Release v0.2.9

Release v0.2.9

Changes since v0.2.8

Mark Turansky (1)

• fix(runner): restore acp backend MCP tools as fallback when sidecar is absent (#1607) (5b1e702)

github-actions[bot] (1)

• deps(runner): bump claude-agent-sdk 0.2.87, anthropic 0.104.1 (#1603) (d45e631)

Full Changelog: v0.2.8...v0.2.9

---

CodeRabbit Triage Summary

CodeRabbit Triage: v0.2.9

Metric	Value	Δ vs Previous
PRs analyzed	1	-29 ↓
Critical issues	1	-22 ↓
Major issues	13	-107 ↓
Issues per PR	14.0	+9.2 ↑
Coverage gaps	11	-114 ↓

Trend

Release	Date	PRs	Critical	Major	Per PR	Gaps
v0.2.0	2026-04-10	30	23	120	4.8	125
v0.2.9	2026-05-21	1	1	13	14.0	11

Top Uncovered Patterns

1. Credential sidecar authentication mechanism is undefined. (3 occurrences, impact: 9) — other
2. Credential bootstrap wrapper is missing for this sidecar flow (also applies to google/Dockerfile). (1 occurrences, impact: 4) — other
3. Document git credential HTTP endpoint in MCP server spec or clarify relation to MCP transport. (1 occurrences, impact: 3) — other
4. Add gitlab-mcp to the MCP Servers table. (1 occurrences, impact: 3) — other
5. Update legacy runner credential flow references to match sidecar isolation (1 occurrences, impact: 3) — other
6. Sidecar transport mode conflicts with earlier MCP transport definition (1 occurrences, impact: 3) — other
7. Do not fail open when required bootstrap env vars are missing. (1 occurrences, impact: 3) — other
8. Avoid including raw credential API response bodies in errors. (1 occurrences, impact: 3) — other
9. Harden sidecar URL parsing to avoid runtime crashes on malformed config. (1 occurrences, impact: 3) — runner
10. Don’t activate sidecar mode from a non-empty string alone. (1 occurrences, impact: 3) — runner

Recommended Guardrails

CLAUDE.md Conventions

• Credential sidecar authentication mechanism is undefined.: Enforce via convention (needs specific rule)
• Credential bootstrap wrapper is missing for this sidecar flow (also applies to google/Dockerfile).: Enforce via convention (needs specific rule)
• Document git credential HTTP endpoint in MCP server spec or clarify relation to MCP transport.: Enforce via convention (needs specific rule)
• Add gitlab-mcp to the MCP Servers table.: Enforce via convention (needs specific rule)
• Update legacy runner credential flow references to match sidecar isolation: Enforce via convention (needs specific rule)
• Sidecar transport mode conflicts with earlier MCP transport definition: Enforce via convention (needs specific rule)
• Do not fail open when required bootstrap env vars are missing.: Enforce via convention (needs specific rule)
• Avoid including raw credential API response bodies in errors.: Enforce via convention (needs specific rule)
• Harden sidecar URL parsing to avoid runtime crashes on malformed config.: Enforce via convention (needs specific rule)
• Don’t activate sidecar mode from a non-empty string alone.: Enforce via convention (needs specific rule)

Hookify Rules

• PreToolUse hook for credential sidecar authentication mechanism is undefined. enforcement in TypeScript code
• PreToolUse hook for credential bootstrap wrapper is missing for this sidecar flow (also applies to google/dockerfile). enforcement in TypeScript code
• PreToolUse hook for document git credential http endpoint in mcp server spec or clarify relation to mcp transport. enforcement in TypeScript code
• PreToolUse hook for add gitlab-mcp to the mcp servers table. enforcement in TypeScript code
• PreToolUse hook for update legacy runner credential flow references to match sidecar isolation enforcement in TypeScript code
• PreToolUse hook for sidecar transport mode conflicts with earlier mcp transport definition enforcement in TypeScript code
• PreToolUse hook for do not fail open when required bootstrap env vars are missing. enforcement in TypeScript code
• PreToolUse hook for avoid including raw credential api response bodies in errors. enforcement in TypeScript code
• PreToolUse hook for harden sidecar url parsing to avoid runtime crashes on malformed config. enforcement in Python code
• PreToolUse hook for don’t activate sidecar mode from a non-empty string alone. enforcement in Python code

Release v0.2.8

Release v0.2.8

Changes since v0.2.7

Mark Turansky (6)

• feat(specs): credential sidecar isolation architecture (#1599) (720c8d7)
• feat(runner): dynamic credential-aware MCP server configuration (#1593) (a1fa9ff)
• feat(rbac,cli): RoleBinding typed nullable FKs + credential bind subcommand (#1581) (5556220)
• spec(rbac): typed nullable FKs on RoleBinding + workflow and coverage improvements (#1580) (450aabf)
• feat(credentials): migrate to global resource + spec reconciliation (#1570) (8229beb)
• spec(api): reconcile ambient-model spec against implementation (#1548) (7476b11)

github-actions[bot] (5)

