v0.0.11-beta.1

0.0.11-beta.1 — 2026-05-20

Breaking

• Default policy namespace renamed from exospherehost to failproofai. Configs that explicitly reference builtins as exospherehost/<name> must update to failproofai/<name>. Flat-name shorthand (e.g. "sanitize-jwt") continues to work unchanged because it auto-resolves to the new default namespace. Builtin docs (EN + 14 translations) updated to show the new namespace.

Docs

• Rename GitHub org URLs across package.json metadata, README CI badge (EN + 14 translated READMEs), CONTRIBUTING, in-app "Star us" banners (bin/failproofai.mjs, scripts/launch.ts, navbar, reach-developers component), Mintlify docs/docs.json, and 30 translated docs (package-aliases.mdx issues link + examples.mdx repo-tree link) to reflect the exospherehost → failproofai org rename. X social handle in docs/docs.json updated from x.com/exospherehost to x.com/failproofai.

Fixes

• Remove orphan exospheresmall token from the Next.js proxy matcher in proxy.ts — no asset by that name exists in the repo.

v0.0.10 — 7-CLI policy enforcement: Claude, Codex, Copilot, Cursor, Gemini, OpenCode, Pi

First stable release of the 7-CLI cycle. failproofai now enforces policies across all major terminal coding agents:

CLI	Config path	Stop semantics
Claude Code	.claude/settings.json	exit-2 force-retry
OpenAI Codex	.codex/hooks.json	exit-2 force-retry
GitHub Copilot	.github/hooks/failproofai.json	{decision:"block",reason} JSON force-retry
Cursor Agent	.cursor/hooks.json	{followup_message} JSON force-retry
Gemini CLI	.gemini/settings.json	{decision:"block",reason} JSON force-retry
OpenCode	.opencode/plugins/failproofai.mjs + .opencode/opencode.json	in-process plugin
Pi	.pi/settings.json + bundled pi-extension/	before_agent_start next-turn injection

Highlights this cycle

• Per-CLI multi-select control panel in the dashboard /policies Configure tab — install / uninstall the diff across all 7 CLIs in one round-trip, with brand-colored per-row status pills, a 7-segment coverage strip, and pre-checked detected CLIs for one-click adoption (#344).
• Pi Stop policy enforcement via before_agent_start system-prompt injection — works around Pi's AgentEndEvent having no Result type by capturing the deny reason and gating the next user turn (#341).
• OpenCode + Pi tool-input canonicalization — two-layer (shim + handler) so block-read-outside-cwd, block-env-files, and block-secrets-write actually fire on read/write/edit calls. Existing user-scope shims auto-upgrade on the next failproofai version bump without a re-install (#337, #340).
• Per-CLI Stop semantics docs — new "Per-CLI Stop semantics" subsection in docs/built-in-policies.mdx with a 7-row table + Pi-limitation callout so users enabling require-*-before-stop understand what they'll see on each CLI (#342).
• Dashboard restyle: single dark theme, project pages keyed by encoded cwd, full Gemini session UUIDs, plain-text startup line replacing the ASCII wordmark (#319, #335, #336, #338).
• release-prep-check workflow policy + dated ## <version> — <YYYY-MM-DD> CHANGELOG headings so every PR ships release-ready (no ## Unreleased drift) (#335).

See CHANGELOG.md for the complete per-beta breakdown across the 13 betas in this cycle.

v0.0.10-beta.12

[luv-342] feat: enforce Pi Stop policies via before_agent_start hando…

v0.0.10-beta.11

What's Changed

• [luv-340] fix: regenerate OpenCode dev shim + handler-side canonicalization for OpenCode/Pi by @NiveditJain in #340

