Flowness v0.2.7 Release Notes
- Date:
2026-06-23 - Scope: safety and migration release that makes upgrades more explicit, protects user-owned workspace data, and surfaces risky-command and decomposition decisions before execution.
Summary
Flowness 0.2.7 focuses on safer workspace operations. The release turns flowness upgrade into a clearer migration planner, preserves user-owned files by default, writes a machine-readable migration plan, classifies risky commands before execution when the CLI can inspect the command first, and shows broad-request decomposition proposals before child issues are created.
Added
flowness upgrade --explainfor a more explicit migration explanation.flowness upgrade --apply --forcefor applying the safe parts of a plan while keeping conflicts manual.- Command-risk analysis that warns before destructive shell commands run where the CLI can inspect the command first.
- Request decomposition previews for broad requests so child issues are visible before they are created.
Changed
flowness upgrade --dry-runnow distinguishes generated files, user-modified files, conflicts, backups, manual actions, and risk level.flowness upgrade --applynow refuses conflicting generated files unless the operator explicitly confirms the remaining manual work.- Generated AGENTS and rule scaffolds now spell out safe migrations, dangerous-command approval, and request decomposition rules.
- The CLI help and documentation now include the safer upgrade and confirmation flow.
Fixed
- User-owned workspace data is preserved during upgrades unless the file is clearly generated and safe to regenerate.
- Broad requests now surface a decomposition proposal instead of looking like a single undifferentiated task.
- Dangerous command execution is no longer silent when the CLI can inspect the command before it runs.
Migration Notes
- Existing workspaces should run
flowness upgrade --dry-runfirst. - Review the migration plan JSON and the upgrade report before applying.
- If conflicts remain after review, use
flowness upgrade --apply --forceonly after explicitly approving the manual follow-up work. - Broad requests may now become a planning issue plus child issues, rather than a single issue with hidden scope.
Breaking Changes
- None.
Commands
npm run buildnpm testnpm run auditnpm run release:checknpm pack --dry-run --workspace packages/cli
Verification
- Build, test, audit, release check, and CLI package dry-run should pass after the release files and version numbers are updated.
Known Limitations
- Risk analysis only works when the CLI can inspect the command before execution.
- Conflicts still require manual review when the upgrade plan cannot safely merge them.