This release includes 2 security fixes for security teams reviewing exposed deployments.
Topics
+12 more
Affected surfaces
ReleasePort's take
Moderate signalRelease v1.14.1 patches a highβseverity argument injection vulnerability in the `--remote-branch` option and deprecates Node.jsβ―20 while adding support for Node.jsβ―26, requiring Node.jsβ―22 or later.
Why it matters: The GHSAβ9mm9βrqhjβj5mx fix addresses a severityβ90 argument injection risk; migration to Node.jsβ―22+ is mandatory before the Node.jsβ―20 deprecation deadline.
Summary
AI summaryUpdates Improvements β‘, Security π, and Development π οΈ across a mixed release.
Changes in this release
| Type | Severity | Summary | CVE |
|---|---|---|---|
| Security | Critical |
Patches argument injection via `--remote-branch` (GHSA-9mm9-rqhj-j5mx). Patches argument injection via `--remote-branch` (GHSA-9mm9-rqhj-j5mx). Source: llm_adapter@2026-05-27 Confidence: high |
β |
| Security | High |
Fixes MCP `attach_packed_output` secret-scan bypass (GHSA-hwpp-h97w-2h3j). Fixes MCP `attach_packed_output` secret-scan bypass (GHSA-hwpp-h97w-2h3j). Source: llm_adapter@2026-05-27 Confidence: high |
β |
| Breaking | High |
Deprecates Node.js 20 support and adds Node.js 26 support; requires Node.js 22 or later. Deprecates Node.js 20 support and adds Node.js 26 support; requires Node.js 22 or later. Source: llm_adapter@2026-05-27 Confidence: high |
β |
| Feature | Medium |
Expands Dart parsing to include mixins, typedefs, getters, setters, and factory constructors; preserves more structure with `--compress`. Expands Dart parsing to include mixins, typedefs, getters, setters, and factory constructors; preserves more structure with `--compress`. Source: llm_adapter@2026-05-27 Confidence: high |
β |
| Feature | Low |
Adds Repomix to nixpkgs, enabling direct installation via `nix-shell -p repomix`. Adds Repomix to nixpkgs, enabling direct installation via `nix-shell -p repomix`. Source: llm_adapter@2026-05-27 Confidence: high |
β |
| Feature | Low |
Provides a Nix flake with development shell (Node.js 24 + Git) for contributors. Provides a Nix flake with development shell (Node.js 24 + Git) for contributors. Source: llm_adapter@2026-05-27 Confidence: high |
β |
| Performance | Medium |
Introduces persistent disk cache for token counts keyed by content hash, reusing counts for unchanged files. Introduces persistent disk cache for token counts keyed by content hash, reusing counts for unchanged files. Source: llm_adapter@2026-05-27 Confidence: high |
β |
| Performance | Medium |
Attempts UTF-8 decode before binary-file check, avoiding slow path in protobuf detector. Attempts UTF-8 decode before binary-file check, avoiding slow path in protobuf detector. Source: llm_adapter@2026-05-27 Confidence: high |
β |
Full changelog
This release patches two security advisories and continues the performance work from v1.14.0 with a persistent token-count cache, plus expanded Dart parsing and Nix support. Updating to 1.14.1 is recommended for all users.
Security π
Argument Injection via --remote-branch (GHSA-9mm9-rqhj-j5mx)
A crafted --remote-branch value could be passed to git as an option rather than a ref, enabling argument injection (CWE-88, High). Repomix now validates refs and inserts --end-of-options before the ref in git fetch and git checkout, so a branch value can never be interpreted as a git option.
Special thanks to @kakashi-kx (Abhijith S) for the responsible disclosure! π
MCP attach_packed_output Secret-Scan Bypass (GHSA-hwpp-h97w-2h3j)
The MCP attach_packed_output flow could register an arbitrary local file and read it back through read_repomix_output / grep_repomix_output without the secret scan that file_system_read_file applies (CWE-200, Moderate). Those tools now run the same secret scan on attach-sourced files before returning content, closing the bypass.
Special thanks to @dodge1218 for the responsible disclosure! π
Improvements β‘
Expanded Dart Code Parsing (#1515)
The Dart Tree-sitter query now captures mixins, typedefs, getters, setters, and factory constructors. Compressed output (--compress) for Dart files now preserves more of the file's structure.
Content-Addressed Token-Count Disk Cache (#1562, #1580)
Token counts are now cached on disk, keyed by content hash. Re-packing a repository reuses counts for unchanged files instead of re-tokenizing them, and the eager metrics warm-up is skipped when the cache is already populated β speeding up repeated runs on the same repository.
Faster Binary Detection (#1542)
Repomix now attempts a UTF-8 decode before the binary-file check, avoiding a pathological slow path in the protobuf detector on certain inputs.
Node.js Support Update (#1556)
Node.js 20 is no longer supported and Node.js 26 is now supported. Repomix requires Node.js 22 or later.
Available on nixpkgs
Repomix is available in nixpkgs, so Nix users can install it directly:
nix-shell -p repomix
Development π οΈ
Nix Flake with Development Shell (#1525)
Added a flake.nix providing a development shell (Node.js 24 + Git) for contributors using Nix:
nix develop
How to Update
npm update -g repomix
As always, if you have any issues or suggestions, please let us know on GitHub issues or our Discord community.
Breaking Changes
- Node.js 20 no longer supported; minimum Node.js version is now 22.
Security Fixes
- GHSA-9mm9-rqhj-j5mx β Argument injection via `--remote-branch` fixed by ref validation and insertion of `--end-of-options` before the ref in git commands.
- GHSA-hwpp-h97w-2h3j β MCP `attach_packed_output` secretβscan bypass closed; attachβsourced files now undergo the same secret scan as `file_system_read_file`.
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About repomix
All releases βRelated context
Related tools
Beta — feedback welcome: [email protected]