Skip to content

v3.11.0

Latest

Choose a tag to compare

@github-actions github-actions released this 15 Jul 14:47
2420456

Highlights

New skill: /adopt-project-scope — one-command, in-place migration of an existing unscoped Task Orchestrator database to the project-scoping model. It creates a project anchor root, re-parents your existing work trees under it, and writes rootId back to .taskorchestrator/config.yaml, so established workspaces can adopt multi-project scoping without rebuilding their database. This is the recommended entry point for existing users moving to project scoping.

Added

  • /adopt-project-scope skill — see Highlights above.
  • Project-root scoping — new manage_project_config tool plus an ancestorId scope parameter on query_items, get_next_item, get_context, and get_blocked_items, so work in a shared database can be scoped to a single project subtree.

    ⚠️ Note: project scoping is an organizational convenience, not a security mechanism for data separation. ancestorId filters which items a query returns — it does not isolate or access-control data. Any caller with database or MCP access can still reach every item regardless of scope. For true data separation between projects, use separate databases.

  • Per-root schema configuration layered over the global config, resolved via a new per-root config service.
  • excludeTerminal filter on the query_items overview operation, powering a leaner, attention-first /work-summary dashboard.

Changed

  • Trimmed MCP tool-description payloads (Token-Efficiency Program) — lower context cost per tools/list call.
  • Attributed note and transition output omits no-op verification blocks.

Fixed

  • Patched sqlite-jdbc to 3.53.2.0, closing CVE-2025-6965 (SQLite memory corruption; fixed upstream in SQLite 3.50.2 — the prior 3.49.1.0 pin bundled SQLite 3.49.1 and was still exposed).
  • complete_tree now records already-terminal (including cancelled) items as skipped instead of failing their gate and spuriously skipping their dependents.
  • Reparenting an item now recomputes its descendants' depths instead of leaving them stale (MCP + REST).
  • query_items returns true totals, deterministic ordering, and skipped-row visibility (MCP tools and REST /items/roots).

Release type: both — server 3.10.0 → 3.11.0, plugin 3.2.2 → 3.3.0.


What's Changed

  • docs(api-rest): correct stale SSE replay-scope limitation (fixed in #199) by @jpicklyk in #210
  • fix(query-items): true totals, deterministic ordering, and skipped-row visibility by @jpicklyk in #213
  • perf(tools): omit no-op verification blocks from attributed note and transition output by @jpicklyk in #214
  • fix(api): true totals, real pagination, and skipped-row visibility on GET /items/roots by @jpicklyk in #215
  • chore(process): land graduated improvement proposals (ktlint self-check, delegation-metadata promotion) by @jpicklyk in #216
  • feat(query-items): overview excludeTerminal filter + lean work-summary dashboard by @jpicklyk in #217
  • Merge develop into main: MCP Token-Efficiency Program + compose fixes by @jpicklyk in #218
  • fix(items): recompute descendant depths on reparent (MCP + REST) by @jpicklyk in #219
  • feat(server): project-root subtree scoping primitives by @jpicklyk in #220
  • feat(schema): per-root config layer — project_config storage, layered resolveSchema, manage_project_config tool by @jpicklyk in #221
  • feat(plugin): project-scope integration — hook injection, skill wiring, /adopt-project-scope by @jpicklyk in #222
  • fix(work-summary): harden lean fallback + bound full-mode data collection by @jpicklyk in #223
  • fix(deps): bump sqlite-jdbc to 3.53.2.0 — close CVE-2025-6965 by @jpicklyk in #224
  • fix(complete_tree): skip already-terminal items before gate check by @jpicklyk in #225
  • docs(prepare-release): add dependency-CVE audit gate to pre-PR checklist by @jpicklyk in #226
  • release: v3.11.0 — project-root scoping + /adopt-project-scope migration skill by @jpicklyk in #227

Full Changelog: v3.10.0...v3.11.0