This release adds 3 notable features for engineering teams evaluating rollout.
✓ No known CVEs patched in this version
Topics
+14 more
Summary
AI summaryAdded per-project guard mode toggle and Anthropic plugins.
Full changelog
1.33.0 (2026-04-30)
Features
- app: Sprint 1B — per-project guard mode toggle on the project list (20c1fd4)
- app: Sprint 2 — onboarding, coach default, version contract, uninstall (39b262f)
- guard: add manual bypass + auto-degradation for unresponsive MCP (4709803)
- guard: Sprint 1A — rich status sentinel + hook v0.8 (modes + stall detection) (c857cab)
- guard: v0.9 — doc-tour hint for .md reads in source dirs + deny ls on source paths (465dd50)
- plugins: add Anthropic (Python + npm) and react-router coverage (104c47a)
- retrieval: output-token efficiency phases 1-5 (3120c6a)
Bug Fixes
- app: open Request links in default browser via shell.openExternal (dad18cf)
- app: show "Restart to install" after npm-install update (ed82585)
- guard: close retry-bypass loophole, add heartbeat fallback (9741210)
Documentation
- landing: tighten hero CTA, add trust line, reword metrics (decdf45)
Chores
- guard: cross-platform hook resolution + Sprint 2 cleanups (937621a)
Upgrade
npm install -g trace-mcp@latest
trace-mcp init
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About nikolai-vysotskyi/trace-mcp
Framework-aware code intelligence that indexes source code into a cross-language dependency graph. Understands framework semantics — routes, ORM relations, component rendering, DI trees — for navigation, impact analysis, call graphs, refactoring, security scanning, and cross-session memory.
Related context
Related tools
Earlier breaking changes
- v1.41.1 Removes desktop app from core repository (phase E).
Beta — feedback welcome: [email protected]