• deps(runner): bump anthropic 0.103.1 (#1597) (4b2be27)
• chore: update model manifest (#1596) (0fa9dea)
• deps(runner): bump claude-agent-sdk 0.2.82, anthropic 0.103.0 (#1590) (2ff842d)
• deps(runner): bump anthropic 0.102.0 (#1585) (63545c7)
• deps(runner): bump claude-agent-sdk 0.1.81, anthropic 0.101.0 (#1560) (c802fab)

dependabot[bot] (5)

• chore(deps): bump idna from 3.11 to 3.15 in /components/runners/ambient-runner in the uv group across 1 directory (#1595) (cb01c10)
• chore(deps): bump pymdown-extensions from 10.20.1 to 10.21.3 in /components/runners/ambient-runner in the uv group across 1 directory (#1594) (8aa8cdb)
• chore(deps): bump authlib from 1.6.11 to 1.6.12 in /components/runners/ambient-runner in the uv group across 1 directory (#1582) (bcb3623)
• chore(deps): bump systeminformation from 5.31.5 to 5.31.6 in /e2e in the npm_and_yarn group across 1 directory (#1573) (2ef5345)
• chore(deps): bump next from 16.2.3 to 16.2.6 in /components/frontend in the npm_and_yarn group across 1 directory (#1571) (ecdcd89)

Jeremy Eder (4)

• feat(api,sdk,cli): add unauthenticated version endpoint (#1602) (7e78baf)
• fix(cli): improve contrast for dim phase rows in acpctl TUI (#1578) (333aeb1)
• chore: remove .beads/issues.jsonl and gitignore it (#1577) (824b2fa)
• fix(cli): respect --project-id flag on acpctl create session (#1574) (9f32edb)

jsell-rh (3)

• fix(cli): respect project scope on TUI session refresh (#1587) (5c2c69a)
• fix(frontend): widen mock return type for useProject in tests (#1579) (596bb2e)
• fix(docs): remove stale zod v3 overrides breaking Astro 6 build (#1568) (b6cbae6)

quay-devel (1)

• fix(backend): remove initialPrompt skip that blocked display name fallback (#1562) (82c4026)

João Vilaça (1)

• feat(frontend): show local timezone alongside UTC in schedule displays (#1564) (654c880)

Matt Knop (1)

• fix: add OAuth proxy cookie refresh to prevent token expiration (#1567) (a7fe697)

Full Changelog: v0.2.7...v0.2.8

---

CodeRabbit Triage Summary

CodeRabbit Triage: v0.2.8

Metric	Value	Δ vs Previous
PRs analyzed	13	-17 ↓
Critical issues	3	-20 ↓
Major issues	35	-85 ↓
Issues per PR	2.9	-1.9 ↓
Coverage gaps	32	-93 ↓

Trend

Release	Date	PRs	Critical	Major	Per PR	Gaps
v0.2.0	2026-04-10	30	23	120	4.8	125
v0.2.8	2026-05-21	13	3	35	2.9	32

Top Uncovered Patterns

1. Credential sidecar authentication mechanism is undefined. (3 occurrences, impact: 9) — other
2. Fix TypeScript compilation error in mock typing. (2 occurrences, impact: 8) — frontend
3. Do not silently drop server-version failure states (2 occurrences, impact: 6) — api-server, cli
4. Prefer the current user's credential file before scanning the directory. (2 occurrences, impact: 6) — runner
5. Credential bootstrap wrapper is missing for this sidecar flow (also applies to google/Dockerfile). (1 occurrences, impact: 4) — other
6. Handle the marshal/write error paths instead of discarding them. (1 occurrences, impact: 3) — api-server
7. Avoid printing raw errors in user-facing version output (1 occurrences, impact: 3) — cli
8. Document git credential HTTP endpoint in MCP server spec or clarify relation to MCP transport. (1 occurrences, impact: 3) — other
9. Add gitlab-mcp to the MCP Servers table. (1 occurrences, impact: 3) — other
10. Update legacy runner credential flow references to match sidecar isolation (1 occurrences, impact: 3) — other

Recommended Guardrails

CLAUDE.md Conventions

• Credential sidecar authentication mechanism is undefined.: Enforce via convention (needs specific rule)
• Fix TypeScript compilation error in mock typing.: Enforce via convention (needs specific rule)
• Do not silently drop server-version failure states: Enforce via convention (needs specific rule)
• Prefer the current user's credential file before scanning the directory.: Enforce via convention (needs specific rule)
• Credential bootstrap wrapper is missing for this sidecar flow (also applies to google/Dockerfile).: Enforce via convention (needs specific rule)
• Handle the marshal/write error paths instead of discarding them.: Enforce via convention (needs specific rule)
• Avoid printing raw errors in user-facing version output: Enforce via convention (needs specific rule)
• Document git credential HTTP endpoint in MCP server spec or clarify relation to MCP transport.: Enforce via convention (needs specific rule)
• Add gitlab-mcp to the MCP Servers table.: Enforce via convention (needs specific rule)
• Update legacy runner credential flow references to match sidecar isolation: Enforce via convention (needs specific rule)

