Skip to content

Tags: ruvnet/ruflo

Tags

v3.10.46

Toggle v3.10.46's commit message 
chore(release): bump claude-flow / @claude-flow/cli / ruflo to 3.10.46

Patch release shipping the @dskarasev community bug batch from PR #2375:

- #2369 (499e69a) — init/executor: detectExistingRufloMCP now
  recognises legacy 'claude-flow@alpha' and 'claude-flow@v3alpha' MCP
  keys at both top-level and project-scoped registration paths.
  writeMCPConfig also surfaces a loud message naming the deprecated key
  when an existing local .mcp.json uses one, instead of silently
  skipping the file (the "autopilot tools missing after init" mode).
- #2370 (499e69a) — swarm.ts: MCP-down error hint now points users at
  `claude mcp add claude-flow -- npx -y ruflo@latest mcp start` instead
  of the deprecated `claude-flow@v3alpha`.
- #2371 (499e69a) — ContainerWorkerPool.buildWorkerCommand() now spawns
  workers via `npx -y ruflo@latest daemon trigger`, preventing npx from
  silently falling back to a stale locally-installed `claude-flow`.

Plus a 10-test regression suite with a comment-stripped sanity sweep
over the cli src/ tree so a future grep-and-replace can't silently
re-introduce the deprecated dist-tag.

Published to npm with latest + alpha + v3alpha tags for all three
packages. 9/9 dist-tag combinations verified at 3.10.46.

Co-Authored-By: RuFlo <ruv@ruv.net>

v3.10.45

Toggle v3.10.45's commit message 
chore(release): bump claude-flow / @claude-flow/cli / ruflo to 3.10.45

Patch release shipping a single fix landed since 3.10.44:

- #2301 (e7b9eea9f) — hive-mind --dangerously-skip-permissions: complete
  the kebab→camel parser-normalization fix by adding the yargs-style
  negation deny clause (autoPermissions === false). Without this, the
  prior commit's activation half worked but --no-auto-permissions could
  no longer block, leaving the spawn strictly more permissive than the
  pre-fix state. 9/9 regression tests pass — 3 new cases pin the parser
  negation contract. Co-authored with @JOhnsonKC201 (original PR) and
  @rvrheenen (issue reporter who supplied the original patch). Closes #2269.

Published to npm with latest + alpha + v3alpha tags for all three
packages. 9/9 dist-tag combinations verified at 3.10.45.

Co-Authored-By: RuFlo <ruv@ruv.net>

v3.10.44

Toggle v3.10.44's commit message 
chore(release): bump claude-flow / @claude-flow/cli / ruflo to 3.10.44

Patch release bundling two fixes landed since 3.10.43:

- #2348 (7c63626) — break embedder-rescue mutual recursion that OOM'd
  v3-ci.yml at the V8 heap limit. memory-bridge's rescueAgentdbEmbedder
  now delegates to generateLocalEmbedding (bridge-free leaf), not
  generateEmbedding (bridge-first). Closes #2312. CI gate re-enabled.
- #2366 (a21f680) — Windows plugin install/uninstall/upgrade. npm on
  Windows is a bash shim with no .exe (spawn ENOENT) and Node refuses
  to spawn .cmd directly post-CVE-2024-27980 (spawn EINVAL). Routes
  through cmd.exe /d /s /c npm <args> on Windows; POSIX unchanged.
  Validated via the existing validatePackageName regex gate and Node's
  array-form argument quoting. (community PR by @danielsOink.)

Held from this batch:
- #2301 (hive-mind --dangerously-skip-permissions) — passing 5/6 but the
  --no-auto-permissions deny case fails because the parser uses yargs-
  style negation (autoPermissions: false), which the predicate doesn't
  read. Comment posted with proposed fix.

Published to npm with latest + alpha + v3alpha tags for all three
packages. 9/9 dist-tag combinations verified at 3.10.44.

