chore: touch linpeas module to retrigger PR-tests

This reverts commit 386ef0642a.

.github/workflows/chack-agent-pr-triage.yml

@@ -12,6 +12,8 @@ jobs:
     permissions:
       contents: write
       pull-requests: write
+    env:
+      CHACK_LOGS_HTTP_URL: ${{ secrets.CHACK_LOGS_HTTP_URL }}
     outputs:
       should_run: ${{ steps.gate.outputs.should_run }}
       pr_number: ${{ steps.gate.outputs.pr_number }}
@@ -80,13 +82,25 @@ jobs:
             ${{ steps.gate.outputs.base_ref }} \
             +refs/pull/${{ steps.gate.outputs.pr_number }}/head
 
+      - name: Set up Node.js for Codex
+        if: ${{ steps.gate.outputs.should_run == 'true' }}
+        uses: actions/setup-node@v5
+        with:
+          node-version: "20"
+
+      - name: Install Codex CLI
+        if: ${{ steps.gate.outputs.should_run == 'true' }}
+        run: |
+          npm install -g @openai/codex
+          codex --version
+
       - name: Run Chack Agent
         id: run_chack
         if: ${{ steps.gate.outputs.should_run == 'true' }}
         uses: carlospolop/chack-agent@master
         with:
-          provider: openrouter
-          model_primary: BEST_QUALITY
+          provider: codex
+          model_primary: CHEAP_BUT_QUALITY
           main_action: peass-ng
           sub_action: Chack-Agent PR Triage
           system_prompt: |
@@ -96,6 +110,7 @@ jobs:
             Remember taht you are an autonomouts agent, use the exec tool to run the needed commands to list, read, analyze, modify, test...
           tools_config_json: "{\"exec_enabled\": true}"
           session_config_json: "{\"long_term_memory_enabled\": false}"
+          agent_config_json: "{\"self_critique_enabled\": false, \"require_task_list_init_first\": true}"
           output_schema_file: .github/chack-agent/pr-merge-schema.json
           user_prompt: |
             You are reviewing PR #${{ steps.gate.outputs.pr_number }} for ${{ github.repository }}.
@@ -119,7 +134,7 @@ jobs:
 
             Output JSON only, following the provided schema:
             .github/chack-agent/pr-merge-schema.json
-          openrouter_api_key: ${{ secrets.OPENROUTER_API_KEY }}
+          openai_api_key: ${{ secrets.OPENAI_API_KEY }}
 
       - name: Parse Chack Agent decision
         id: parse
@@ -131,9 +146,18 @@ jobs:
           import json
           import os
 
-          data = json.loads(os.environ.get('CHACK_MESSAGE', '') or '{}')
-          decision = data.get('decision', 'comment')
-          message = data.get('message', '').strip() or 'Chack Agent did not provide details.'
+          raw = (os.environ.get('CHACK_MESSAGE', '') or '').strip()
+          decision = 'comment'
+          message = 'Chack Agent did not provide details.'
+          try:
+            data = json.loads(raw or '{}')
+            if isinstance(data, dict):
+              decision = data.get('decision', 'comment')
+              message = data.get('message', '').strip() or message
+            else:
+              message = raw or message
+          except Exception:
+            message = raw or message
           with open(os.environ['GITHUB_OUTPUT'], 'a') as handle:
             handle.write(f"decision={decision}\n")
             handle.write("message<<EOF\n")

.github/workflows/ci-master-failure-chack-agent-pr.yml

@@ -20,6 +20,7 @@ jobs:
     env:
       TARGET_BRANCH: master
       FIX_BRANCH: chack-agent/ci-master-fix-${{ github.event.workflow_run.id }}
+      CHACK_LOGS_HTTP_URL: ${{ secrets.CHACK_LOGS_HTTP_URL }}
     steps:
       - name: Checkout failing commit
         uses: actions/checkout@v5
@@ -96,12 +97,22 @@ jobs:
             echo "Leave the repo in a state ready to commit; changes will be committed and pushed automatically."
           } > chack_prompt.txt
 