Hookify Rules

• PreToolUse hook for credential sidecar authentication mechanism is undefined. enforcement in TypeScript code
• PreToolUse hook for fix typescript compilation error in mock typing. enforcement in TypeScript code
• PreToolUse hook for do not silently drop server-version failure states enforcement in TypeScript code
• PreToolUse hook for prefer the current user's credential file before scanning the directory. enforcement in Python code
• PreToolUse hook for credential bootstrap wrapper is missing for this sidecar flow (also applies to google/dockerfile). enforcement in TypeScript code
• PreToolUse hook for handle the marshal/write error paths instead of discarding them. enforcement in TypeScript code
• PreToolUse hook for avoid printing raw errors in user-facing version output enforcement in TypeScript code
• PreToolUse hook for document git credential http endpoint in mcp server spec or clarify relation to mcp transport. enforcement in TypeScript code
• PreToolUse hook for add gitlab-mcp to the mcp servers table. enforcement in TypeScript code
• PreToolUse hook for update legacy runner credential flow references to match sidecar isolation enforcement in TypeScript code

Release v0.2.7

Release v0.2.7

Changes since v0.2.6

🎉 First-Time Contributors

• quay-devel

Mark Turansky (3)

• fix(manifests): add NetworkPolicy allowing runner pods to reach ambient-code namespace (#1553) (28874a9)
• fix(runner): write Google credentials as {email}.json with timezone-naive expiry (#1557) (96c7843)
• fix(control-plane,manifests): resolve MCP sidecar TLS and api-server proxy failures (#1546) (136db29)

quay-devel (1)

• fix(operator): attach X-Ambient-Session-Token on all operator→runner calls (#1556) (19840da)

dependabot[bot] (1)

• chore(deps): bump urllib3 from 2.6.3 to 2.7.0 in /components/runners/ambient-runner in the uv group across 1 directory (#1551) (1fdc5e7)

Full Changelog: v0.2.6...v0.2.7

---

CodeRabbit Triage Summary

CodeRabbit Triage: v0.2.7

Metric	Value	Δ vs Previous
PRs analyzed	4	-26 ↓
Critical issues	2	-21 ↓
Major issues	5	-115 ↓
Issues per PR	1.8	-3.0 ↓
Coverage gaps	5	-120 ↓

Trend

Release	Date	PRs	Critical	Major	Per PR	Gaps
v0.2.0	2026-04-10	30	23	120	4.8	125
v0.2.7	2026-05-11	4	2	5	1.8	5

Top Uncovered Patterns

1. Fix TypeScript compilation error in mock typing. (2 occurrences, impact: 8) — frontend
2. Prefer the current user's credential file before scanning the directory. (2 occurrences, impact: 6) — runner
3. Silently returning "" on transient errors recreates the 401 this PR is fixing. (1 occurrences, impact: 3) — operator
4. Add explicit namespace scoping for this policy (1 occurrences, impact: 3) — manifests
5. Scope ingress to backend pods, not all pods (1 occurrences, impact: 3) — manifests

Recommended Guardrails

CLAUDE.md Conventions

• Fix TypeScript compilation error in mock typing.: Enforce via convention (needs specific rule)
• Prefer the current user's credential file before scanning the directory.: Enforce via convention (needs specific rule)
• Silently returning "" on transient errors recreates the 401 this PR is fixing.: Enforce via convention (needs specific rule)
• Add explicit namespace scoping for this policy: Enforce via convention (needs specific rule)
• Scope ingress to backend pods, not all pods: Enforce via convention (needs specific rule)

Hookify Rules

• PreToolUse hook for fix typescript compilation error in mock typing. enforcement in TypeScript code
• PreToolUse hook for prefer the current user's credential file before scanning the directory. enforcement in Python code
• PreToolUse hook for silently returning "" on transient errors recreates the 401 this pr is fixing. enforcement in Go code
• PreToolUse hook for add explicit namespace scoping for this policy enforcement in TypeScript code
• PreToolUse hook for scope ingress to backend pods, not all pods enforcement in TypeScript code

Release v0.2.6

Release v0.2.6

Changes since v0.2.5

🎉 First-Time Contributors

• João Vilaça

jsell-rh (13)

