Releases: FailproofAI/failproofai
Releases · FailproofAI/failproofai
Release list
0.0.13-beta.2: Fixes
Fixes
- Skip the require-*-before-stop workflow gates during Claude Code plan mode (permission_mode: "plan") — plan mode makes no commits/pushes/PRs by design, so the gates were wrongly demanding actions plan mode forbids (e.g. git push with nothing to push, blocking the agent from finishing). (#488)
- Fix translation regressions from the #486 docs sync: strip hallucinated {#…} heading-ID syntax that broke MDX parsing (ja/built-in-policies), restore dropped YAML frontmatter (tr/cli/hook) and the --cli …|hermes inline code span (he/configuration), and un-translate an inline-code placeholder (de/cli/auth). (#487)
v0.0.13-beta.0: Synced Hooks Schema
Syncs hook integrations with the latest CLI docs — adds newly-documented events for Codex, Copilot, and Claude. Fixes a Claude & Cursor timeout bug (was 60000 in a seconds field ≈ 16.7h; now 60 = 60s).
v0.0.12 - Codex hooks: drop invalid version field + correct timeout unit (seconds)
v0.0.12 - Codex hooks: drop invalid version field + correct timeout unit (seconds)
v0.0.12-beta.0 — Codex hooks: drop invalid version field + correct timeout unit (seconds)
v0.0.12-beta.0 — Codex hooks: drop invalid version field + correct timeout unit (seconds)
Pre-release
Pre-release
docs(changelog): backfill 0.0.12-beta.0 with dependency bumps + trans…
v0.0.11 — Introducing Audit
First stable release of the 0.0.11 line. Published to npm as failproofai@0.0.11 under the latest tag.
Highlights since 0.0.10
Features
/auditdashboard +failproofai auditCLI — scan your agent-CLI session history and get a personality-driven audit (8 archetypes, 0–100 score, shareable poster) with prescribed policies. Runs fully local; install-free vianpx -y failproofai audit.- Email-OTP auth —
failproofai auth login | logout | whoami, wired to the api-server; tokens stored at~/.failproofai/auth.json. - Supply-chain CI gate (OSV-Scanner + Socket) and a PR-level MDX parse check.
- Broader, more reliable PostHog telemetry across all four channels.
Breaking changes
- Default policy namespace renamed
exospherehost→failproofai. Configs that reference builtins asexospherehost/<name>must update tofailproofai/<name>. Flat shorthand (e.g."sanitize-jwt") is unaffected. - Removed the legacy cloud auth + event-relay subsystem (the old
failproofai login/logout/whoami/relay/synccommands) ahead of the new auth surface above.
Other
- Community moved from Slack to Discord; docs live at
https://docs.befailproof.ai/introduction.
Full per-change detail is in the CHANGELOG.
v0.0.11-beta.12 — Discord community link, responsive activity table + mode-pill fix, audit copy
v0.0.11-beta.12 — Discord community link, responsive activity table + mode-pill fix, audit copy
Pre-release
Pre-release
Features
- Collapse the dashboard "Reach Us" dropdown's three GitHub links (Request a Feature / Report an Issue / Ask a Question) into a single Feedback & Issues entry pointing at the GitHub issue chooser (
/issues/new/choose). - Reorder the policies → activity table columns to: time · decision · event · cli · tool · policy · reason · mode · duration · session.
Fixes
- Fix the policies → activity table collapsing on narrow / portrait windows. Columns no longer overlap — each data cell clips with an ellipsis at its own edge and headers stay on one line — and the table holds a readable
min-width(1280px), scrolling horizontally below that via a themed scrollbar instead of squeezing columns into each other. The badge / long-header columns (decision, event, cli, mode, duration, session) were widened so their content fits — the mode column in particular now holds its widest pill (bypassPermissions) instead of clipping it mid-word, and the mode pill truncates with an ellipsis + hover tooltip if a longer / custom mode ever appears.
