Skip to content

Changelog

1.16.1 (2026-07-18)

Bug Fixes

  • deps: pin transitive adm-zip to 0.6.0 for CVE-2026-39244 (#268) (a4db980)

1.16.0 (2026-07-18)

Features

  • orchestrator: add CLOSE_WAIT socket-spin watchdog for #264 signature (#266) (8990ee0)

1.15.0 (2026-07-02)

Features

  • add env-var contract + CI gate for helm-charts sync (#258) (9aefe66)

Bug Fixes

  • patch three HIGH CVEs blocking orchestrator Trivy scan (#254) (0cb6d12)

1.14.0 (2026-06-30)

Bug Fixes

  • agent-sdk: pass settingSources [] so SDK ignores cloned PR .claude/settings.json (#195) (153fef3)
  • check: derive scoped-executor scan set from filesystem (dead guard) (#208) (8b0e8ef)
  • daemon: sweep full workspace triple on startup and crash exit (#239) (56fa714)
  • idempotency: gate side-effecting handlers with Valkey claim to prevent redelivery duplicates (#212) (68dacdb)
  • infrastructure: patch krb5 HIGH CVE-2026-40356 in shared Docker base (#180) (1d1bc3b)
  • mcp: redact Octokit error tool-results and widen GitHub token regex (#238) (675d610)
  • mcp: wrap GitHub-touching MCP servers + state-fetchers in retryWithBackoff (#205) (319beb9)
  • observability: canonicalise child-logger entity id under entityNumber (#178) (808ca46)
  • security: gate LLM scanner redacted_body to deletion-only (#206) (d52cf78)
  • security: set strictMcpConfig to block cloned-PR .mcp.json auto-load (#210) (2c58ec1)
  • testing: run colocated src/*/.test.ts in CI + add drift guard (#204) (5990e0d)

Features

  • agent-sdk: block destructive Bash at runtime via PreToolUse hook (#241) (f3132f2)
  • observability: add 12 structured Pino event families with Zod-strict schemas (#251) (eaad36b)
  • observability: add queue_wait_ms to dispatcher offer/no-daemon logs (#207) (7a5cfb0)
  • observability: add structured retry.* events (#225) (6713cbf)
  • observability: emit failed_stage and failed_stage_delta_ms on pipeline.failed (#244) (4f2483c)
  • observability: emit structured idempotency events on all 4 claimDelivery outcomes (#242) (e1e7f9e)
  • observability: installationId on loggers + config-free MCP retry (#189) (ba09f76), closes #177 #184
  • observability: log + persist SDK token usage on executions (#209) (5407dcd)
  • observability: log octokit rate-limit headers via hook.after (#183) (30e1715)
  • observability: periodic fleet-state gauge snapshot (#186) (7429460)
  • observability: redact crash logs via uncaughtException/unhandledRejection handlers (#181) (d4248f4)
  • observability: structured dispatcher + heartbeat log events (#188) (c615bc4)
  • observability: structured pino logger for stdio MCP servers (#185) (5244e8a)
  • observability: structured pipeline.stage timing events with delta_ms (#182) (4125971)

1.13.0 (2026-05-21)

Bug Fixes

  • deps: update dependency @anthropic-ai/bedrock-sdk to ^0.29.0 (#147) (eb95c64)
  • deps: update dependency @anthropic-ai/claude-agent-sdk to ^0.3.0 (#154) (15add8e)
  • docs: anchor-verify src citations to catch silent line-shift rot (#163) (5a67863)
  • webhook: subscribe issue_comment.edited/.deleted for cache write-through (#131) (c84361d)
  • webhook: write-through target_cache on issues/pull_request events (#130) (#132) (8b79c10)

Features

  • prompt: opt-in cacheable system/user prompt split (#135) (bb80ca7)
  • review-learnings: explicit @bot remember + autonomous capture (#160) (#162) (1c4c53a)
  • review-learnings: persistent per-repo review-policy directives (#161) (ba50972)
  • scheduler: scheduled actions via .github-app.yaml (#159) (142a5bc)
  • workflows: comment-aware structured workflows via LLM discussion digest (#148) (7a6b315)

1.12.2 (2026-05-10)

Bug Fixes

  • mcp: bundle all stdio servers and resolve paths from any bundle (#125) (6e34790)
  • security: close cross-session prompt injection via repo_memory (#124) (001990d)

1.12.1 (2026-05-10)

Bug Fixes

  • bot: restore inline review comments on PRs (#123) (a5d0990)

1.12.0 (2026-05-10)

Bug Fixes

  • security: sanitize attacker-controlled filenames in formatChangedFiles (#110) (bb7b91d)
  • ship: reroute iteration-0 terminal-bad verdicts to chat-thread (#119) (#120) (403ec21)

Features

  • ai: tool-driven LLM with github-state MCP server (#117) (#118) (2a3c1e3)
  • security: harden bot against prompt-injection comment attacks (#121) (564d066)
  • workflows: chat-thread executor + structured-output chokepoint + OAuth gate fix (#113) (698694b)

1.11.1 (2026-05-08)

Bug Fixes

  • tracking-mirror: idempotent setState with marker-based orphan adoption (#109) (#111) (7e44417)

1.11.0 (2026-05-07)

Bug Fixes

  • implement: match PR author by login in PAT mode (#108) (d325639)

Features

  • resolve: gate handler success on post-fix CI state (#107) (eecdedc)

1.10.2 (2026-05-06)

