v3.2.0
Minor release — agent-routing cost levers, MCP-search enforcement, GitHub-Issues onboarding, and merge-gate hardening.
Added
- (#652) Opt-in gate mode for
suggest-mcp-search.sh— whenmcp_search.gate_modeis enabled andapexyard-searchis configured, the hook soft-blocks (exit 2) exploratorygrep -r/findover indexed paths and instructs MCP-first, with anAPEXYARD_MCP_FALLBACK=1per-call escape hatch. Default-off, install-gated, Read/Glob/Grep never blocked (AgDR-0070) - (#654) Detect (and offer to enable) GitHub Issues during
/setup+/handoverwhentracker.kind=github— newtracker_check_issueshelper in_lib-tracker.shwarns + offersgh repo edit --enable-issues(never auto-enables; gated on tracker kind; fails open) so a fresh fork doesn't hit a crypticrepository has disabled issueserror (AgDR-0071) - (#641) Consent-gated GA + cookie banner on all marketing-site pages
- (#633) Grant Rex
search_codeand prefer semantic MCP search over grep when available - (#628) Support
fallowstatic-analysis pass in code review (JS/TS dead-code, unused exports, duplication)
Fixed
- (#656)
block-merge-on-red-cinow refuses variable-substituted merges (gh pr merge $PR --repo $REPO, incl. quoted forms) with a clear message instead of silently checking an unrelated CWD PR — new sharedmerge_command_uses_variableguard - (#639) Escape DOM-sourced email parts in the site mailto builder
- (#634)
extract_push_refno longer over-matches the arrow (→) in commit messages - (#632) Use
printfnotechowhen re-emitting captured JSON (pre-push-gate + tracker lib) - (#630)
config_getno longer drops ALL overrides when the config contains a backslash escape
Changed
- (#636) Harden CI workflows — SHA-pin all Actions + least-privilege
permissions - (#598) Bump
actions/checkout4 → 6