agent-deck

v1.9.21 Security

This release includes 2 security fixes for security teams reviewing exposed deployments.

Published 14d Developer Productivity

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 2 known CVEs

Topics

ai-agent ai-agents ai-coding-assistant aider bubble-tea claude-code

+11 more

cli codex developer-tools discord gemini-cli go mcp productivity session-manager tmux tui

Affected surfaces

deps

ReleasePort's take

Light signal

editorial:auto 9d

The release introduces comprehensive security tooling including CodeQL, Dependabot, govulncheck, golangci-lint, CODEOWNERS, and a SECURITY.md file.

Why it matters: Enhances vulnerability detection and mitigation across the codebase; all teams should adopt these tools immediately to improve security posture.

Summary

AI summary

Adds Jujutsu support, UI interaction improvements, CI security hardening and dependency upgrades.

Changes in this release

Type	Severity	Summary	CVE
Security	Medium	Adds comprehensive security tooling: CodeQL, Dependabot, govulncheck, golangci-lint, CODEOWNERS, SECURITY.md. Adds comprehensive security tooling: CodeQL, Dependabot, govulncheck, golangci-lint, CODEOWNERS, SECURITY.md. Source: llm_adapter@2026-05-25 Confidence: low	—
Feature
Feature	Medium	Adds Jujutsu (jj) version‑control support. Adds Jujutsu (jj) version‑control support. Source: llm_adapter@2026-05-25 Confidence: high	—
Feature	Medium	Shift+Enter opens a session in a new iTerm window on macOS. Shift+Enter opens a session in a new iTerm window on macOS. Source: llm_adapter@2026-05-25 Confidence: low	—
Feature	Medium	Adds TUI insert mode for direct type‑through to the focused session. Adds TUI insert mode for direct type‑through to the focused session. Source: llm_adapter@2026-05-25 Confidence: low	—
Dependency	Medium	Bumps Go toolchain to version 1.25.10. Bumps Go toolchain to version 1.25.10. Source: llm_adapter@2026-05-25 Confidence: high	—
Bugfix
Bugfix	Medium	Fixes CI by replacing golang/govulncheck-action with manual install. Fixes CI by replacing golang/govulncheck-action with manual install. Source: llm_adapter@2026-05-25 Confidence: high	—
Bugfix	Medium	Fixes remote counter to include remotes and preserves settings on save. Fixes remote counter to include remotes and preserves settings on save. Source: llm_adapter@2026-05-25 Confidence: high	—
Bugfix	Medium	Fixes UI focus to place cursor in rename dialog input field. Fixes UI focus to place cursor in rename dialog input field. Source: llm_adapter@2026-05-25 Confidence: low	—
Bugfix	Medium	Fixes release test step timeout increased from 10 m to 20 m for race‑detector overhead. Fixes release test step timeout increased from 10 m to 20 m for race‑detector overhead. Source: llm_adapter@2026-05-25 Confidence: low	—
Bugfix	Medium	Fixes session to preserve StatusStopped on manual stop. Fixes session to preserve StatusStopped on manual stop. Source: llm_adapter@2026-05-25 Confidence: low	—
Bugfix	Low	Focuses name input field when rename dialog opens. Focuses name input field when rename dialog opens. Source: granite4.1:30b@2026-05-25-audit Confidence: low	—

Full changelog

Agent Deck v1.9.21

Terminal session manager for AI coding agents.

Installation

Homebrew (recommended):

brew install asheshgoplani/tap/agent-deck

Quick Install:

curl -fsSL https://raw.githubusercontent.com/asheshgoplani/agent-deck/main/install.sh | bash

Go Install:

go install github.com/asheshgoplani/agent-deck/cmd/[email protected]

