You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This commit was created on GitHub.com and signed with GitHub’s verified signature.
[0.12.0] - 2026-06-16
Added
brigade doctor --json and brigade status --json emit machine-readable output (target, harnesses, owner, depth, per-check status/name/detail, summary counts, and a ready flag), so the two most diagnostic surfaces can feed scripts and a future fleet aggregation instead of being text-only.
brigade security diff --base <dir> --against <dir> [--json] compares two security reports and reports new, resolved, and persisting findings (matched by the scan's stable per-finding fingerprint). It returns nonzero when there are new findings, so a change that introduces a finding can be caught in review or CI.
brigade operator checkup [--json] runs every read-only first-run doctor (doctor, operator doctor, handoff doctor, tools doctor, skills doctor, security doctor) in one pass and rolls them up to a single ready / blocking_surfaces verdict with the next command to run, so a new operator no longer has to copy-paste each doctor from the first-10-minutes guide.
brigade doctor now lints AGENTS.md quality: it warns (never fails) when the file lacks a "Definition of Done" section or a memory-handoff section, since agents work better with explicit done criteria and a handoff footer. The Brigade-seeded AGENTS.md now ships a Definition of Done section (issue #84).
brigade run --read-only now warns when an assigned agent cannot hard-enforce read-only. Each adapter is classified hard (native sandbox or tool allowlist), soft (prompt-only), or none; soft and none agents are listed on stderr and recorded in a read-only-enforcement.json run receipt, and a writable --sandbox override downgrades even natively-sandboxed CLIs to best-effort (issue #87).
brigade repos doctor --deep runs the operator checkup (every first-run doctor) in each enabled fleet repo and aggregates a fleet-wide ready / blocking_repo_count verdict, so you can health-check many repos in one pass instead of cd-ing into each (issue #78).
brigade completions bash|zsh|fish prints a static shell completion script generated from the CLI's own command tree (zero runtime dependencies; the tree is embedded, not shelled out). bash completes the full command tree, zsh reuses it via bashcompinit, and fish completes the top level plus one subcommand level (issue #89).
brigade memory search <query> [--json] runs a deterministic keyword search over memory cards, ranking title, tag, and summary matches above body matches (the stdlib precursor to the roadmapped on-device semantic retrieval) (issue #90).
brigade memory serve-mcp --stdio exposes memory cards over a read-only MCP stdio server under a card:// scheme (resources plus list_cards / get_card / search_cards tools), reusing the proven skills MCP pattern; reads are scoped to the configured card roots and it never edits canonical memory (issue #88).
brigade projects doctor adds the station doctor that every peer station already has, reporting project-consolidation health and exiting nonzero on issues (issue #90).
brigade skills uninstall <skill> --target <harness|all> removes an installed skill (the inverse of skills install), records an uninstall receipt in the install history, and refuses cleanly when nothing is installed (issue #90).
brigade friction show [--severity] [--json] reads back the latest friction scan, which previously could only be written (issue #90).
Changed
Internal: the skills and memory MCP stdio servers now share one harness (mcp_server.serve_stdio) instead of carrying near-identical JSON-RPC loops. No command surface or protocol change; a new read-only MCP surface is now a few callbacks.
The repo fleet scan now summarizes repos on a small thread pool instead of serially. Each summary is independent and IO-bound (git calls plus file stats), so a multi-repo fleet scans noticeably faster while output stays in config order; a single-repo fleet is unchanged.
brigade doctor now groups host-global findings (OpenClaw config, the content-guard clone, uninstalled managed tools) under a "machine-level (not specific to this repo)" header in text output and tags each check with a scope of repo or machine in --json, so a single-repo run no longer reads as if the repo is responsible for machine-wide state (issue #80).
brigade security suppress and brigade security unsuppress gain --json, so an agent or CI step can parse the suppression result (issue #90).
brigade scrub gains --json and now writes a summary-only .brigade/scrub/latest.json receipt (verdict, policy, exit code, never the matched snippets), with --no-receipt to opt out, giving the egress gate the audit trail every other station already has (issue #90).
brigade runbook closeout --import-issues [--dry-run] routes each failed step of a runbook run into the work import inbox (deduped by run id and step), so a mid-run failure reaches the same review queue every other station's failures land in (issue #90).
brigade init --git-exclude writes Brigade's ignore block to the local-only .git/info/exclude instead of the tracked .gitignore, for third-party clones you do not want to commit Brigade ignores into (issue #81). Automatic detection of a third-party clone is intentionally deferred: there is no reliable repo-owner signal, and a guess would false-positive on your own published repos.
Fixed
brigade init --no-gitignore is now honored. The flag was parsed but never forwarded to the installer, so a .gitignore was written anyway; install_selection now takes update_gitignore and skips the write when asked.
brigade init --git-exclude now resolves a linked-worktree .git file (gitdir: <path>) to write the exclude under the worktree's own git dir, instead of silently falling back to a tracked .gitignore.
The seeded pre-push content-guard hook no longer reports a scanner error as a content leak. It now discriminates content-guard's exit codes: exit 1 (findings) blocks with the leak message, any other nonzero exit is reported as "scanner failed to run" rather than mislabeled as violations (issue #82).
brigade doctor memory-care freshness no longer reports a same-day scan as "in the future". The scanner stamps scan_date in UTC, but doctor compared it against the host's local date, so an evening run in a behind-UTC timezone warned falsely (issue #83). Doctor now compares in UTC.
brigade init --depth workspace now creates .brigade/memory-care/decay, the directory doctor actually checks, instead of the legacy memory/cards/decay. A fresh workspace no longer draws a "staleness scanner not wired" warning on first contact (issue #79).
localio.write_json now writes receipts atomically (temp file plus os.replace), so a reader or a crashed writer never observes a half-written JSON receipt; on failure the original file is left intact and the temp file is removed.
Apply the v0.11.0 subprocess hang-guard (closed stdin plus a timeout) to the remaining direct subprocess.run sites that lacked it: localio.check_git_ignored, the work-family _git helper, and scrub's git probes. A stuck git call now fails fast instead of hanging the command.
brigade scrub fails closed when the content-guard scan times out: a hung scanner is reported as blocked (exit 124) instead of being able to let content past the egress gate.