[×] changelog
release history.
What shipped, when, and why. Full narrative context in gfix-docs/changelog.md.
v0.1.0-alpha.3
#hardeningfixsecurityhardening release — 122 tests, env-clear subprocess lockdown, AI provider robustness.
Two PR clusters land in alpha.3: AI provider hardening (#101) and the env_clear subprocess sweep (#102). The latter closes the last four parent-env-leak callsites identified after the #48 P0 — every git and subprocess invocation now routes through gitfix_command() with env_clear() plus an 8-key allowlist.
upgradebrew upgrade gfix- Security: env_clear subprocess hardening — substrate::run_git, substrate::run_git_capture, rerere::lookup (rev-parse + show), and server::merge_apply (git add -A) now all route through gitfix_command(). Inherited GIT_DIR / GIT_WORK_TREE / GIT_CONFIG_* / XDG_* / DYLD_* can no longer re-target git's writes or pollute its identity. Closes #70 (P0), #72, #97.
- Security: Mergiraf subprocess env hygiene — merge_engine::resolve_via_mergiraf and probe_mergiraf no longer inherit the full parent environment. Closes #99.
- Fixed: OpenAI response_format unconditional — response_format: json_object was always set, causing HTTP 400 on o1/o3 reasoning models. Now omitted for non-GPT-4/GPT-3.5 models. Closes #35.
- Fixed: pick_provider refactor — 70 lines of copy-paste per provider arm collapsed into a KEY_PROVIDERS lookup table. Same precedence logic, half the code. Closes #42.
- Fixed: ConflictGetResponse.ai_suggestion retyped as Option<AiSuggestion> — absence-of-suggestion case now serializes as null instead of {} or an untyped Value. Closes #46.
- Test: 120 to 122 passing tests. New regression coverage: finalize_does_not_inherit_hostile_git_dir, lookup_does_not_inherit_hostile_git_dir.
v0.1.0-alpha.2
#hardeningfixsecurityperfhardening release — 108 tests, 9 bug fixes, security patches.
Three weeks of dogfood sessions surfaced a cluster of edge-case bugs and two security issues. Alpha.2 closes all of them. The test count jumps from 70 to 108; conflict_get memory is halved; n_way_merge_plan is now O(changed) instead of O(total×N).
upgradebrew upgrade gfix- New: gfix setup — interactive first-run wizard. Detects install path, wires MCP into Claude Code, validates Gemini key, runs a fixture merge end-to-end.
- New: /install route — curl|sh landing page with SHA256-verified script. gfix.space/install is now the canonical curl target.
- New: /llms.txt route — machine-readable capability manifest for LLM context injection.
- New: HonestyLimitsSection — explicit limits page so the 50% ceiling is front-and-center, not buried in FAQ.
- Fixed: UTF-8 panic — multi-byte characters in conflict markers caused an index-out-of-bounds panic. Fixed by operating on char boundaries.
- Fixed: Blob-missing data loss — missing blob OIDs during conflict_get silently dropped file content. Now surfaces as a structured error.
- Fixed: GIT_DIR env poisoning — an inherited GIT_DIR environment variable caused gfix to resolve repository paths incorrectly. Now cleared before git subprocess calls.
- Fixed: U+2060 bypass — word-joiner character allowed prompt-injection through conflict text. Stripped at ingestion boundary.
- Fixed: Manual size DoS — unbounded conflict text size allowed oversized conflicts to exhaust the AI context window. Hard cap enforced before suggestion calls.
- Fixed: Audit log mislabel — rerere-replay resolutions were labelled as ai-suggestion in audit.json. Now labelled rerere-replay.
- Fixed: Ollama host resolution — custom OLLAMA_HOST was ignored when the URL scheme was omitted. Now normalised to http:// by default.
- Fixed: !Send hazard — GitSubstrate (gix Rc internals) crossed an .await point in the n_way_merge_plan path. Confined to a scoped block before any await.
- Fixed: Corrupt rerere JSON — a partial write during rerere cache flush could produce an unreadable JSON file. Now written atomically via a temp file + rename.
- Security: Gemini key URL leak — API key was interpolated into the request URL query string and captured in server logs. Moved to Authorization header.
- Security: U+2060 hardening — word-joiner and other invisible Unicode code points in prompt spans are now stripped at the parser boundary, not just logged.
- Perf: O(total×N) → O(changed): n_way_merge_plan now iterates only files that changed between source branches rather than the full tree.
- Perf: conflict_get memory halved — raw diff buffers are released immediately after parsing rather than held for the lifetime of the request.
- Perf: reqwest::Client cached — HTTP client is now constructed once at startup rather than once per AI suggestion call.
- Test: 70 → 108 passing tests. New coverage: UTF-8 boundaries, blob-missing, atomic rerere flush, U+2060 stripping, Gemini header auth, GIT_DIR isolation.
- Strategic: 50% headline reframed from defense ("the half everyone gives up on") to offense ("mergiraf for the easy half. gfix for the hard half.") — the floor is the product.
v0.1.0-alpha.1
#releasefeatureinitial public release — local CLI + MCP server for merge conflict resolution.
First public release of gfix. Distributed via Homebrew, curl, and npm. Ships the full 7-tool MCP surface, audit refs, cross-machine rerere, and BYO-key AI suggestions.
- New: Initial release of the gfix CLI + MCP server. 7 MCP tools: gitfix_merge_preview, gitfix_conflict_get, gitfix_conflict_resolve, gitfix_conflict_resolve_batch, gitfix_merge_apply, gitfix_merge_abort, gitfix_merge_status.
- New: Homebrew distribution via ameyypawar/gfix tap. Verified on macOS arm64 (Apple Silicon). Binaries shipped for macOS x86_64, Linux x86_64, Linux arm64.
- New: Audit refs — every accepted resolution writes refs/gitfix/audit/<merge_id> as a synthetic git commit. Inspect with plain git show. Push to any remote.
- New: Cross-machine rerere — refs/gitfix/rerere/<blake3> keyed on (file_path, base_oid, ours_oid, theirs_oid). Replays in <100ms with zero AI calls. Share across machines with git push.
- New: BYO-key AI suggestions — Anthropic, OpenAI, Gemini, Ollama. Provider precedence: Anthropic → OpenAI → Gemini → Ollama. Gemini Flash free-tier is the recommended starting point.
- New: MCP sampling path — when the host advertises sampling/createMessage (future Claude Code release), gfix uses the host model: your tokens, your suggestions, your budget.
- New: Mergiraf subprocess integration — GPL-3.0 boundary honored, never linked. Handles the structural half (TypeScript, Java, Rust, Go, and Mergiraf's full language list) before AI is ever asked.
- Test: 78 passing tests at initial release. Coverage: merge preview, conflict resolution paths (ours/theirs/mergiraf/ai-suggestion/manual), audit ref structure, rerere OID matching.
- Strategic: M2 dogfood session (2026-05-22): 13 conflicts, 12 auto-resolved (mergiraf: 8, rerere: 4), 1 AI-suggestion. Audit ref m_2026-05-22T10-25-45Z_c2bc70 is a real merge from this session.