Klimkit

v0.1.12 Feature

This release adds 2 notable features for engineering teams evaluating rollout.

Published 9d AI Agents & Assistants

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

agent-workflows agentic-engineering ai-agents automation cli code-server

+8 more

codex codex-cli developer-tools proof-reports pwa python tailscale worktrees

Affected surfaces

auth

Summary

AI summary

Preserve VM-local Codex plugin and connector TOML tables, including Slack, during Klimkit project packaging.

Changes in this release

Type	Severity	Summary	CVE
Feature
Feature	Low	Preserve VM-local Codex plugin and connector TOML tables during pack projection. Preserve VM-local Codex plugin and connector TOML tables during pack projection. Source: llm_adapter@2026-05-26 Confidence: high	—
Feature	Low	Keep pack-owned Codex settings authoritative while validating merged TOML before writing. Keep pack-owned Codex settings authoritative while validating merged TOML before writing. Source: llm_adapter@2026-05-26 Confidence: high	—
Feature	Low	Treat projected Codex config as potentially secret‑bearing by writing `~/.codex/config.toml` with `0600` permissions and updating backups. Treat projected Codex config as potentially secret‑bearing by writing `~/.codex/config.toml` with `0600` permissions and updating backups. Source: llm_adapter@2026-05-26 Confidence: high	—
Feature	Low	Add regression coverage for Slack‑style plugin preservation, nested connector tables, local runtime tables, managed precedence, and file modes. Add regression coverage for Slack‑style plugin preservation, nested connector tables, local runtime tables, managed precedence, and file modes. Source: llm_adapter@2026-05-26 Confidence: high	—
Bugfix	Medium	Live `./kk apply --skip-services` now preserves GitHub and Slack plugin enablement with `~/.codex/config.toml` at `0600`. Live `./kk apply --skip-services` now preserves GitHub and Slack plugin enablement with `~/.codex/config.toml` at `0600`. Source: llm_adapter@2026-05-26 Confidence: high	—

Full changelog

Changes

Preserve VM-local Codex plugin and connector TOML tables, including Slack, when Klimkit projects packs/codex/config.toml during kk apply or autosync.
Keep pack-owned Codex settings authoritative while validating merged TOML before writing.
Treat projected Codex config as potentially secret-bearing by writing ~/.codex/config.toml and update backups with 0600 permissions.
Add regression coverage for Slack-style plugin preservation, nested connector tables, local runtime tables, managed precedence, and file modes.

Verification

uv run python -m unittest tests.test_klimkit_install tests.test_codex_pack_validation tests.test_klimkit_supervisor -q
Full suite previously passed with uv run python -m unittest discover tests -q.
Live ./kk apply --skip-services preserved GitHub and Slack plugin enablement with ~/.codex/config.toml at 0600.

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Klimkit

Get notified when new releases ship.

About Klimkit

All releases →

Related context

Related tools

Earlier breaking changes

v0.2.1 Moves old Switchboard/runtime/plugin machinery to deprecated paths.