This release includes 1 security fix for security teams reviewing exposed deployments.
Topics
+14 more
Affected surfaces
ReleasePort's take
Light signalRelease v1.7.2 of Ait disables automatic continuation of recoverable attempts across repositories.
Why it matters: The update blocks cross‑repository auto‑continue for recoverable attempts, reducing unintended propagation risk per the security fix (severity 90).
Summary
AI summaryPrevent automatic continuation of recoverable attempts across repositories.
Changes in this release
| Type | Severity | Summary | CVE |
|---|---|---|---|
| Security | Critical |
Prevents cross‑repository auto‑continue of recoverable attempts via global activity fallback. Prevents cross‑repository auto‑continue of recoverable attempts via global activity fallback. Source: llm_adapter@2026-06-01 Confidence: high |
— |
Full changelog
Safety fix: prevent wrapper auto-continue (ait agent-continue) from resuming recoverable attempts from another repository via global recent activity fallback.
Manual ait continue keeps the cross-repo recent fallback; automatic adapter wrapper resume is now strictly scoped to the current resolved repo root.
Security Fixes
- Safety fix: wrapper auto-continue (ait agent-continue) no longer resumes recoverable attempts from another repository via global recent activity fallback; automatic resume now strictly scoped to the current resolved repo root.
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About Ait
All releases →Related context
Related tools
Earlier breaking changes
- v0.55.52 Keep the built-in claude-code reviewer pinned to the local claude -p CLI even when repository policy defines a conflicting command override.
Beta — feedback welcome: [email protected]