Full Changelog: v0.0.10-beta.10...v0.0.10-beta.11

v0.0.10-beta.10 - OpenCode + Pi policy enforcement; clean startup output

Fixes

• scripts/launch.ts: drop the dashboard-startup ASCII wordmark entirely. Every iteration (the original 10-row pixel-block banner, the 6-row trim, and the colored half-block render of the brand PNG) read poorly in standard terminals — too tall, vertically stretched, or just visual noise. Replace with a plain-text failproof ai title and a 📦 Version: <ver> line padded to the same column as the existing ⭐ Star us: / 📖 Docs: / 💬 Slack: lines, so version and URLs form one cleanly-aligned block (#338).
• Read full session UUID from each Gemini JSONL's metadata header at project-page session-listing time (lib/gemini-projects.ts), so links route to a valid [sessionId] segment instead of the 8-hex filename prefix that the session detail route's UUID_RE check rejects (404). Hooks-section links were already correct because hook stdin carries the full UUID; this aligns the projects-section with that path (#336).
• Canonicalize OpenCode and Pi tool-input arg keys so the path-checking builtin policies actually fire on read / write / edit tool calls. OpenCode delivers args as filePath / oldString / newString / replaceAll; Pi delivers path. The failproofai builtins read ctx.toolInput.file_path, so the shape mismatch silently no-op'd block-read-outside-cwd (OpenCode), block-env-files, and block-secrets-write for both CLIs — letting an OpenCode session read paths outside its CWD without any deny, and letting Pi sessions write to .env / SSH-key paths unchecked. Existing OpenCode users must regenerate their shim via failproofai policies --install --cli opencode to pick up the fix; Pi users must reinstall via failproofai policies --install --cli pi (#337).
• Route OpenCode project pages by encoded cwd (encodeFolderName(worktree)) instead of opencode's project name / basename, fixing the dashboard /project/<slug> 404 for OpenCode-only sessions and merging same-cwd OpenCode + other-CLI rows on the Projects page (#335).
• .failproofai/policies/workflow-policies.mjs: drop the ## Unreleased section; new release-prep-check policy + updated changelog-check instruct the agent to put entries under a dated ## <version> — <YYYY-MM-DD> heading so each PR ships release-ready, and all four workflow policies now anchor command-phrase matches to shell boundaries to avoid false-positives from HEREDOC bodies (#335)

v0.0.10-beta.9 - dashboard restyle, single dark theme

Features

• Restyle the dashboard to match the failproofai brand: near-black canvas (#0a0a0a) with pink primary #e4587d, sharper 0.5rem radius, Geist Mono via next/font/google, faint pink radial vignette, and the failproof wordmark in the navbar replacing the Exosphere icon + "Failproof AI" text combo. Drops light mode entirely — ThemeContext, ThemeToggle, Logo (theme-branching), the localStorage-keyed pre-paint script, the inline loading-splash <style>, the .light CSS block, and the obsolete public/exospheresmall*.png assets all go. Also fixes the entry-highlight keyframe (which referenced hsl(var(--primary) / …) against a hex variable so the row-click highlight never actually painted) using color-mix(in oklch, …) (#332).
• Redesign the dashboard-startup ASCII banner: hand-crafted chunky pixel-block lowercase "failproof ai" compressed with Unicode 2×2 quadrant block characters and horizontally scaled 4:3 so the full wordmark fits in ~75 cols × ~10 rows, with a plain-text fallback for narrower windows. Also drops the noisy "Using default .claude projects path: …" startup log line (#322).
• Remove the undocumented --projects-path / -p CLI flag — custom Claude project folders can still be pointed at via the CLAUDE_PROJECTS_PATH environment variable (#322).

Fixes

• .github/workflows/translate-docs.yml: when an [auto] update translations PR is already open, push the new translations to its existing branch instead of skipping. Previously the consolidate step exited early but the cache-save step ran first, so the cache advanced to mark the lost translations as done — and the next run saw them as cached and never re-translated (#325).

Docs

• Rewrite the English README.md: new layout with shields.io badges, CDN-hosted wordmark logo, the existing 7-CLI logo grid (Claude / Codex / Copilot / Cursor / OpenCode / Pi / Gemini), a tighter "What it stops" table, a License section explaining the MIT + Commons Clause split, and a docs index linking to docs.befailproof.ai. Hero GIF swapped to readme-arch-hq.gif (#321).

Tick "Set as a pre-release" since the version contains -beta..

