ota-run/ota](https:

v1.6.18 Feature

This release adds 3 notable features for engineering teams evaluating rollout.

Published 4d Developer Productivity

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

cli configuration contracts developer-tools infrastructure ota

+5 more

productivity repo-readiness rust validation workspace

Affected surfaces

auth rbac deps

Summary

AI summary

Added explicit readiness timeout flag to ota proof runtime.

Changes in this release

Type	Severity	Summary	CVE
Feature
Feature	Low	Adds `--ready-timeout <DURATION>` to `ota proof runtime` for bounded readiness waits. Adds `--ready-timeout <DURATION>` to `ota proof runtime` for bounded readiness waits. Source: llm_adapter@2026-05-30 Confidence: high	—
Feature	Low	Hardens `ota proof runtime` interruption semantics to emit deterministic `INTERRUPTED` status and JSON classification. Hardens `ota proof runtime` interruption semantics to emit deterministic `INTERRUPTED` status and JSON classification. Source: llm_adapter@2026-05-30 Confidence: high	—
Feature	Low	Adds first‑class file‑aware container isolation mounts via `attachments.isolated_paths`. Adds first‑class file‑aware container isolation mounts via `attachments.isolated_paths`. Source: llm_adapter@2026-05-30 Confidence: high	—
Feature	Low	Sets writable default `HOME=/tmp` for non‑root container runs to avoid root‑owned cache writes. Sets writable default `HOME=/tmp` for non‑root container runs to avoid root‑owned cache writes. Source: llm_adapter@2026-05-30 Confidence: high	—
Feature	Low	Blocks `ota run` on precondition failures (missing tools, version mismatches) before task start. Blocks `ota run` on precondition failures (missing tools, version mismatches) before task start. Source: llm_adapter@2026-05-30 Confidence: high	—
Feature	Low	Adds `--safe` and `--unsafe` filters plus `--via native\|container` to `ota tasks`. Adds `--safe` and `--unsafe` filters plus `--via native\|container` to `ota tasks`. Source: llm_adapter@2026-05-30 Confidence: high	—
Feature	Low	Introduces task execution conditions with `tasks.<name>.when.checks` for pre‑condition evaluation. Introduces task execution conditions with `tasks.<name>.when.checks` for pre‑condition evaluation. Source: llm_adapter@2026-05-30 Confidence: high	—
Feature	Low	Adds one‑shot container dependency‑isolation recovery for EACCES install failures. Adds one‑shot container dependency‑isolation recovery for EACCES install failures. Source: llm_adapter@2026-05-30 Confidence: high	—
Bugfix	Medium	Fixes rendering of `ota run` version‑mismatch `Next` guidance to split combined actions into separate ordered steps. Fixes rendering of `ota run` version‑mismatch `Next` guidance to split combined actions into separate ordered steps. Source: llm_adapter@2026-05-30 Confidence: high	—
Bugfix	Medium	Fixes container‑image probe wording to consistently mention "inside the configured container image". Fixes container‑image probe wording to consistently mention "inside the configured container image". Source: llm_adapter@2026-05-30 Confidence: high	—

