blank3rs/heso](https:

v0.1.8 Breaking

This release includes 2 breaking changes for platform teams planning a safe upgrade.

Published 6d CLI & Terminal

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Affected surfaces

breaking_upgrade rce_ssrf

ReleasePort's take

Moderate signal

editorial:auto 6d

`run` now checks input platform integrity before replaying and exits with status 1 on a mismatch; `read` disables external `<script>` fetching by default, requiring `--js-fetch` to opt‑in.

Why it matters: Run command failures on integrity mismatches trigger exit 1, halting automated workflows; read’s default JS fetch disablement alters page rendering and data collection unless `--js-fetch` is explicitly used.

Summary

AI summary

run now verifies input integrity before replaying and read defaults to disabling external JS fetches.

Changes in this release

Type	Severity	Summary	CVE
Breaking	High	`read` no longer fetches external `<script src=...>` by default; opt‑in with `--js-fetch`. `read` no longer fetches external `<script src=...>` by default; opt‑in with `--js-fetch`. Source: llm_adapter@2026-05-28 Confidence: high	—
Breaking	High	`run` now verifies input platform integrity before replaying and exits on mismatch (exit 1). `run` now verifies input platform integrity before replaying and exits on mismatch (exit 1). Source: llm_adapter@2026-05-28 Confidence: high	—
Feature
Feature	Medium	`click` on non‑navigating elements now returns post‑click `text`, `tree`, and `content_hash`. `click` on non‑navigating elements now returns post‑click `text`, `tree`, and `content_hash`. Source: llm_adapter@2026-05-28 Confidence: high	—
Feature	Low	`run` gains `--no-verify-input` flag to skip input‑integrity check. `run` gains `--no-verify-input` flag to skip input‑integrity check. Source: llm_adapter@2026-05-28 Confidence: high	—
Feature	Low	`heso` command installed by `pip install heso` is now the native Rust binary instead of a Python wrapper. `heso` command installed by `pip install heso` is now the native Rust binary instead of a Python wrapper. Source: llm_adapter@2026-05-28 Confidence: high	—
Bugfix
Bugfix	Medium	`heso read` now correctly accepts the `--js-fetch` flag. `heso read` now correctly accepts the `--js-fetch` flag. Source: llm_adapter@2026-05-28 Confidence: high	—
Bugfix	Medium	`read` output fields (`tree`, `title`, `description`, `metadata`) are now consistent with post‑JS DOM matching `text`. `read` output fields (`tree`, `title`, `description`, `metadata`) are now consistent with post‑JS DOM matching `text`. Source: llm_adapter@2026-05-28 Confidence: high	—
Bugfix	Medium	`read`'s `cookies` field now includes cookies set by page JavaScript via `document.cookie`. `read`'s `cookies` field now includes cookies set by page JavaScript via `document.cookie`. Source: llm_adapter@2026-05-28 Confidence: high	—

Full changelog

Release Notes

Added

click on a non-navigating element (an in-page handler that mutates
the DOM or calls history.pushState) now returns the post-click
text, tree, and content_hash, so an agent can see what changed.
The <a href> navigation path (which already returned the
destination's fields) is unchanged.
run gains --no-verify-input to skip the input-integrity check
introduced below.

Changed

The heso command installed by pip install heso is now the native
Rust binary itself (shipped via the wheel's *.data/scripts/
directory) instead of a Python console-script that booted the
interpreter before exec'ing the binary. import heso and
python -m heso are unchanged.
read no longer fetches external <script src=...> by default; pass
--js-fetch to opt in (matching read --help and eval-dom). Inline
scripts are unaffected.
run now verifies the input plat's integrity before replaying and
refuses on a plat_hash mismatch (exit 1, {ok: false, error: {code: "plat_integrity_mismatch", ...}}); a missing or malformed plat_hash
exits 2. --no-verify-input restores the prior replay-anything
behavior. This is a contract change — run previously replayed any
input and exited 0. See ADR 0024.

Fixed

heso read now accepts --js-fetch. The flag was advertised in
read --help but rejected by the argument parser.
read output is internally consistent after JavaScript runs: tree,
title, description, and metadata are derived from the post-JS
DOM, matching text and actions. Previously tree reflected the
pre-JS HTML while text reflected the post-JS mutated DOM.
read's cookies field now includes cookies set by page JavaScript
via document.cookie, merged with the network Set-Cookie headers.
batch and serve keep their per-response cookie snapshot.

Install heso-cli 0.1.8

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/blank3rs/heso/releases/download/v0.1.8/heso-cli-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://github.com/blank3rs/heso/releases/download/v0.1.8/heso-cli-installer.ps1 | iex"

Download heso-cli 0.1.8

| File | Platform | Checksum |
|--------|----------|----------|
| heso-cli-aarch64-apple-darwin.tar.gz | Apple Silicon macOS | checksum |
| heso-cli-x86_64-apple-darwin.tar.gz | Intel macOS | checksum |
| heso-cli-x86_64-pc-windows-msvc.zip | x64 Windows | checksum |
| heso-cli-aarch64-unknown-linux-gnu.tar.gz | ARM64 Linux | checksum |
| heso-cli-x86_64-unknown-linux-gnu.tar.gz | x64 Linux | checksum |

Breaking Changes

`run` now performs input integrity verification before replaying; a mismatch causes exit code 1 (or 2 for missing/malformed `plat_hash`). Use `--no-verify-input` to restore previous behavior.
`read` no longer fetches external JavaScript resources by default; opt‑in with `--js-fetch`.

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track blank3rs/heso](https:

Get notified when new releases ship.

About blank3rs/heso](https:

All releases →

Related context

Related tools

Earlier breaking changes

v0.3.0 `heso search` defaults to Mojeek, Brave, Marginalia, Wikipedia (plus SearXNG) instead of DuckDuckGo.
v0.2.0 Removes the plat registry, `publish`, `pull`, and `list` verbs.