costajohnt/oss-autopilot

vcore-v1.17.0 scope: core Breaking

This release includes 1 breaking change for platform teams planning a safe upgrade.

Published 1mo AI Agents & Assistants

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

ai-agent anthropic claude-code claude-code-plugin cli contribution-tracker

+6 more

developer-tools github github-automation issue-discovery pr-management typescript

Affected surfaces

auth rbac

Summary

AI summary

CLI check-integration renamed to orphan-files.

Full changelog

1.17.0 (2026-04-22)

Features

cli: add doctor command, rename check-integration → orphan-files (#1039) (#1074) (2b3606b)
dashboard: live demo features — chart entrance + Shift+C celebrate (#940) (#1097) (81f7c16)

Bug Fixes

agents: declare explicit model tier instead of inherit (#1040) (#1075) (07bd37f)
agents: narrow tool allowlists, drop mcp__* wildcard (#1064) (25f26e9)
cli: shelve/unshelve CLI now emits ShelveOutput, not MoveOutput (#1037) (#1072) (b993443)
cli: single source-of-truth config key registry (#1038) (#1073) (b294d01)
close UM1 plugin/agent prose polish findings M1/M4/M5/M6/M10/M14 (#1091) (2d44dbd)
close UM2 hook + CLI PR-flow hygiene findings M17/M20/M21/M23/M24 (#1092) (f120802)
close UM3 infra + core-domain findings M25/M27/M30/M34 (#1093) (fc3e422)
close UM4 dashboard SPA + MCP polish findings M37/M38/M39/M40/M41 (#1094) (076c00f)
commands: remove phantom scoreThreshold/showHealthCheck config refs (#1063) (6cf0aab)
daily: surface non-fatal pipeline failures via DailyOutput.warnings (#1042) (#1077) (498d90a)
dashboard: 404 + focus + skip-link on every route (#1052) (#1088) (482812a)
dashboard: add root error boundary + runtime schema validation (#1050) (#1085) (e650d15)
dashboard: surface partial-fetch failures to the user (#1035) (#1070) (6c0386c)
dashboard: tighten dashboard server auth for #1031 (#1066) (411b793)
hooks: expand guard-public-posts coverage (#1032) (#1067) (a280775)
hooks: gate auto-format-before-push behind opt-in config (#1045) (#1080) (1e3dd20)
hooks: preserve local edits to marketplace clone on auto-refresh (#1061) (c80ed26)
mcp: align README and server.json with reality (#1065) (414cd14)
release-please: server.json path is relative to component root (#1099) (8e3d9f6)
release-please: track server.json version under mcp-server component (#1098) (d240f60)
search,vet-list: defend against scout data-contract drift (#1043) (#1078) (838ce18)
startup: use async token resolver so gh CLI fallback fires (#1041) (#1076) (561f869)
state: Gist checkpoint after mutating PR-flow commands (#1036) (#1071) (b8237cd)
state: optimistic compare-and-swap for state.json writes (#1030) (#1069) (d175a94)
status: parse dates numerically instead of lex-comparing strings (#1044) (#1079) (08f0a2a)

Performance Improvements

dashboard: code-split Chart.js and canvas-confetti off critical path (#1051) (#1086) (9202780)

Breaking Changes

Renamed CLI command: `check-integration` → `orphan-files`

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track costajohnt/oss-autopilot

Get notified when new releases ship.

About costajohnt/oss-autopilot

Open source contribution manager with PR tracking across repos, issue discovery, CI failure diagnosis, and maintainer response drafting. Available as CLI, MCP server, and Claude Code plugin.

All releases →