• chore(sdk): regenerate all SDKs with typed action methods (#1524) (3b05694)
• fix(sdk): extend generator to support typed action methods (#1523) (444697c)
• feat(sdk): optional token, relative baseUrl, display_name, execution fields (#1513) (3cdb4b6)
• feat(frontend): add catch-all proxy route for ambient API v1 (#1511) (523a060)
• fix: resolve golangci-lint errcheck and unused findings (#1507) (e5af6bc)
• fix(scheduled-sessions): CI lint and review feedback (#1503) (80f9aed)
• feat(scheduled-sessions): OpenAPI spec + optional agent_id + execution fields (#1502) (27cd77d)
• refactor(frontend): add ports/adapters API layer for backend migration (#1492) (1b4ec53)
• feat(frontend): markdown rendering improvements with syntax highlighting (#1476) (c09b35c)
• refactor: unified spec, skills, and workflow organization (#1488) (15429ad)
• feat(ui): add scroll-to-bottom button and improve scroll navigation (#1491) (9db12b3)
• feat(cli): k9s-style TUI resource browser (#1468) (3d9d991)
• fix(control-plane): map AgentID in gRPC session event deserialization (#1472) (9affddf)

github-actions[bot] (10)

• deps(runner): bump claude-agent-sdk 0.1.80 (#1541) (a455af3)
• deps(runner): bump claude-agent-sdk 0.1.77 (#1533) (ed0e6b4)
• chore: update model manifest (#1530) (070520c)
• deps(runner): bump claude-agent-sdk 0.1.76, anthropic 0.100.0 (#1516) (64ac3ae)
• deps(runner): bump claude-agent-sdk 0.1.73, anthropic 0.98.1 (#1495) (c8e0ff9)
• deps(runner): bump claude-agent-sdk 0.1.72 (#1489) (7379f13)
• deps(runner): bump claude-agent-sdk 0.1.71 (#1479) (975bb5e)
• deps(runner): bump claude-agent-sdk 0.1.69 (#1474) (d347d53)
• deps(runner): bump claude-agent-sdk 0.1.68 (#1467) (146a289)
• deps(runner): bump claude-agent-sdk 0.1.66, anthropic 0.97.0 (#1459) (954024d)

Mark Turansky (10)

• spec(security): add security boundary specification and refactor model spec (#1514) (a32da5f)
• fix(google-oauth): add PKCE support to fix missing code_verifier error (#1481) (0b405b4)
• fix(google-oauth): set correct OAuth redirect URI for workspace-mcp in runner pods (#1480) (7ba24ef)
• spec: add ScheduledSession Kind, session sub-resources, and generic proxy surface (#1456) (7e7eded)
• fix(api-server): handle Keycloak service-account- prefix in OIDC username matching (#1465) (89f4a70)
• fix(api-server): register pre-auth interceptors when only GRPC_SERVICE_ACCOUNT is set (#1455) (44893b9)
• fix(api-server): recognize OIDC service tokens as service callers for gRPC authz (#1452) (17d66f1)
• fix(manifests): reconcile base manifests with MPP — add missing CP and api-server config (#1450) (725c995)
• fix(manifests): add roles permission to control-plane ClusterRole (#1449) (e247e38)
• fix(manifests): add CP token server Service and CP_TOKEN_URL for runner gRPC auth (#1448) (ab0b389)

dependabot[bot] (5)

• chore(deps-dev): bump @babel/plugin-transform-modules-systemjs from 7.29.0 to 7.29.4 in /e2e in the npm_and_yarn group across 1 directory (#1540) (1f2b53c)
• chore(deps): bump the npm_and_yarn group across 2 directories with 3 updates (#1539) (e66be46)
• chore(deps): bump python-multipart from 0.0.26 to 0.0.27 in /components/runners/ambient-runner in the uv group across 1 directory (#1521) (d5fa97b)
• chore(deps): bump the go_modules group across 2 directories with 1 update (#1462) (7b88431)
• chore(deps): bump github.com/Azure/go-ntlmssp from 0.0.0-20221128193559-754e69321358 to 0.1.1 in /components/backend in the go_modules group across 1 directory (#1446) (720bad8)

ambient-code[bot] (5)

• fix(frontend): mobile responsive layout issues (#1538) (ecff69a)
• feat(frontend): add sidebar filters for author and status (#1512) (7149354)
• fix(operator): defer workflow reconciliation until runner is ready (#1487) (6347f32)
• feat(ui): add scroll-to-top button in session view (#1483) (d1645a9)
• fix(vertex): switch CLOUD_ML_REGION default from us-east5 to global (#1453) (85af3da)

Gage Krumbach (2)

• feat(frontend): display workspace name in session UI views (#1544) (44a9b17)
• feat(build): add org.opencontainers.image.revision OCI label to ambient-control-plane and ambient-mcp (#1543) (af35928)

Jeremy Eder (1)

• fix(runner): add health probes and improve INITIAL_PROMPT error logging (#1529) (6821b77)

João Vilaça (1)

• fix(frontend): parse cron scheduled session times as UTC (#1496) (933691f)

Bob Gregor (1)

• feat(frontend): add FTUE welcome wizard for first-time users (#1473) (e6f1828)

Full Changelog: v0.2.5...v0.2.6

---

CodeRabbit Triage Summary

CodeRabbit Triage: v0.2.6

Metric	Value	Δ vs Previous
PRs analyzed	16	-14 ↓
Critical issues	3	-20 ↓
Major issues	39	-81 ↓
Issues per PR	2.6	-2.2 ↓
Coverage gaps	38	-87 ↓