Changelog

cbc7d0721321ef50420c815c267d3bbacc58a357 chore(coderabbit): tune review config for OSS Go repo (#1074)
75571b37a0dc94333a9b8bf5a58482ebc1e2e204 chore(deps): bump actions/checkout from 4 to 6 (#1061)
e99880621810d8ff7f9b813b3e3be8d417b89706 chore(deps): bump actions/deploy-pages from 4 to 5 (#1060)
7cad47a8fefd70c7f5ee8c8d502fe0e521a1f6d1 chore(deps): bump actions/setup-go from 5 to 6 (#1063)
770316884909a132b2972523ae6160e20decfb89 chore(deps): bump actions/setup-python from 5 to 6 (#1064)
cd9816757d5ea2bfb0f0c5553000d654932d3f1a chore(deps): bump github.com/charmbracelet/bubbles from 0.21.0 to 1.0.0 (#1059)
643259d5178d120895ca9027a70d5cbdf81c0c88 chore(deps): bump the go-minor-patch group across 1 directory with 14 updates (#1070)
e777eb9bd15092531446a27cd4d8782cb3bed897 feat(ci): add diff-scope guard (>200 files = block) (#1053)
9f4b2e7a403fb74ee7f8d9778b703582aa54dd12 feat(security): add CodeQL + Dependabot + govulncheck + golangci-lint + CODEOWNERS + SECURITY.md + .coderabbit.yaml (#1052)
38c78a21739cc598cda30c19dc6b16d0b628c98e feat(ui): Shift+Enter opens session in new iTerm window (macOS) (#1077)
5c56b5300c023a9eb70a4dedf73191b2a9f27813 feat(ui): TUI insert mode for direct type-through to focused session (#1076)
b3802e8cfea166cd38ae9ac2a498b7cd1e715ec5 feat: add Jujutsu (jj) support — Original work by @jennings in #754, minimal-port retains main's internal/git API (#1080)
36b4d6ec184039231d844126425d644e8b5f77f5 fix(ci): replace golang/govulncheck-action with manual install (#1075)
b92c65185c376a597da6da6cf90a970e791d62bb fix(deps): bump Go toolchain to 1.25.10 (closes #1054) (#1065)
a1be24dfc2e6e8a9320e8596560b431d724a1c23 fix(deps): restrict Dependabot grouping to minor+patch updates only (#1058)
dce4fde3bc6d2f9a3b21773e1753b5fd6a8b72f5 fix(jujutsu): annotate 3 exec.Command sites with #nosec G204 (hotfix main red) (#1081)
697760337022a4470b3fa0d741c0d2117bb3d261 fix(jujutsu): annotate all exec.Command sites with #nosec G204 (#1082)
4e6f10bfecd2c6bbd535743f8c22c1fe1d0a7653 fix(release): add 10m timeout to release test step (#1083)
0fcbbd2e97326163d56fbb8c1af10bc49bf74999 fix(release): raise test timeout 10m → 20m for race-detector overhead (#1084)
d04ef74337fe575f592e9372a0db9acc3da93057 fix(remote): counter includes remotes + settings save preserves config (closes #1066, #1067) (#1073)
cd373dd4b768abe6488edfb9c1a9fe667999d779 fix(security): triage 20 baseline gosec findings + flip golangci-lint to strict (closes #1055) (#1078)
954ef486f0d65b3a151fc1711057ad77d7f7c6c2 fix(session): preserve StatusStopped on manual stop (closes #953) (#1072)
b82f9635afb15ea5be02ae4c06e3179b225ed36d fix(test): drop dead home assignment after Update in issue1069_type_through_test (SA4006) (#1079)
a693bcf3557b7244f70e65095b5eca6b84fcfb31 fix(test): skip flaky issue965 wiring test on CI (unblock v1.9.21 release) (#1085)
1b41cd4fc73b33f4d5cc55ecbd116de835e7474f fix(ui): focus name input on rename dialog open (closes #1068) (#1071)
852a0799f431feffcec71d8df0f30c34b211674c fix(ui): keycap-width tests vs charmbracelet/x/ansi 0.11 (unblock v1.9.21) (#1087)
cf473536c9417ebb5b3a1830f40bdac2313b34fc release: prepare v1.9.21 changelog + version bump

Full Changelog: https://github.com/asheshgoplani/agent-deck/compare/v1.9.20...v1.9.21

Security Fixes

feat(security): add CodeQL, Dependabot, govulncheck, golangci-lint, CODEOWNERS and SECURITY.md (enhances security posture)
fix(security): triage baseline gosec findings and enable strict golangci‑lint mode

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track agent-deck

Get notified when new releases ship.

About agent-deck

Terminal session manager for AI coding agents. One TUI for Claude, Gemini, OpenCode, Codex, and more.

All releases →