Full changelog: https://github.com/exospherehost/failproofai/blob/v0.0.10-beta.9/CHANGELOG.md#0010-beta9--2026-05-09

v0.0.10-beta.8

[luv-324] fix: enforce Stop hook on OpenCode + cut 0.0.10-beta.8 (#323)

* [luv-324] fix: enforce Stop hook on OpenCode

Stop hooks fired on OpenCode (visible in dashboard activity feed) but
the agent stopped without retry — same failure mode Cursor had pre-#318
and Copilot had pre-#299. Root cause: no `cli === "opencode"` branch in
policy-evaluator's Stop / SubagentStop handling, so OpenCode fell into
the generic exit-2 path. The plugin shim's applyDecision turns exit-2
into `throw new Error(reason)`, but throwing from the `session.idle`
event callback is a no-op — OpenCode is already idle by the time the
event fires.

Fix: emit `{hookSpecificOutput: {additionalContext: <MANDATORY ACTION
reasonText>}}` for opencode Stop / SubagentStop in both deny and
instruct paths. The shim already routes `additionalContext` through
`client.session.prompt(...)` which submits a new user message that
re-triggers the agent loop — same model as Cursor's `followup_message`
and Copilot's `{decision: "block", reason}`. Promote applyDecision to
async and `await client.session.prompt` for Stop/SubagentStop events
so the SDK round-trip completes before the plugin context tears down;
keep fire-and-forget for tool events to avoid hot-path latency.

Sister CLIs verified while in here:
- Gemini AfterAgent (canonical Stop) was already correctly emitting
  `{decision: "block", reason}`; new unit tests pin both deny and
  instruct shapes to prevent regression.
- Pi `agent_end` is observation-only by upstream design — Pi's agent
  loop has already exited and `AgentEndEventResult` exposes no `block`
  field. CLAUDE.md already documents this; no code change.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

* [luv-324] docs: clarify OpenCode plugin shim Stop semantics

Update configuration.mdx to reflect the new Stop / SubagentStop force-
retry channel: deny on Stop now routes through `client.session.prompt`
just like instruct, since `session.idle` is notification-only and
throwing from it is silently dropped.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

* [luv-324] fix: address CodeRabbit feedback + cut 0.0.10-beta.8

Address PR #323 review:
- CHANGELOG.md: append (#323) to the Unreleased entry per repo convention
  (every entry ends with the PR number).
- docs/configuration.mdx:199: "Unlike the other four CLIs" → "Unlike the
  other six CLIs" — the page now lists six other integrations
  (Claude Code, Codex, Copilot, Cursor, Pi, Gemini) so the count was
  stale.

Release prep: promote the Unreleased entry to a versioned heading
`## 0.0.10-beta.8 — 2026-05-08`. Add a fresh `## Unreleased` heading
at the top for the next development cycle. package.json is already at
0.0.10-beta.8 (pre-bumped by chore commit a146ae6 after beta.7 release).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>

v0.0.10-beta.7

release: cut 0.0.10-beta.7 (#320)

Promote the entry under `## Unreleased` to a versioned heading
`## 0.0.10-beta.7 — 2026-05-08`. Add a fresh `## Unreleased` heading
at the top for the next development cycle.

package.json was already at 0.0.10-beta.7 (pre-bumped by the post-#318
chore commit 6039817); no version edit needed here. The CHANGELOG cut
completes the release-prep handshake.

Entry promoted:
- OpenCode dashboard tool-call render fix from #319

Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>

v0.0.10-beta.6

[luv-319] fix: enforce Stop hook on Cursor Agent CLI + cut 0.0.10-bet…

v0.0.10-beta.5

0.0.10-beta.5 — 2026-05-08

Features

• policies --install: redesign the multi-CLI selection menu in src/hooks/install-prompt.ts so it groups options into a Detected (N) section (with a ★ Install for all N detected aggregate row) and, for the install action only, a Not installed (M) · install hooks ahead of time section listing every undetected supported CLI as a forward-install option. Markers are colored — yellow ★ for the aggregate row, green ● for detected rows, dim ○ for undetected — and labels for undetected CLIs render dim so the visual hierarchy matches the semantic one. Replaces the previous flat "All / Claude Code only / Codex only / …" list whose lone right-aligned description on the "All" row left odd column widths. The uninstall flow continues to show only detected CLIs (you cannot remove from what was never installed) and now reads "Remove from all N detected" on its aggregate row. Refactor extracts the option-building logic into a new exported buildCliMenuOptions(detected, action) helper so the layout rules (aggregate row only when detected.length > 1, undetected only when action === "install") are unit-testable without driving the keypress loop. Also syncs docs/configuration.mdx to describe the new sectioned layout (#302).