Trend

Release	Date	PRs	Critical	Major	Per PR	Gaps
v0.2.0	2026-04-10	30	23	120	4.8	125
v0.2.6	2026-05-11	16	3	39	2.6	38

Top Uncovered Patterns

1. Fix TypeScript compilation error in mock typing. (2 occurrences, impact: 8) — frontend
2. Normalize the redirect base URL before concatenation. (2 occurrences, impact: 6) — frontend, operator
3. Handle the integrations query failure path. (2 occurrences, impact: 6) — frontend
4. Fix ST1000 by adding a package comment for views. (2 occurrences, impact: 6) — cli
5. Critical: referenced Secret keys do not exist in the base ambient-api-server Secret (1 occurrences, impact: 4) — manifests
6. Liveness probe will not restart containers due to RestartPolicyNever (1 occurrences, impact: 3) — operator
7. Public contract break in AgentAPI.start() return type (1 occurrences, impact: 3) — sdk
8. Resource IDs not URL-encoded in path segments—fix must be applied to generator, not generated file (1 occurrences, impact: 3) — sdk
9. Fix runs() return type — generator emitted Record<string, unknown> instead of SessionList. (1 occurrences, impact: 3) — sdk
10. Create endpoint schema exposes server-managed fields as client input (1 occurrences, impact: 3) — api-server

Recommended Guardrails

CLAUDE.md Conventions

• Fix TypeScript compilation error in mock typing.: Enforce via convention (needs specific rule)
• Normalize the redirect base URL before concatenation.: Enforce via convention (needs specific rule)
• Handle the integrations query failure path.: Enforce via convention (needs specific rule)
• Fix ST1000 by adding a package comment for views.: Enforce via convention (needs specific rule)
• Critical: referenced Secret keys do not exist in the base ambient-api-server Secret: Enforce via convention (needs specific rule)
• Liveness probe will not restart containers due to RestartPolicyNever: Enforce via convention (needs specific rule)
• Public contract break in AgentAPI.start() return type: Enforce via convention (needs specific rule)
• Resource IDs not URL-encoded in path segments—fix must be applied to generator, not generated file: Enforce via convention (needs specific rule)
• Fix runs() return type — generator emitted Record<string, unknown> instead of SessionList.: Enforce via convention (needs specific rule)
• Create endpoint schema exposes server-managed fields as client input: Enforce via convention (needs specific rule)

Hookify Rules

• PreToolUse hook for fix typescript compilation error in mock typing. enforcement in TypeScript code
• PreToolUse hook for normalize the redirect base url before concatenation. enforcement in Go code
• PreToolUse hook for handle the integrations query failure path. enforcement in TypeScript code
• PreToolUse hook for fix st1000 by adding a package comment for views. enforcement in TypeScript code
• PreToolUse hook for critical: referenced secret keys do not exist in the base ambient-api-server secret enforcement in TypeScript code
• PreToolUse hook for liveness probe will not restart containers due to restartpolicynever enforcement in Go code
• PreToolUse hook for public contract break in agentapi.start() return type enforcement in TypeScript code
• PreToolUse hook for resource ids not url-encoded in path segments—fix must be applied to generator, not generated file enforcement in TypeScript code
• PreToolUse hook for fix runs() return type — generator emitted record<string, unknown> instead of sessionlist. enforcement in TypeScript code
• PreToolUse hook for create endpoint schema exposes server-managed fields as client input enforcement in TypeScript code

Release v0.2.5

Release v0.2.5

Changes since v0.2.4

🎉 First-Time Contributors

• jsell-rh

Mark Turansky (2)

• fix(manifests): add OIDC client credentials to control-plane deployment (#1445) (551e4f2)
• fix(api-server,control-plane): replace remaining AutoMigrate with raw SQL, fix CP_RUNTIME_NAMESPACE (#1442) (9e787d2)

jsell-rh (2)

• fix(frontend): correct GitHub callback path and add production ConfigMap patch (#1443) (74900d0)
• fix(frontend): pass redirect_uri for multi-cluster GitHub App OAuth (#1441) (d845d7f)

Jeremy Eder (1)

• Rename Sharing to Pair Prompting and improve grant dialog UX (#1444) (47e770f)

Full Changelog: v0.2.4...v0.2.5

---

CodeRabbit Triage Summary

CodeRabbit Triage: v0.2.5

Metric	Value	Δ vs Previous
PRs analyzed	2	-28 ↓
Critical issues	1	-22 ↓
Major issues	1	-119 ↓
Issues per PR	1.0	-3.8 ↓
Coverage gaps	2	-123 ↓

Trend

Release	Date	PRs	Critical	Major	Per PR	Gaps
v0.2.0	2026-04-10	30	23	120	4.8	125
v0.2.5	2026-04-23	2	1	1	1.0	2

Top Uncovered Patterns

1. Critical: referenced Secret keys do not exist in the base ambient-api-server Secret (1 occurrences, impact: 4) — manifests
2. Restore required constraints in agents DDL (1 occurrences, impact: 3) — api-server

