This release includes breaking changes for platform teams planning a safe upgrade.
✓ No known CVEs patched in this version
Affected surfaces
Summary
AI summaryFixed installer truncation when run with sudo, ensuring the guard fires immediately.
Full changelog
What's New in v3.9.21
Fixed
sudo guard moved before re-exec block
sudo curl | bash causes curl: (23) Failure writing output — the pipe dies mid-stream and bash only receives a truncated script. The previous sudo guard was placed after the color/function definitions, so it was never reached on a truncated download.
The guard is now the very first executable code after set -euo pipefail — before version, before re-exec, before everything. It now fires on the first few bytes of the script, regardless of truncation.
When triggered, the output is now shorter and more direct:
╔══════════════════════════════════════════════════════════╗
║ ⚠️ Do NOT run this installer with sudo ║
╚══════════════════════════════════════════════════════════╝
Remove 'sudo' from the front of the command.
The installer uses sudo internally only where needed.
Run this instead:
curl -sSL https://raw.githubusercontent.com/dl4rce/flaiwheel/main/scripts/install.sh | bash
Upgrade
curl -sSL https://raw.githubusercontent.com/dl4rce/flaiwheel/main/scripts/install.sh | bash
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About dl4rce/flaiwheel
Self-hosted memory and governance layer for AI coding agents. 28 MCP tools with structured knowledge capture, hybrid search (semantic + BM25 + cross-encoder reranking), behavioral documentation nudges, cold-start codebase analyzer, and git-native storage. Single Docker container, zero cloud dependencies.
Related context
Beta — feedback welcome: [email protected]