Fixes

• Activity dashboard: populate the CWD: field for Cursor Agent CLI session-lifecycle and prompt events. Per https://cursor.com/docs/hooks, only Cursor's tool-execution hooks (preToolUse, postToolUse) include top-level cwd; sessionStart, sessionEnd, beforeSubmitPrompt, and stop carry workspace_roots: string[] instead and omit cwd entirely. The hook handler at src/hooks/handler.ts:167 previously extracted cwd generically with parsed.cwd as string | undefined, so non-tool Cursor events landed in the activity store with cwd: undefined, the dashboard rendered an em-dash, and (more importantly) project-scope policy discovery in readMergedHooksConfig(session.cwd) and loadAllCustomHooks({ sessionCwd }) silently fell back to global-only — meaning per-project failproofai policies stopped firing on those Cursor events. New src/hooks/resolve-cwd.ts mirrors the existing resolve-permission-mode.ts / resolve-transcript-path.ts dispatch pattern: trust parsed.cwd from stdin first, then for Cursor specifically fall back to workspace_roots[0]. Other CLIs pass through unchanged. New __tests__/hooks/resolve-cwd.test.ts is a 16-case matrix: stdin passthrough across all 7 CLIs, Cursor-only workspace_roots fallback, edge cases (empty array, empty first element, non-string entries, non-array workspace_roots), runtime type guards, and stdin precedence over fallback. Cursor e2e fixtures in __tests__/e2e/helpers/payloads.ts updated to match the real per-event shape (tool events keep cwd; beforeSubmitPrompt, sessionStart, sessionEnd, stop use only workspace_roots). New e2e regressions in cursor-integration.e2e.test.ts confirm last.cwd is populated for both tool events (passthrough) and sessionStart / beforeSubmitPrompt (workspace_roots fallback) (#303).
• scripts/translate-docs: switch the Tier 2/3 default from the dated snapshot ID claude-haiku-4-5-20251001 to the alias claude-haiku-4-5 (so model access matches the CI key's scope), and lower MAX_CONCURRENT from 10 to 2 to stop the gateway behind ANTHROPIC_BASE_URL from dropping most parallel requests with Connection error. Empirically observed: at concurrency 10, a 6-request Korean batch returned 2 ok + 4 connection-resets; per-language CI matrix already parallelizes across the 14 languages, so the lower per-language limit doesn't meaningfully extend wall-clock time (#300).

Docs

• Extend the daily sync-hook-events GitHub Action prompt (scripts/sync-hook-events-prompt.md) from Claude-only to all seven integrated agent CLIs (Claude, Codex, Copilot, Cursor, OpenCode, Pi, Gemini). Each CLI's upstream docs URL is fetched, its hook event surface diffed against its *HOOK_EVENT_TYPES array in src/hooks/types.ts, and per-CLI drift surfaced under diffs.<cli> in .sync-hook-events-output.json. Casing is preserved upstream-verbatim (PascalCase / snake_case / camelCase / dot.namespaced). Test-count fixups stay narrow (Claude → manager.test.ts, Gemini → integrations.test.ts); the agent does NOT add *EVENT_MAP entries for newly-added events on Codex/Cursor/OpenCode/Pi/Gemini, since canonical mappings require human judgement — CI is allowed to ship red on the first commit and the reviewer fixes the map before merge. Workflow now stages __tests__/hooks/integrations.test.ts alongside the existing files (#281).

0.0.10-beta.4 — 2026-05-05

0.0.2-beta.5 — 2026-04-09

Features

• Display package version in navbar (#66)

Fixes

• require-pr-before-stop skips when no changes vs base branch (#67)
• Show plain Allow badge instead of blue Allow(note) (#68)