Full changelog

added --ready-timeout <DURATION> to ota proof runtime so runtime-proof readiness waits are
explicitly bounded in CI and local automation (for example 90s, 5m, 1h), aligned timeout
failures to the explicit TIMEOUT runtime-proof status, and normalized timeout-only JSON
classification to failure_class: readiness_timeout
hardened ota proof runtime interruption semantics for CI and automation cancellation paths:
runtime proof now captures termination signals and emits deterministic interruption output
(INTERRUPTED status in text, phase: interrupted and failure_class: interrupted in JSON)
instead of an opaque cancellation result
added first-class file-aware container isolation mounts: file-like
attachments.isolated_paths entries (for example .pnp.cjs) now mount through deterministic
.ota/state/isolated-file-mounts/* bind files instead of invalid volume targets, while
directory-like isolation paths continue using managed dependency-isolation volumes
kept Corepack-backed native task execution from running corepack enable when the selected task
already invokes corepack ... directly, and scoped Corepack activation to each direct task instead
of the full dependency closure
changed container Corepack command wrapping to always bootstrap shims for Corepack-owned tasks,
including commands that already start with corepack ..., so nested package-manager script
calls (for example scripts that invoke pnpm recursively) resolve reliably in container lanes
scoped container Corepack command wrapping to each direct task's own toolchain requirements,
preventing aggregate tasks from inheriting Corepack activation from already-run dependency tasks
set a writable default HOME=/tmp for non-root container runs launched with the host UID/GID,
preventing package managers such as Corepack from trying to write under /.cache
prepared managed dependency-isolation directory volumes for the selected host UID/GID before
container task startup, so package managers can write isolated paths such as node_modules
without falling back to root-owned workspace artifacts
made ota run block on selected precondition failures before starting the task process, matching
ota run --dry-run for container-image missing-tool blockers and runtime/tool version mismatch
blockers, and kept existing contract/env validation errors on their more specific diagnostic
paths
extended the same real-run precondition gate to version mismatch blockers, so ota run stops
before dependency tasks when the selected path requires a different runtime or tool version
unified ota run precondition version-mismatch output across runtime/tool blockers with the
same structured task-first layout (task ... is blocked, plus Where, Field, bulletized
Why, and ordered Next), including backend-aware rerun guidance for container and remote
lanes
fixed ota run version-mismatch Next rendering to split combined ... and rerun ...
guidance into separate ordered actions (run <install>, run ota doctor, run ota run ...)
for clearer task-first remediation flow
fixed container-image probe wording so run/doctor errors consistently say "inside the configured
container image" when a required runtime or tool is missing or cannot be probed in the selected
image
tightened ota policy review text output for pure info-only success: approved version,
provisioning, and adapter-bootstrap policy surfaces now render as a compact Surfaces / Approved / Next summary instead of the heavier diagnostic finding layout, while warnings and
errors keep the existing detailed review path
matured detector-led contract writes from real pressure-test repos: package.json#engines.node
plus versioned pnpm/yarn package-manager ownership now writes, merges, rewrites, and tracks
drift through the canonical toolchains.node Corepack shape instead of legacy split
runtimes.node + standalone package manager tools, Docker Compose service
start/stop/healthcheck commands are written with their service declarations, and
watch/dev/serve verifier scripts are no longer inferred as agent-safe tasks
improved Node mismatch remediation so ota doctor prefers the provider actually found on the
probed executable path (mise, asdf, volta, nodenv, or pyenv) before falling back to
repo file hints such as .nvmrc; this keeps Next: guidance aligned with the tool the host is
really using
hardened ota init starter-pack ownership to match shipped toolchain contracts and avoid
generator-led drift: Node pack now seeds toolchains.node (Corepack-owned Node, default pnpm
package-manager ownership, and Corepack-prefixed pnpm/yarn task commands) instead of split
runtimes.node + top-level package-manager tools, Rust pack now seeds toolchains.rust
(provider: rustup) instead of split runtimes.rust + tools.cargo, and Python pack now
seeds toolchains.python (provider: uv) with uv-native setup/test commands instead of the
legacy requirements.txt starter shape
added a non-blocking contract advisory for legacy manual Node split ownership
(runtimes.node + standalone tools.pnpm/tools.yarn without toolchains.node), including
validate/doctor guidance to migrate onto toolchains.node Corepack ownership
extended agent-safe effects advisories (effects.network, effects.network_kind,
effects.external_state) across the full reachable task closure, so a safe task now reports
dependency-path network/external-state blast radius instead of only direct task-node effects
added ota tasks safety and backend-lane filters: --safe, --unsafe (mutually exclusive),
and --via native|container; safety filtering uses the effective safe set
(safe_for_agent: true plus agent.safe_tasks)
refined ota tasks --use / ota tasks text output to keep one canonical run command per task
and add a compact Modes block only for true multi-mode tasks; mode variants now render near the
end of each task block (after notes) so the default run lane stays primary
added explicit command-reference and quickstart guidance for ota tasks filtering lanes
(--safe, --unsafe, --via native|container) including valid combined --use flows
added a v9.1 pressure-test gap ledger documenting closed platform gaps, remaining maturity work,
and acceptance evidence expectations for new gap intake
added first-class task execution conditions with tasks.<name>.when.checks, so ota run
now evaluates declared precondition/file/changed_files checks before dependency/service startup
and skips that task deterministically when the condition lane does not pass
surfaced task execution conditions in ota tasks output as When Checks and updated the
published tasks.json schema with when_checks[] for machine-readable parity
added contract-capability/minimum-version detection for tasks.when.checks, so older binaries
now render an explicit unsupported-feature upgrade hint instead of a generic parse failure
added first-class multi-step bootstrap orchestration with action.kind: ensure_bundle, so one
task can execute ordered deterministic setup actions (copy_if_missing, ensure_env_file,
ensure_file, ensure_directory) without shell glue; validation, run-path idempotence, and
capability/minimum-version detection now include tasks.action.ensure_bundle
fixed Corepack-backed container task execution so ephemeral and persistent container runs
activate corepack enable inside the real task shell instead of a throwaway preflight path;
this keeps bare repo-internal pnpm/yarn commands working after corepack pnpm ... /
corepack yarn ... entrypoints
switched container Corepack shim activation to a user-writable install directory
(corepack enable --install-directory "$HOME/.local/bin" plus PATH export) before task
execution, avoiding /usr/local/bin permission failures in non-root container runs
defaulted Docker/Podman task containers on Unix hosts to run as the host UID:GID (--user) for
Ota-managed container execution, reducing root-owned workspace artifact drift between container
and native lanes in mixed-mode pressure-test matrices
added one-shot container dependency-isolation recovery for permission-denied install failures:
when a container task fails with an isolated node_modules/.pnpm-store EACCES signature, Ota
now resets the selected context's dependency-isolation volumes and retries the task once
hardened ota proof runtime detached Unix service teardown by running detached proof runs in a
dedicated process group and signaling that full group on shutdown, reducing lingering native
listeners that can cause late bind conflicts across sequential proof lanes

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track ota-run/ota](https:

Get notified when new releases ship.

About ota-run/ota](https:

All releases →

Related context

Related tools

Earlier breaking changes

v1.6.16 Enforce `metadata.ota.minimum_version` at contract load time across all commands.