+      - name: Set up Node.js for Codex
+        uses: actions/setup-node@v5
+        with:
+          node-version: "20"
+
+      - name: Install Codex CLI
+        run: |
+          npm install -g @openai/codex
+          codex --version
+
       - name: Run Chack Agent
         id: run_chack
         uses: carlospolop/chack-agent@master
         with:
-          provider: openrouter
-          model_primary: BEST_QUALITY
+          provider: codex
+          model_primary: CHEAP_BUT_QUALITY
           main_action: peass-ng
           sub_action: CI-master Failure Chack-Agent PR
           system_prompt: |
@@ -110,7 +121,8 @@ jobs:
           prompt_file: chack_prompt.txt
           tools_config_json: "{\"exec_enabled\": true}"
           session_config_json: "{\"long_term_memory_enabled\": false}"
-          openrouter_api_key: ${{ secrets.OPENROUTER_API_KEY }}
+          agent_config_json: "{\"self_critique_enabled\": false, \"require_task_list_init_first\": true}"
+          openai_api_key: ${{ secrets.OPENAI_API_KEY }}
 
       - name: Commit and push fix branch if changed
         id: push_fix
@@ -123,9 +135,27 @@ jobs:
 
           rm -f chack_failure_summary.txt chack_prompt.txt chack_failed_steps_logs.txt
           git add -A
+          # Avoid workflow-file pushes with token scopes that cannot write workflows.
+          git reset -- .github/workflows || true
+          git checkout -- .github/workflows || true
+          git clean -fdx -- .github/workflows || true
           git reset -- chack_failure_summary.txt chack_prompt.txt chack_failed_steps_logs.txt
+          if git diff --cached --name-only | grep -q '^.github/workflows/'; then
+            echo "Workflow-file changes are still staged; skipping push without workflows permission."
+            echo "pushed=false" >> "$GITHUB_OUTPUT"
+            exit 0
+          fi
+          if git diff --cached --quiet; then
+            echo "No committable changes left after filtering."
+            echo "pushed=false" >> "$GITHUB_OUTPUT"
+            exit 0
+          fi
           git commit -m "Fix CI-master failures for run #${{ github.event.workflow_run.id }}"
-          git push origin HEAD:"$FIX_BRANCH"
+          if ! git push origin HEAD:"$FIX_BRANCH"; then
+            echo "Push failed (likely token workflow permission limits); skipping PR creation."
+            echo "pushed=false" >> "$GITHUB_OUTPUT"
+            exit 0
+          fi
           echo "pushed=true" >> "$GITHUB_OUTPUT"
 
       - name: Create PR to master

.github/workflows/pr-failure-chack-agent-dispatch.yml

@@ -64,6 +64,8 @@ jobs:
       pull-requests: write
       issues: write
       actions: read
+    env:
+      CHACK_LOGS_HTTP_URL: ${{ secrets.CHACK_LOGS_HTTP_URL }}
     steps:
       - name: Comment on PR with failure info
         uses: actions/github-script@v7
@@ -152,12 +154,22 @@ jobs:
             echo "Leave the repo in a state ready to commit as when you finish, it'll be automatically committed and pushed."
           } > chack_prompt.txt
 
+      - name: Set up Node.js for Codex
+        uses: actions/setup-node@v5
+        with:
+          node-version: "20"
+
+      - name: Install Codex CLI
+        run: |
+          npm install -g @openai/codex
+          codex --version
+
       - name: Run Chack Agent
         id: run_chack
         uses: carlospolop/chack-agent@master
         with:
-          provider: openrouter
-          model_primary: BEST_QUALITY
+          provider: codex
+          model_primary: CHEAP_BUT_QUALITY
           main_action: peass-ng
           sub_action: PR Failure Chack-Agent Dispatch
           system_prompt: |
@@ -167,7 +179,8 @@ jobs:
           prompt_file: chack_prompt.txt
           tools_config_json: "{\"exec_enabled\": true}"
           session_config_json: "{\"long_term_memory_enabled\": false}"
-          openrouter_api_key: ${{ secrets.OPENROUTER_API_KEY }}
+          agent_config_json: "{\"self_critique_enabled\": false, \"require_task_list_init_first\": true}"
+          openai_api_key: ${{ secrets.OPENAI_API_KEY }}
 