Co-Authored-By: RuFlo <ruv@ruv.net>

v3.10.43

Toggle v3.10.43's commit message 
chore(release): bump claude-flow / @claude-flow/cli / ruflo to 3.10.43

Patch release bundling four bug fixes that landed on main since 3.10.42:

- #2358 (b127887) — agent_execute now omits temperature/top_p/top_k for
  Fable 5 / Opus 4.8 / Opus 4.7, which 400 the request if sampling
  params are sent (#2357 Finding A, HIGH; invisible on Claude-Max,
  fatal on raw ANTHROPIC_API_KEY)
- #2365 (99bd9db) — OpenRouter fallback model + haiku/sonnet/opus
  aliases refreshed from the Oct-2025 retired claude-3.5-* / claude-3-
  opus slugs to the current 4.x family (#2357 Finding C)
- #2361 (a553da3) — daemon self-terminating TTL + idle shutdown,
  global status --all, honest HNSW/init footguns (community PR by
  @shaal, addresses @pacphi's multi-day immortal-daemon token-leak
  investigation; #2360)
- #2364 (d687753) — federation plugin caps agentic-flow peer to
  <2.0.13, which dropped the ./transport/loader subpath upstream

Published to npm with latest + alpha + v3alpha tags for all three
packages. 9/9 dist-tag combinations verified at 3.10.43.

Co-Authored-By: RuFlo <ruv@ruv.net>

v3.10.42

Toggle v3.10.42's commit message 
chore(release): bump claude-flow / @claude-flow/cli / ruflo to 3.10.42

Patch release for #2346-style community bug batch (PR #2355).

- Fixes #2352 (Windows path validation + silent failure on hooks post-edit)
- Fixes #2351 (trajectory-end feedback never distilled into searchable pattern)
- Fixes #2350 (init hooks subcommand wrote no hooks block to settings.json)

Published to npm with latest + alpha + v3alpha tags for all three packages.

Co-Authored-By: RuFlo <ruv@ruv.net>

v3.10.41

Toggle v3.10.41's commit message 
chore(release): bump claude-flow / @claude-flow/cli / ruflo to 3.10.41

PATCH release covering three merged PRs since v3.10.40:

 - #2336 — feat(agents): ADR-147 nested subagent (depth=5) infra + P2 stage 1
 - #2340 — chore(security): Socket.dev alert baseline + remove broken pages.yml
 - #2346 — fix: community bug batch:
     • fix(session) atomic writes to current.json + self-heal (#2307, @BIWizzard)
     • fix(hive-mind) await spawned claude before returning (#2297, @clement-livdeo)
     • fix(statusline) resolve installed CLI bin + bump cache 10s→60s (#2337, @shaal)

No API breaks → PATCH per CLAUDE.md versioning policy.

Co-Authored-By: RuFlo <ruv@ruv.net>

v3.10.40

Toggle v3.10.40's commit message 
fix(statusline): regenerate committed artifact after #2331 generator …

…changes

PR #2331 added entity/test/hooks/integration overlay helpers and a custom-
npm-prefix probe to statusline-generator.ts, but didn't update the committed
`.claude/helpers/statusline.cjs` snapshot that statusline-cost-display.test.ts
uses as a drift guard. Regenerated via:

  node -e "const {DEFAULT_INIT_OPTIONS}=require('./dist/src/init/types');
           const {generateStatuslineScript}=require('./dist/src/init/statusline-generator');
           fs.writeFileSync('../../../.claude/helpers/statusline.cjs',
                            generateStatuslineScript(DEFAULT_INIT_OPTIONS))"

Test passes: 8/8 in __tests__/statusline-cost-display.test.ts.

Also bumps @claude-flow/cli, claude-flow, ruflo 3.10.39 → 3.10.40 in
preparation for the release; @claude-flow/cli@3.10.40 already published.

Co-Authored-By: RuFlo <ruv@ruv.net>

v3.10.39

Toggle v3.10.39's commit message 
chore(release): 3.10.39 — ADR-147 entity arm + signal provenance (#2317 

#2327)

@claude-flow/memory 3.0.0-alpha.19 → 3.0.0-alpha.20. Adds the entity arm
to hybridSearch alongside the existing dense + sparse RRF fusion, plus
per-result signals: ('vector'|'bm25'|'entity')[] provenance.

End-to-end capability smoke against built dist confirmed: Alice needle in
31-doc corpus ranks #1 with all three signals; runner-up has only
vector+bm25 — RRF score gap of ~47%.

@claude-flow/cli, claude-flow, ruflo 3.10.38 → 3.10.39. CLI also pins
@claude-flow/memory to ^3.0.0-alpha.20 so the wrapper users pick up the
entity arm automatically.

