Skip to content

5dive

v0.1.7 Feature

This release adds 3 notable features for engineering teams evaluating rollout.

Published 17d AI Agents & Assistants
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

agents ai automation shell claude-code cli
+4 more
codex gemini self-hosted systemd

Affected surfaces

auth breaking_upgrade

Summary

AI summary

Added a host‑shared sqlite task queue, org chart tooling, and systemd units to restore Hermes permissions.

Full changelog

Added

  • 5dive task — a host-shared, sqlite-backed task queue any agent can use
    without sudo (store at /var/lib/5dive/tasks/tasks.db, in a group-writable
    2770 subdir so writes need no root, unlike the root-only registry).
    Subcommands add/ls/show/assign/start/done/cancel/block/unblock/rm, with
    DIVE-N identifiers, subtasks (--parent), blocks-edges, a priority-ordered
    board view, and --json on every subcommand.
  • 5dive org — agent org chart over the same store: set/tree/show/ls/rm,
    with a reports_to subordination edge, reporting-cycle prevention, and a
    recursive-CTE tree view.
  • install.sh + 5dive doctor now install / verify sqlite3, required by
    the new task + org store.
  • install.sh now installs the 5dive-hermes-perms.{path,service} systemd
    units alongside the agent template. Hermes regresses
    /home/claude/.hermes to 0700 on every auth.json/config.yaml write,
    blocking agent-<name> users (in the claude group) from traversing
    to venv/bin/hermes. The path-unit watches the dir and the oneshot
    chmods it back to 0775. These units used to live only in the
    5dive-managed-cloud installer; moving them into OSS removes the last
    drift point between the customer-VM provisioner and the OSS source.
  • install.sh now also pre-creates /var/lib/5dive/agents.json at mode
    640 root:claude (was lazy-created on first 5dive agent create) and
    sets setgid 2750 on the state dirs so any file the root-only CLI
    writes inherits the claude group, letting agent-<name> users read
    their own per-agent env files.
  • 5dive doctor gained a channels category that verifies
    /etc/claude-code/managed-settings.json carries channelsEnabled: true
    • a telegram@5dive-plugins entry, and reads each agent's latest
      telegram-plugin MCP log to confirm whether claude's channel
      subscription is registered vs skipped. A skipped result is
      flagged as a likely Anthropic Teams org override and points the
      operator at the README setup snippet.
  • 5dive init prints a Teams-org heads-up after the Telegram pairing
    step pointing at sudo 5dive doctor --category=channels and the
    Anthropic Console setup snippet.

Fixed

  • 5dive-agent-start no longer rewrites a codex agent's config.toml on
    every start. The required keys (approval policy, sandbox mode, project
    trust) are now written only when the file is missing, so [mcp_servers.*]
    entries added via codex mcp add survive agent restarts.

See CHANGELOG.md for the full breakdown.

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track 5dive

Get notified when new releases ship.

Sign up free

About 5dive

All releases →

Related context

Beta — feedback welcome: [email protected]