFC (Decentralized Information Flow Control) documentation (feature not production-ready)
  • Cleaned up README, AGENTS.md, and CONTRIBUTING.md to focus on stable features

Merged PRs Across All Releases

v0.0.72:

• Refactor: Consolidate files, eliminate duplicate init patterns with generics, standardize validation naming gh-aw-mcpg#382 - Refactor consolidation with generics
• Upgrade toml to v1.6.0 with metadata validation and enhanced error reporting gh-aw-mcpg#383 - TOML v1.6.0 upgrade
• Refactor: Eliminate duplicate code in server package gh-aw-mcpg#384 - Server package refactor
• [test] Add comprehensive tests for transport.go (HTTP server infrastructure) gh-aw-mcpg#373 - Transport tests
• [log] Add debug logging to internal/guard/context.go gh-aw-mcpg#379 - Debug logging
• [test-improver] Improve tests for config/rules package gh-aw-mcpg#381 - Config rules tests
• fix: resolve linting and test errors gh-aw-mcpg#386 - Linting fixes
• refactor: use tagged switch for status code comparison (QF1003) gh-aw-mcpg#387 - Tagged switch refactor

v0.0.74:

• fix: MCP session management in gateway tests gh-aw-mcpg#391 - MCP session management fix
• Eliminate duplicate code in authorization parsing and HTTP transport connection gh-aw-mcpg#388 - Authorization parsing consolidation
• Remove DIFC documentation from user-facing docs gh-aw-mcpg#393 - Remove DIFC docs
• Update documentation: Serena MCP server passes all tests including gateway gh-aw-mcpg#394 - Update compatibility docs

Impact Assessment

• Risk Level: Low
• Affected Features: MCP Gateway workflows using MCP servers
• Migration Required: No - backward compatible updates
• Security: No CVEs mentioned
• Performance: Code refactoring may improve maintainability but no direct performance changes noted

---

Testing Recommendations

Copilot CLI Update

Since the Copilot CLI has a warning in constants.go requiring full integration tests:

1. Run all Copilot engine workflow tests
2. Verify CLI commands still work as expected
3. Check for any behavioral changes in agent execution

MCP Gateway Update

1. Test MCP session persistence across gateway scenarios
2. Verify authorization handling works correctly
3. Test both GitHub MCP Server and Serena MCP Server compatibility
4. Validate Docker image deployment on both linux/amd64 and linux/arm64

---

Next Steps

1. Run make recompile to update all workflow files with new versions
2. Verify generated workflow YAML files reflect version changes
3. Execute integration test suite for both tools
4. Monitor for any runtime issues after deployment

---

Files Modified

• pkg/constants/constants.go (version constants updated)
• Workflow YAML files (to be regenerated via recompile)

AI generated by CLI Version Checker

[github-actions]

🍪 Issue Monster has assigned this to Copilot!

I've identified this issue as a good candidate for automated resolution and assigned it to the Copilot agent.

The Copilot agent will analyze the issue and create a pull request with the fix.

Om nom nom! 🍪

AI generated by Issue Monster