Recommended Guardrails

CLAUDE.md Conventions

• Critical: referenced Secret keys do not exist in the base ambient-api-server Secret: Enforce via convention (needs specific rule)
• Restore required constraints in agents DDL: Enforce via convention (needs specific rule)

Hookify Rules

• PreToolUse hook for critical: referenced secret keys do not exist in the base ambient-api-server secret enforcement in TypeScript code
• PreToolUse hook for restore required constraints in agents ddl enforcement in TypeScript code

Release v0.2.4

Release v0.2.4

Changes since v0.2.3

Mark Turansky (1)

• fix(runner): restore operator-path credential fetch broken by alpha migration (#1439) (d7533c8)

dependabot[bot] (1)

• chore(deps): bump github.com/jackc/pgx/v5 from 5.9.0 to 5.9.2 in /components/ambient-api-server in the go_modules group across 1 directory (#1435) (278f6bb)

Jeremy Eder (1)

• fix: use absolute paths for all Claude Code hook commands (#1434) (e170db0)

Full Changelog: v0.2.3...v0.2.4

---

CodeRabbit Triage Summary

CodeRabbit Triage: v0.2.4

Metric	Value	Δ vs Previous
PRs analyzed	1	-29 ↓
Critical issues	1	-22 ↓
Major issues	1	-119 ↓
Issues per PR	2.0	-2.8 ↓
Coverage gaps	2	-123 ↓

Trend

Release	Date	PRs	Critical	Major	Per PR	Gaps
v0.2.0	2026-04-10	30	23	120	4.8	125
v0.2.4	2026-04-22	1	1	1	2.0	2

Top Uncovered Patterns

1. Add NOT NULL constraint to owner_user_id column in migration. (1 occurrences, impact: 4) — api-server
2. Add `components/ambient-sdk/ (1 occurrences, impact: 3) — ci

Recommended Guardrails

CLAUDE.md Conventions

• Add NOT NULL constraint to owner_user_id column in migration.: Enforce via convention (needs specific rule)
• Add `components/ambient-sdk/: Enforce via convention (needs specific rule)

Hookify Rules

• PreToolUse hook for add not null constraint to owner_user_id column in migration. enforcement in TypeScript code
• PreToolUse hook for add `components/ambient-sdk/ enforcement in TypeScript code

Release v0.2.3

Release v0.2.3

Changes since v0.2.2

Mark Turansky (2)

• fix(ci,api-server): fix control-plane build context and migration parameter mismatch (#1428) (341747a)
• fix(ci,api-server): add control-plane + mcp to build pipelines, fix migration parameter mismatch (#1426) (0eaa121)

github-actions[bot] (1)

• deps(runner): bump claude-agent-sdk 0.1.65 (#1422) (36dc70a)

dependabot[bot] (1)

• chore(deps): bump github.com/buger/jsonparser from 1.1.1 to 1.1.2 in /components/ambient-mcp in the go_modules group across 1 directory (#1427) (ab3d790)

Full Changelog: v0.2.2...v0.2.3

---

CodeRabbit Triage Summary

CodeRabbit Triage: v0.2.3

Metric	Value	Δ vs Previous
PRs analyzed	8	-22 ↓
Critical issues	18	-5 ↓
Major issues	58	-62 ↓
Issues per PR	9.5	+4.7 ↑
Coverage gaps	67	-58 ↓

Trend

Release	Date	PRs	Critical	Major	Per PR	Gaps
v0.2.0	2026-04-10	30	23	120	4.8	125
v0.2.3	2026-04-22	8	18	58	9.5	67

Top Uncovered Patterns

1. Critical: InboxMessageAPI endpoints use /projects routes instead of inbox-message-specific paths. (3 occurrences, impact: 12) — sdk
2. Add resource limits and pin DB image to immutable digest. (3 occurrences, impact: 10) — manifests
3. Paginate both project and per-project session fetches. (2 occurrences, impact: 7) — cli, other
4. Reject all mixed auth-field combinations, not just httpToken + gitcookiesContent. (2 occurrences, impact: 6) — backend
5. Thread the request-scoped K8s client into these Secret helpers. (2 occurrences, impact: 6) — backend
6. Add NOT NULL constraint to owner_user_id column in migration. (1 occurrences, impact: 4) — api-server
7. Add explicit timeout to all Gerrit proxy fetch calls (1 occurrences, impact: 4) — frontend
8. Fix Gerrit response-shape parsing (currently breaks instance extraction) (1 occurrences, impact: 4) — runner
9. Do not keep stale Gerrit config after fetch failures (1 occurrences, impact: 4) — runner
10. Serialize credential refresh/cleanup across concurrent runs. (1 occurrences, impact: 4) — runner

