Skip to content

VikingOwl91/gnoma

v0.2.0 Security

This release includes 2 security fixes for security teams reviewing exposed deployments.

Published 12d AI Agents & Assistants
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 2 known CVEs

Topics

agentic ai-agent ai-coding-assistant anthropic cli coding-agent
+13 more
gemini go llama-cpp llm local-llm mcp mistral model-context-protocol multi-armed-bandit ollama openai self-hosted tui

Affected surfaces

auth

Summary

AI summary

Updates todo, tui, and plans across a mixed release.

Changes in this release

Security High

Hardens TUI with security fixes, race‑safety improvements, and event handling corrections

Hardens TUI with security fixes, race‑safety improvements, and event handling corrections

Source: llm_adapter@2026-05-28

Confidence: high
Security High

Performs security hardening: bash redirection sanitization, Unicode sanitization, edit tool resolver fixes

Performs security hardening: bash redirection sanitization, Unicode sanitization, edit tool resolver fixes

Source: llm_adapter@2026-05-28

Confidence: high
Security Medium

Implements format‑aware entropy safelist (Phase F-1)

Implements format‑aware entropy safelist (Phase F-1)

Source: granite4.1:30b@2026-05-28-audit

Confidence: low
Feature Low

Adds ContentImage type for inline image bytes

Adds ContentImage type for inline image bytes

Source: llm_adapter@2026-05-28

Confidence: high
Feature Low

Implements Google auth precedence and Codex integration

Implements Google auth precedence and Codex integration

Source: llm_adapter@2026-05-28

Confidence: high
Feature Low

Parses [Image: /path] markers and gates on Vision capability

Parses [Image: /path] markers and gates on Vision capability

Source: llm_adapter@2026-05-28

Confidence: high
Feature Low

Adds vision capability gating and Ollama vision detection in router

Adds vision capability gating and Ollama vision detection in router

Source: llm_adapter@2026-05-28

Confidence: high
Feature Low

Translates user image content to image_url parts for OpenAI provider

Translates user image content to image_url parts for OpenAI provider

Source: llm_adapter@2026-05-28

Confidence: high
Bugfix Medium

Fixes Google ADC scopes, rejects expired tokens, improves error reporting

Fixes Google ADC scopes, rejects expired tokens, improves error reporting

Source: llm_adapter@2026-05-28

Confidence: high
Bugfix Medium

Restores Agy alongside Codex in subprocess execution, gates sandbox bypass via env

Restores Agy alongside Codex in subprocess execution, gates sandbox bypass via env

Source: llm_adapter@2026-05-28

Confidence: high
Bugfix Medium

Tolerates non‑JSON stdout from Codex subprocess, uses max token path handling

Tolerates non‑JSON stdout from Codex subprocess, uses max token path handling

Source: llm_adapter@2026-05-28

Confidence: high
Full changelog

Changelog

  • 246997c4bec61047218380b085fecc7d47049f1c Merge branch 'feat/agy-sdk-integration' into dev
  • 8d6e66533b1964dec3fdab938682d11e49eb5ac7 docs(plans): add Phase F entropy FP reduction to post-SLM plan
  • 0975bf7118b205a7889e6954191ce625f53fd87d docs(readme): list codex and vibe alongside claude/gemini/agy
  • 69fda263f31dd4fe2c933cf70a36c3cef30feeb5 docs(todo): mark v0.1.0 distribution done; note follow-ups
  • 7491a36bb7aa7da91ba0363a9c12456ad53394ae docs(todo): track unified sensitive-content handling
  • bc137182d460462cad2bf4a96e7ff9633b2035c5 feat(engine): parse [Image: /path] markers, gate on Vision capability
  • d37cc2dad39301adb61aba372af02b9a28001c18 feat(message): add ContentImage type for inline image bytes
  • c5cc98ed8a70d5b4c39028d3b3145c81b9f0238e feat(provider/openai): translate user image content to image_url parts
  • a2b7f8eb3f41a9284034a4329f5a1c9fd153570f feat(router): vision capability gating and Ollama vision detection
  • 49d80cf847ddedb46e2a09976625fd8184bdc1ff feat(security): format-aware entropy safelist (Phase F-1)
  • 12a6b83cc9b4624c85d54a134144baa9763b3d44 feat: implement Google auth precedence and Codex integration
  • f83ace7ad64ac58d5405db6bfefd1f9eecf64b77 fix(google): real ADC scopes, expired-token rejection, error reporting
  • afc31b0af4b0709a23664c95d696bf96f5d8df19 fix(subprocess): restore agy alongside codex; env-gate sandbox bypass
  • 1717f9f5678320b6fc984c686340805e89f87fa1 fix(subprocess/codex): tolerate non-JSON stdout, max-of-token-paths
  • e38cce5f1fe2c302565ab1852e953398c960fb9a fix(tui): security hardening, race-safety, and event handling fixes
  • 244ecd97e50cc90544aa5cce01f3e87b81d168cc fix: security hardening (bash redirection, unicode sanitization, edit tool resolver)
  • bd41d76e32bb87362938cd5f66e03665c9e38b53 refactor(tui): store pasted images in user cache, not project workdir

Security Fixes

  • Security hardening across TUI (race‑safety, event handling) and global fixes (bash redirection, unicode sanitization)
  • Google authentication now uses real ADC scopes, rejects expired tokens, and improves error reporting
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track VikingOwl91/gnoma

Get notified when new releases ship.

Sign up free

About VikingOwl91/gnoma

All releases →

Related context

Beta — feedback welcome: [email protected]