Bug Fixes

  • executor: drop CLAUDE_CODE_SUBPROCESS_ENV_SCRUB to unblock CLI startup (#106) (52ab202)

1.10.1 (2026-05-06)

Bug Fixes

  • executor: capture Claude CLI stderr via SDK callback (#105) (3482443)

1.10.0 (2026-05-05)

Bug Fixes

  • orchestrator: constant-time bearer-token check + rotation slot (#76) (#103) (cae53bd)

Features

  • bot: PAT override + artifact sandbox + secret-exfil hardening (#104) (e0d5894)

1.9.1 (2026-05-04)

Reverts

  • workflow: revert SLSA provenance + SBOM attestations (#99) (9696492)

1.9.0 (2026-05-03)

Bug Fixes

  • checkout: fetch PR base branch so origin/ resolves (closes #74) (#96) (71f83a6)
  • fetcher: paginate GraphQL connections + MAX_FETCHED_* caps (closes #66) (#95) (f728ecd)
  • triage: accept note-only evidence; raise research max-turns to 200 (#97) (3b6036c)
  • workflow: fix release.yml (#98) (cb43d69)

Features

  • workflows: publish SLSA provenance + SBOM attestations on every release tag (closes #58) (#94) (95856bc)

1.8.0 (2026-05-02)

Bug Fixes

  • logger: redact paths and scrub err.* before pino emits (closes #52) (#89) (641f138)
  • security: redact raw error messages from public PR comments (#90) (cc70949)

Features

  • workflows: unify bot reply format and harden research/resolve guards (#91) (7d39fb4)

1.7.0 (2026-05-01)

Bug Fixes

  • idempotency: scope durable check with since=triggerTimestamp (closes #33) (#69) (5f1c1fa)

Features

  • ship: pr shepherding scaffolding + flag-gated trigger surfaces (#75) (928811b)
  • ship: scoped commands (US5) + remove SHIP_USE_TRIGGER_SURFACES_V2 flag (#77) (33132a3)
  • ship: wire ship iteration loop, tickle scheduler, and four scoped executors (#79) (43da9aa)

1.6.1 (2026-04-27)

Bug Fixes

  • triage: raise verdict details cap to 50k sanity bound (#67) (4634ff7)

1.6.0 (2026-04-26)

Bug Fixes

  • pipeline: abort SDK query on timeout and daemon cancel (#62) (94a103a)

Features

  • triage: tighten bug reproduction methodology in agent prompt (#64) (5416bb9)

1.5.0 (2026-04-26)

Features

  • workflows: cascade PR retargeting + bounded review/resolve loop (#63) (3079014)

1.4.0 (2026-04-26)

Features

  • workflows: up-front tracking comments, trigger reactions, parent cascade (#61) (befe07c)

1.3.2 (2026-04-26)

Bug Fixes

  • triage: remove 500-char cap on verdict summary (#60) (ed3c657)

1.3.1 (2026-04-26)

Bug Fixes

  • auth: prevent empty ANTHROPIC_API_KEY from shadowing real OAuth token (#59) (d7001ef)

1.3.0 (2026-04-25)

Bug Fixes

  • review: forward installation token, post inline findings, and stream progress (#57) (7ee4861)
  • workflows: make end-to-end runs survive without mid-run caps or stale state (#55) (35ee605)

Features

  • workflows: add label-dispatched bot workflow foundation (#49) (1b18779)

1.2.2 (2026-04-20)

Bug Fixes

  • orchestrator: await Valkey connect before flipping isReady (#37) (372af9d)

1.2.1 (2026-04-20)

Bug Fixes

  • ci: resolve gitleaks false positives and add dedicated secrets-scan workflow (#36) (a27df4b)

1.2.0 (2026-04-19)

Features

  • split orchestrator/daemon images, default Opus 4.7, fix PEM parsing (#32) (70b4b32)

1.1.1 (2026-04-18)

Bug Fixes

  • deploy: set NODE_ENV=production during build and bundle daemon entrypoint (#31) (87ae7e2)

1.1.0 (2026-04-17)

Bug Fixes

  • orchestrator: use IN ${db(ids)} in repo-knowledge to fix Bun.sql array binding (#26) (d5e1b17)
  • research: update schedule (ac300d5)

Features

  • auth: add CLAUDE_CODE_OAUTH_TOKEN support with ALLOWED_OWNERS allowlist (#10) (445d354)
  • ci: add scheduled research workflow with claude-code-action (#9) (f67c5db)
  • core: extract inline pipeline and add database foundation for dual-mode dispatch (#13) (f05e818)
  • daemon: add persistent repo memory, env var injection, and dev E2E tooling (#14) (585156f)
  • triage-dispatch-modes Slice B — setup + foundational (T001-T013) (#18) (d0533eb)
  • triage-dispatch-modes Slice C — US1 MVP label/keyword routing (T014-T026) (#19) (2b345ee)
  • triage: Slice D — US2 auto-mode probabilistic dispatch (#20) (457eb4e)
  • triage: Slice E (part 1) — isolated-job capacity gate + pending queue + drainer (#21) (7653b0d)
  • triage: slice E part 2 — isolated-job completion watcher (T042/T046–T049) (#22) (c0e86dd)
  • triage: slice F — US4 telemetry aggregates + log contract (T050–T054) (#24) (bb7fa9f)

1.0.0 (2026-02-19)

Bug Fixes

  • deps: upgrade zod to v4, prepar e npm publish, fix CI peer-dep conflict (#3) (84564a8)