Recommended Guardrails

CLAUDE.md Conventions

• Critical: InboxMessageAPI endpoints use /projects routes instead of inbox-message-specific paths.: Enforce via convention (needs specific rule)
• Add resource limits and pin DB image to immutable digest.: Enforce via convention (needs specific rule)
• Paginate both project and per-project session fetches.: Enforce via convention (needs specific rule)
• Reject all mixed auth-field combinations, not just httpToken + gitcookiesContent.: Enforce via convention (needs specific rule)
• Thread the request-scoped K8s client into these Secret helpers.: Enforce via convention (needs specific rule)
• Add NOT NULL constraint to owner_user_id column in migration.: Enforce via convention (needs specific rule)
• Add explicit timeout to all Gerrit proxy fetch calls: Enforce via convention (needs specific rule)
• Fix Gerrit response-shape parsing (currently breaks instance extraction): Enforce via convention (needs specific rule)
• Do not keep stale Gerrit config after fetch failures: Enforce via convention (needs specific rule)
• Serialize credential refresh/cleanup across concurrent runs.: Enforce via convention (needs specific rule)

Hookify Rules

• PreToolUse hook for critical: inboxmessageapi endpoints use /projects routes instead of inbox-message-specific paths. enforcement in TypeScript code
• PreToolUse hook for add resource limits and pin db image to immutable digest. enforcement in TypeScript code
• PreToolUse hook for paginate both project and per-project session fetches. enforcement in TypeScript code
• PreToolUse hook for reject all mixed auth-field combinations, not just httptoken + gitcookiescontent. enforcement in Go code
• PreToolUse hook for thread the request-scoped k8s client into these secret helpers. enforcement in Go code
• PreToolUse hook for add not null constraint to owner_user_id column in migration. enforcement in TypeScript code
• PreToolUse hook for add explicit timeout to all gerrit proxy fetch calls enforcement in TypeScript code
• PreToolUse hook for fix gerrit response-shape parsing (currently breaks instance extraction) enforcement in Python code
• PreToolUse hook for do not keep stale gerrit config after fetch failures enforcement in Python code
• PreToolUse hook for serialize credential refresh/cleanup across concurrent runs. enforcement in Python code

Release v0.2.2

Release v0.2.2

Changes since v0.2.1

Jeremy Eder (2)

• fix(security): authenticate AG-UI runner endpoints to prevent cross-session attacks (#1378) (256d97d)
• feat: add Gerrit integration connector for code review workflows (#1387) (b993135)

dependabot[bot] (1)

• chore(deps): bump lxml from 6.0.2 to 6.1.0 in /components/runners/ambient-runner in the uv group across 1 directory (#1400) (d39cb88)

Mark Turansky (1)

• feat(runner,manifests): alpha migration PR 6+7 — runners and Kustomize overlays (#1379) (1aa8b42)

Full Changelog: v0.2.1...v0.2.2

---

CodeRabbit Triage Summary

CodeRabbit Triage: v0.2.2

Metric	Value	Δ vs Previous
PRs analyzed	7	-23 ↓
Critical issues	17	-6 ↓
Major issues	57	-63 ↓
Issues per PR	10.6	+5.8 ↑
Coverage gaps	65	-60 ↓

Trend

Release	Date	PRs	Critical	Major	Per PR	Gaps
v0.2.0	2026-04-10	30	23	120	4.8	125
v0.2.2	2026-04-21	7	17	57	10.6	65

Top Uncovered Patterns

1. Critical: InboxMessageAPI endpoints use /projects routes instead of inbox-message-specific paths. (3 occurrences, impact: 12) — sdk
2. Add resource limits and pin DB image to immutable digest. (3 occurrences, impact: 10) — manifests
3. Paginate both project and per-project session fetches. (2 occurrences, impact: 7) — cli, other
4. Reject all mixed auth-field combinations, not just httpToken + gitcookiesContent. (2 occurrences, impact: 6) — backend
5. Thread the request-scoped K8s client into these Secret helpers. (2 occurrences, impact: 6) — backend
6. Add explicit timeout to all Gerrit proxy fetch calls (1 occurrences, impact: 4) — frontend
7. Fix Gerrit response-shape parsing (currently breaks instance extraction) (1 occurrences, impact: 4) — runner
8. Do not keep stale Gerrit config after fetch failures (1 occurrences, impact: 4) — runner
9. Serialize credential refresh/cleanup across concurrent runs. (1 occurrences, impact: 4) — runner
10. Fix namespace mismatch in CP_TOKEN_URL (1 occurrences, impact: 4) — manifests

Recommended Guardrails

CLAUDE.md Conventions

• Critical: InboxMessageAPI endpoints use /projects routes instead of inbox-message-specific paths.: Enforce via convention (needs specific rule)
• Add resource limits and pin DB image to immutable digest.: Enforce via convention (needs specific rule)
• Paginate both project and per-project session fetches.: Enforce via convention (needs specific rule)
• Reject all mixed auth-field combinations, not just httpToken + gitcookiesContent.: Enforce via convention (needs specific rule)
• Thread the request-scoped K8s client into these Secret helpers.: Enforce via convention (needs specific rule)
• Add explicit timeout to all Gerrit proxy fetch calls: Enforce via convention (needs specific rule)
• Fix Gerrit response-shape parsing (currently breaks instance extraction): Enforce via convention (needs specific rule)
• Do not keep stale Gerrit config after fetch failures: Enforce via convention (needs specific rule)
• Serialize credential refresh/cleanup across concurrent runs.: Enforce via convention (needs specific rule)
• Fix namespace mismatch in CP_TOKEN_URL: Enforce via convention (needs specific rule)