       - name: Commit and push if changed
         env:
@@ -180,9 +193,24 @@ jobs:
           fi
           rm -f chack_failure_summary.txt chack_prompt.txt
           git add -A
+          # Avoid workflow-file pushes with token scopes that cannot write workflows.
+          git reset -- .github/workflows || true
+          git checkout -- .github/workflows || true
+          git clean -fdx -- .github/workflows || true
           git reset -- chack_failure_summary.txt chack_prompt.txt
+          if git diff --cached --name-only | grep -q '^.github/workflows/'; then
+            echo "Workflow-file changes are still staged; skipping push without workflows permission."
+            exit 0
+          fi
+          if git diff --cached --quiet; then
+            echo "No committable changes left after filtering."
+            exit 0
+          fi
           git commit -m "Fix CI failures for PR #${PR_NUMBER}"
-          git push origin HEAD:${TARGET_BRANCH}
+          if ! git push origin HEAD:${TARGET_BRANCH}; then
+            echo "Push failed (likely token workflow permission limits); leaving run successful without push."
+            exit 0
+          fi
 
       - name: Comment with Chack Agent result
         if: ${{ steps.run_chack.outputs.final-message != '' }}

linPEAS/builder/linpeas_builder.py

@@ -53,4 +53,3 @@ if __name__ == "__main__":
         exit(1)
     
     main(all_modules, all_no_fat_modules, no_network_scanning, small, include_modules, exclude_modules, output)
-

linPEAS/builder/linpeas_parts/6_users_information/16_Subuid_subgid_mappings.sh

@@ -0,0 +1,36 @@
+# Title: Users Information - subuid/subgid mappings
+# ID: UG_Subuid_subgid_mappings
+# Author: Carlos Polop
+# Last Update: 13-02-2026
+# Description: Show delegated user namespace ID ranges from /etc/subuid and /etc/subgid.
+# License: GNU GPL
+# Version: 1.0
+# Functions Used: print_2title
+# Global Variables: $MACPEAS
+# Initial Functions:
+# Generated Global Variables:
+# Fat linpeas: 0
+# Small linpeas: 1
+
+
+print_2title "User namespace mappings (subuid/subgid)"
+if [ "$MACPEAS" ]; then
+  echo "Not applicable on macOS"
+else
+  if [ -r /etc/subuid ]; then
+    echo "subuid:"
+    grep -v -E '^\s*#|^\s*$' /etc/subuid 2>/dev/null
+  else
+    echo "/etc/subuid not readable or not present"
+  fi
+
+  if [ -r /etc/subgid ]; then
+    echo ""
+    echo "subgid:"
+    grep -v -E '^\s*#|^\s*$' /etc/subgid 2>/dev/null
+  else
+    echo "/etc/subgid not readable or not present"
+  fi
+fi
+echo ""
+

linPEAS/builder/src/linpeasBuilder.py

@@ -46,7 +46,7 @@ class LinpeasBuilder:
 
     def build(self):
         print("[+] Building variables...")
-        variables = self.__generate_variables()
+        variables = self.__generate_variabless()
         self.__replace_mark(PEAS_VARIABLES_MARKUP, variables, "")
         
         if len(re.findall(r"PSTORAGE_[a-zA-Z0-9_]+", self.linpeas_sh)) > 1: #Only add storages if there are storages (PSTORAGE_BACKUPS is always there so it doesn't count)