v1.9.8

Changelog

• 93dcd6e Bump version to 1.9.8
• 9010bb7 Fix resource leaks and process handling
• 3f6ffae Unify HTTP patterns and extract constants
• a4cfed2 Update CI config and changelog

v1.9.7

Fixed

• Fix file descriptor leak for /dev/null in service start
• Replace fixed 1s sleep with polling loop for graceful service shutdown
• Fix debounce timer race condition in file watcher
• Skip 15 common non-skill directories in all WalkDir callbacks
• Pin chart.js CDN to v4.5.1 with explicit UMD bundle path
• Cache parsed HTML report template via sync.Once
• Unify registry token resolution to include ASK_GITHUB_TOKEN
• Reuse shared HTTP client for registry requests
• Replace strings.Split with strings.Count for zero-alloc depth calc in scan
• Deduplicate directories returned by GetAllAgentSkillsDirs

v1.9.6

What's Changed

Fixed

• Reuse HTTP clients for connection pooling across GitHub API calls
• Add ASK_GITHUB_TOKEN support in repo validation functions
• Validate SSH host in ParseRepoURL to reject non-GitHub hosts
• Fix loop variable pointer bug in repo name matching
• Remove duplicate --global flag registration across subcommands
• Remove dead path-separator check after filepath.Base in uninstall
• Add error logging for search, sync, and directory walk operations
• Redirect background service stdin to /dev/null
• Write progress bar completion newline to stderr consistently
• Fix uninstall documentation to clarify --all flag behavior
• Expand architecture docs, llm.txt, and command reference

Full Changelog: v1.9.5...v1.9.6

v1.9.5

Code Quality & Reliability

• Consolidate duplicated atomicWriteFile into shared filesystem.AtomicWriteFile with fsync for crash safety
• Fix variable shadowing of errors builtin in search, sync, publish, and validation code
• Harden cache reads with 5MB size limit to prevent OOM from malformed files
• Use atomic writes in Cache.Set for consistency across all file writes
• Move AtomicWriteFile tests to correct package (filesystem_test.go)
• Remove unused cache import and dead code in benchmark

Documentation

• Add missing --global and --json flags for skill info command
• Update Go version reference to 1.25+
• Improve agent flag help text to be non-exhaustive

v1.9.4

Security & Bug Fixes

• Security: Case-insensitive matching in IsSourceAllowed to prevent bypass via mixed-case URLs
• Security: Path traversal rejection in registry URL parsing
• Security: Extended shell metacharacter blocklist, added Vary: Origin and X-Content-Type-Options: nosniff headers
• Security: Validate paths before state changes in config update handler with rollback on failure
• Bug: Send auth token in GitHub API requests for repo content fetching
• Bug: Fix shared context timeout across fallback git commands in outdated check
• Bug: Add timeouts to git exec commands in publish and template operations
• Bug: Fix lock ordering in file watcher debounce timer cleanup
• Bug: Fix flaky cache test timing under race detector

Documentation

• Fix incorrect brew tap name (yeasy/tap)
• Fix debug command from ASK_LOG=debug to --log-level debug
• Add missing command flags documentation (search, uninstall, list, repo add, check)
• Update default repos table and configuration examples
• Add GH_TOKEN support documentation

v1.9.3

Security Hardening & Documentation Update

Security Fixes

• CRITICAL: Global config paths now return errors instead of silently falling back to CWD when $HOME is unavailable
• CRITICAL: Skill-bundled .askcheck.yaml can no longer disable CRITICAL security rules
• HIGH: Fixed IsPathIgnored substring matching bypass (e.g., vendor/** no longer matches vendor-tools)
• HIGH: Added json:"-" tag to Repo.Token to prevent accidental JSON serialization
• HIGH: sanitizeAndRestrictPath now resolves symlinks to prevent path bypass
• MEDIUM: InstallSubdir validates subdirectory path before both sparse and fallback clone paths
• MEDIUM: Tightened URL scheme checks from HasPrefix("http") to exact http:// / https:// prefixes
• MEDIUM: OpenBrowser rejects URLs with shell metacharacters on Windows
• MEDIUM: HTTP path validation errors logged server-side instead of forwarded to clients
• MEDIUM: Reduced NET-IP-ADDR false positives on version strings and loopback addresses
• MEDIUM: Custom rule regex compilation errors now warn to stderr instead of being silently discarded
• Added 5-minute timeout to cloneForScore

Documentation

• Added documentation for 12 missing CLI commands (skill score, skill test, skill prompt, skill publish, repo sync, doctor, serve, audit, lock-install, quickstart, version, enhanced init)
• Synced README_zh.md with English README (Go install method, desktop app section)
• Corrected CHANGELOG version splitting for v1.9.1/v1.9.2

Full Changelog: v1.9.2...v1.9.3

v1.9.2

Changelog

• 8ebcdf9 Add changelog entries for v1.8.0 to v1.9.1
• 6c9b3ab Add symlink and non-regular file tests
• f11419b Add timeouts to git clone operations
• 2014cda Bump version to 1.9.2
• b0fa04f Harden file reads and HTTP error handling
• 34992ca Reject path traversal in dependency names

v1.9.1

Changelog

• 283eea0 Bump version to 1.9.1
• ce25a77 Clean up debug prints and doc comments
• d1e687d Fix TOCTOU race in symlink checks
• 4fcb3ee Fix response body double LimitReader

v1.9.0

Changelog

• b3e0cb9 Bump version to 1.9.0
• d252b8c Fix lock-install global flag and uninstall resolve
• 7a574bc Fix path traversal and YAML escape issues
• 67d3083 Update CI actions and harden permissions
• 4b7df4f Update x/crypto and x/net for security
• 052b48a Upgrade Go 1.25 and update dependencies
• 764c506 chore(deps): bump github.com/wailsapp/wails/v2 from 2.11.0 to 2.12.0
• ad73606 chore(deps): bump golang.org/x/net from 0.35.0 to 0.38.0

v1.8.1

What's Changed

Security Hardening

• Fix XSS vulnerabilities in web UI (renderFileNode, scan errors, icon URLs)
• Add CSRF protection with Content-Type validation on all POST handlers
• Harden symlink rejection across all file operations (platform-specific O_NOFOLLOW)
• Add path traversal protection in server handlers and installer
• Enforce HTTPS-only for git clone and repository URLs
• Add request body size limits and response size limits
• Restrict CORS to localhost origins only

Bug Fixes

• Fix installer "already installed" check when SKILL.md overrides skill name
• Fix sanitizeRepoName edge cases for "." and empty strings
• Fix ParseRepoURL to reject non-GitHub URLs (e.g., evil.github.com)
• Fix double LimitReader in skillhub client
• Fix missing cwdMu lock in handleCacheClear
• Use atomic writes for cache index and lock files
• Add install recursion depth limit to prevent circular resolution

Improvements

• Improve CLI input validation and error messages
• Add git ref validation to prevent command injection
• Add file size limits to prevent memory exhaustion
• Harden skill scoring with symlink checks and TOCTOU mitigation
• Redirect warnings and errors to stderr

Testing

• Expand test coverage across all packages
• Add new test files for cache, config, server, skill packages
• Add race condition tests
• Add security-focused test cases (path traversal, symlink attacks)

Dependencies

• Add golang.org/x/sync as direct dependency
• Promote charmbracelet/huh and fsnotify to direct dependencies