Skip to content

agency-swarm

v1.9.7 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 29d AI Agents & Assistants
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 1 known CVE

Summary

AI summary

Fixed browser-auth history replay for store=false by sanitizing legacy reasoning spans.

Full changelog

Patch release for Agent Swarm TUI / browser-auth history replay.

Changes:

  • Fix stateless OpenAI Responses reasoning replay when browser-auth runs with store=false.
  • Request reasoning.encrypted_content for store=false replay paths.
  • Sanitize legacy unencrypted reasoning spans before replay.
  • Preserve per-run ModelSettings boundaries and avoid leaking resolved agent settings into reusable RunConfig objects.
  • Add focused coverage plus a live OpenAI stateless reasoning replay proof.

Security Fixes

  • Sanitize legacy unencrypted reasoning spans before browser‑auth replay to prevent leakage
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track agency-swarm

Get notified when new releases ship.

Sign up free

About agency-swarm

Reliable Multi-Agent Orchestration Framework

All releases →

Related context

Beta — feedback welcome: [email protected]