Docs
- Replace the community Slack invite with Discord (
https://discord.gg/2zjBZP7yQJ) everywhere it's user-facing: thefailproofai --helpLINKS banner, the dashboard "Reach Us" dropdown, and the README community badge (English + 14 translations). The Slack webhook notification example (examples/policies-notification.js) is intentionally left as-is — it's a feature integration, not a community link. - Reword the
/auditinvite card ("Share with friends" / "wanna know how your friends' agents score?") and grammar-pass the X/LinkedIn share templates (article/adverb/coordination/comma-splice fixes only — no behavioral or structural change).
v0.0.11-beta.11 — invite emails show audit score, quieter server logs, PR-level MDX parse check
v0.0.11-beta.11 — invite emails show audit score, quieter server logs, PR-level MDX parse check
Pre-release
Pre-release
Features
- Add a PR-level MDX parse check (
bun run validate:mdx, wired into the CIdocsjob) that compiles everydocs/**/*.mdxwith the same MDX engine Mintlify runs at deploy time.mintlify validateonly checksdocs.jsonstructure and nav links — it never parses page content — so syntax errors slipped through to the post-merge deploy. This catches them on the PR instead (#455). - Invite emails now include the inviter's audit score:
sendInvites()and the/api/audit/inviteproxy forward a clamped (0–100) score to the api-server, which renders "my agent scored a N/100" in the body. ThreadedAuditDashboard → ComeBackBetterSection → InviteDialog; optional end-to-end so it degrades to score-free copy when absent (#456). - Rewrite the X/LinkedIn share templates (10 each): lead on the score and archetype and end on the
npx -y failproofai auditCTA + handle (@failproofai/@Failproof AI), with no URLs in the copy so the pasted audit-card image isn't replaced by a link-preview card (#456). - Enlarge the audit poster's four corner labels so they read clearly at share size, on both the dashboard render and the downloaded PNG (#456).
Fixes
- Fix three translated docs pages that failed the Mintlify deploy parse.
docs/tr/cli/audit.mdxhad a dropped closing backtick that pushed<slug>out of its inline-code span (parsed as an unclosed JSX tag);docs/ja/built-in-policies.mdxanddocs/zh/built-in-policies.mdxcarried translator-injected{#id}heading anchors that MDX reads as JS expressions. All three now match the other 12 locales (#455). - Stop the failproofai server log from repeating the benign Next.js "Failed to find Server Action" deployment-skew error. A browser tab left open across a dashboard rebuild/upgrade POSTs a stale Server Action ID; the client recovers via Next's graceful 404, but the standalone server still logged a 3-line error block to stderr per stale request. The
startlauncher now pipes the server's output through a filter (scripts/skew-log-filter.ts) that drops just that block — all other output, and color viaFORCE_COLOR, passes through untouched;devis unchanged (#456).
Dependencies
- Add
@mdx-js/mdxas a dev dependency, used by the newvalidate:mdxdocs parse check (#455).
Published to npm under the beta dist-tag — install with npm i failproofai@beta or run npx -y failproofai@beta.
v0.0.11-beta.10 — failproofai audit CLI, shareable-card polish, invite-auth UI fix
Pre-release
Features
- Add the
failproofai auditCLI command: scans local agent-CLI session history, pre-warms the dashboard cache, and opens the/auditreport — also runs install-free vianpx -y failproofai audit. Newsrc/audit/cli.ts(animated progress mirroring the dashboard's stages) andsrc/audit/open-browser.ts, wired intobin/failproofai.mjs(#453). - Rework the shareable
/auditcard (dashboard render + downloadable PNG): remove the bottom-tier rank pill, center the score, and rebuild the footer as a glowing whitebefailproof.aistamp + a glowingnpx -y failproofai auditCTA. Expand the social-share copy to 10 X + 10 LinkedIn templates (short, on-brand) tagging@failproofai/@Failproof AI, drop the raw site URL, and append a clipboard paste hint on share (#453).
Fixes
- Show login-required copy ("Oops! Login required" / "What's your email?") on the invite-a-friend CTA's shared
AuthDialogso it reads distinctly from the reminder CTA — content only, the auth flow is unchanged (#453). - LinkedIn share now opens the feed composer with the post text pre-filled (
feed/?shareActive=true&text=) instead of the deprecatedshare-offsitesummaryparam that LinkedIn ignores (#453).