All four packages published with latest+alpha+v3alpha aligned.
Lockfile regen included (lesson from #2311 — bumping a workspace dep
without regenerating v3/pnpm-lock.yaml breaks frozen-lockfile CI).

Co-Authored-By: RuFlo <ruv@ruv.net>

v3.10.38

Toggle v3.10.38's commit message 
chore(release): 3.10.38 — CI/witness/security cluster fixes (#2311 #2274

 #2312 #2275)

@claude-flow/security 3.0.0-alpha.8 → 3.0.0-alpha.10 (alpha.9 was already
on npm). Adds @noble/ed25519 to dependencies so its TS build succeeds
standalone — closes the TS2307 break that has been red on main since
2026-06-02 (#2311, #2275).

@claude-flow/cli, claude-flow, ruflo 3.10.37 → 3.10.38. CLI also pins
@claude-flow/security to ^3.0.0-alpha.10 so users picking up the wrapper
get the noble dep automatically.

All three published with latest+alpha+v3alpha aligned at 3.10.38.

Co-Authored-By: RuFlo <ruv@ruv.net>

v3.10.34

Toggle v3.10.34's commit message 
feat(security): P1 implementations for ADR-144, ADR-145, ADR-146

Three independent P1 components, each scoped to a single PR-sized change.
All three are off by default — flips become default in v4.0 — so existing
pipelines keep their exact behaviour.

ADR-144 P1 — AgentAuthorizationPropagator (#2248)
  v3/@claude-flow/security/src/authorization/propagator.ts (new)
  • AuthScope envelope (principal, granted tools/servers, delegation depth, expiry)
  • wrapOutbound: monotonically-reducing scope, depth-decrement, expiry check
  • checkToolCall: typed decisions (tool-not-in-scope / server-not-in-scope /
    scope-expired / delegation-depth-exhausted) — never throws, telemetry-friendly
  • verifyServerAuth: fail-closed on missing/empty credentials (P1 permissive
    accept for non-empty — P4 wires real validator)
  • Provenance buffer ring-bounded for P5 telemetry sink
  • makeLegacyPermissiveScope shim for legacy-mode migrations
  18 unit tests covering every invariant; all pass.

ADR-145 P1 — PluginIntegrityVerifier (#2254)
  v3/@claude-flow/security/src/plugins/integrity-verifier.ts (new)
  v3/@claude-flow/cli/src/plugins/trust/trust-anchors.json (new placeholder)
  • Canonical JSON serialisation (deterministic key order) + SHA-256 manifest hash
  • Ed25519 detached signature verification via @noble/ed25519 (probe-and-fall-
    back, mirrors verify.mjs #1880 pattern so untrusted environments skip
    rather than throw)
  • Trust-anchor allowlist with exact / wildcard scope matching + expiry
  • Structured VerificationStatus (pass / signature-missing / signature-invalid
    / manifest-hash-mismatch / unknown-signer / signer-expired)
  • Stage-2 semantic-intent scan (SCH defence) lands in P2
  13 unit tests including the round-trip sign→verify and tamper-flip cases.

ADR-146 P2 — guardrail call site in MCP dispatch (#2149 follow-up)
  v3/@claude-flow/cli/src/mcp-client.ts — patch callMCPTool
  • Lazy-resolves @claude-flow/security so cold-import cost doesn't hit
    every CLI invocation; falls back to no-op if module unavailable
  • Walks the result object one level deep (matches the flat-record shape
    of every existing tool — deeper traversal would change the p99 latency
    contract)
  • Rejected fields replaced with typed marker: '<rejected-by-guardrail
    tool="X" category=Y>' so callers can surface the rejection rather than
    silently dropping
  • Off by default. CLAUDE_FLOW_STRICT_GUARDRAIL=true turns it on; precedence
    documented inline so the env-var audit passes without an escape-hatch entry.
  4 wiring tests (legacy passthrough, strict-mode reject of known injection,
  strict-mode passthrough on safe content, non-object results pass through).

Security index exports updated for all three. Builds clean (tsc with no
errors). All 4 audits + 2 regression smokes pass locally.

Co-Authored-By: RuFlo <ruv@ruv.net>