Docs
- Document the
failproofai auditcommand andnpx -y failproofai auditusage indocs/cli/audit.mdx, and refresh thedocs/dashboard.mdxAudit section to the current poster flow (#453). - Point the docs community anchor (
docs.json) and the CLI launch banner at the Discord server instead of the Slack invite (#453).
Published to npm under the beta dist-tag — install with npm i failproofai@beta or run npx -y failproofai@beta.
v0.0.11-beta.9 — invite-a-friend flow, audit-poster PNG fix, Supply Chain green
Pre-release
0.0.11-beta.9
Features
- Invite a friend from
/audit(#435) — thecome back bettercard gains an invite modal: paste a comma/space/newline-separated list of friend emails (validated inline, capped at 10 per submit, deduped against your own address) and they're emailed an audit invite from failproof.ai with you Cc'd. Anonymous users are routed through sign-in first so there's a sender identity. Replaces the placeholder "1 of 3 invited" perks bar.
Fixes
- Supply Chain (OSV-Scanner) CI gate is green again (#446) — the dependency tree resolved a
vite@8.0.14(two advisories, incl. CVSS 8.2) andundici@7.27.2(7 advisories) transitively. Both are now pinned viapackage.jsonoverrides(vite@8.0.16,undici@7.28.0) to dedupe the whole tree. OSV-Scanner now reports "No issues found". /auditposter PNG export rendering (#435) — swapped the poster export fromhtml2canvastohtml-to-image, fixing broken dashed borders, a stray square cutting through the wordmark, and clone/flex misalignment that left content anchored off-center. The poster now rasterizes through the browser's native renderer, so masks, gradients, and font metrics match what's on screen.- Dashboard restraint (#435) — dropped the decorative
━━glyph prefix and amber slipping-count badge from every navbar tab, and calmed the/project/[name]page chrome (flat back chip, mono title, single meta line, calm sessions list). - Correct CLI binary name in
/auditinstall commands (#435) — the per-policy and[install all]rows emittedfailproof policy add …; the shipped binary isfailproofai, so a copied command would fail. Fixed at all call sites plus the docs example. - CodeRabbit review follow-ups (#435) — invite flow now routes 401s back through sign-in and never leaks upstream error text to the client/telemetry; share-fallback telemetry no longer reports success on failure; transient
/api/auth/statusfailures preserve prior auth state; new:focus-visibleoutlines on all new interactive controls.
Dependencies
- Consolidated Dependabot bumps #436–#445 (#446) —
next16.2.9,eslint10.5.0,@tailwindcss/postcss+tailwindcss4.3.1,@anthropic-ai/sdk0.104.2,vitest4.1.9,lucide-react1.18.0,@tanstack/react-virtual3.14.3,posthog-node5.37.1,eslint-config-next16.2.9. - Add
html-to-image@^1.11.13for the audit-poster export (#435).
Docs
- Update
docs/dashboard.mdxfor the new 5-section audit flow and theinvite a friendflow (#435).
Published to npm under the beta dist-tag (npm i failproofai@beta).
v0.0.11-beta.8 — audit first-run fix: fire-and-forget runs, scan all history
Pre-release
0.0.11-beta.8
Fixes
- The
/auditfirst run no longer fails on the first click, and an audit is no longer time-capped (#434) — the first, cold scan used to abort after ~15s and bounce back to the empty state (a retry only worked because the first attempt had warmed the caches server-side). The run is now fire-and-forget with uncapped status polling, so an audit runs to completion however long it takes, and the default scan now covers your entire session history instead of just the last 30 days. The run-lock's 5-minute auto-expiry is removed so a long-but-healthy run is never cut short, and a run that can't persist its result now surfaces an error instead of silently reporting success.
Docs
- Update translated docs for changed English sources (#433).
Published to npm under the beta dist-tag (npm i failproofai@beta).