Hookify Rules

• PreToolUse hook for critical: inboxmessageapi endpoints use /projects routes instead of inbox-message-specific paths. enforcement in TypeScript code
• PreToolUse hook for add resource limits and pin db image to immutable digest. enforcement in TypeScript code
• PreToolUse hook for paginate both project and per-project session fetches. enforcement in TypeScript code
• PreToolUse hook for reject all mixed auth-field combinations, not just httptoken + gitcookiescontent. enforcement in Go code
• PreToolUse hook for thread the request-scoped k8s client into these secret helpers. enforcement in Go code
• PreToolUse hook for add explicit timeout to all gerrit proxy fetch calls enforcement in TypeScript code
• PreToolUse hook for fix gerrit response-shape parsing (currently breaks instance extraction) enforcement in Python code
• PreToolUse hook for do not keep stale gerrit config after fetch failures enforcement in Python code
• PreToolUse hook for serialize credential refresh/cleanup across concurrent runs. enforcement in Python code
• PreToolUse hook for fix namespace mismatch in cp_token_url enforcement in TypeScript code

Release v0.2.0

Release v0.2.0

Changes since v0.1.4

🎉 First-Time Contributors

• Matt Knop
• Vishali Kamenani
• ambient-code[bot]
• angaduom

ambient-code[bot] (15)

• feat: add org.opencontainers.image.revision OCI label to all container images (#1270) (4137eed)
• fix: resolve stale Amber Session check runs stuck in_progress (#1255) (2da4ada)
• fix: update public-api Dockerfile Go version from 1.24 to 1.25 (#1279) (0c5a8e2)
• fix: improve amber-issue-handler UX (eyes reaction, comments, session links) (#1268) (0f68aa9)
• fix: remove --insecure-skip-tls-verify from CI oc login commands (#1272) (45ff21f)
• fix: change default model for new sessions to sonnet-4.6 (#1265) (c2fb97a)
• fix: align ambient-runner Dockerfile build context with other components (#1260) (d5555f7)
• feat: custom MCP server configuration per session and project (#1251) (09cf5f1)
• fix(docs): update GitHub Action docs to match ambient-action v0.0.5 (#1233) (1f254b2)
• fix: return error when ValidateJiraToken receives malformed URL (#1186) (68d8306)
• fix(runner): update GITHUB_TOKEN for gh CLI after credential refresh (#1185) (865dd9d)
• docs: update local-* target references to kind-* equivalents (#1184) (85ef723)
• fix: enable CodeRabbit auto-review on alpha branch (#1235) (0c95b38)
• fix(docs): pin zod to v3 to fix docs build (#1223) (f2ca496)
• fix: display UTC and local timezone in Scheduled Sessions UI (#1195) (f7efeef)

Gage Krumbach (11)

• feat: improve Slack notification formatting + read issue comments (#1238) (e341b83)
• feat: live model switching for running sessions (#1239) (07d6126)
• feat: review queue as readiness gate with Slack notifications (#1240) (c994ec5)
• fix: read issue comments for full context (#1237) (1d94340)
• fix: RHOAI MLflow deploy - channel mismatch and auto-create DB secret (#1228) (33be9af)
• feat: Slack notification on PR creation (#1227) (bcd258c)
• feat: post check runs on PRs with Amber session link (#1201) (70171b4)
• feat: add Gmail scopes and bump workspace-mcp to 1.17.1 (#1202) (005806f)
• Reduce Google Workspace MCP OAuth scopes using granular permissions (#1198) (7270194)
• chore: bump ambient-action to v0.0.5 (#1197) (cc9ad31)
• feat: amber GHA — stop-on-run-finished, prompt split, security fixes (#1193) (013f33f)

Jeremy Eder (4)

• fix(operator): add mlflow.kubeflow.org RBAC to operator ClusterRole (#1286) (5e5f584)
• fix(deps): resolve 13 Dependabot security alerts (#1284) (2389565)
• feat(ci): auto-generate loading tips from release metadata (#1044) (5768e12)
• fix: improve frontend mobile responsiveness (30666a6)

Sidney Glinton (3)

• CI: Support for pull-reviews video (#949) (0b84775)
• Deployment for Observability Dashboard (#1261) (519f9e4)
• perf: add SSAR cache, event log tail reads, and agent status cache (#1026) (ffe4a21)

dependabot[bot] (3)

• chore(deps): bump the go_modules group across 2 directories with 2 updates (#1256) (02d3d96)
• chore(deps): bump vite from 6.4.1 to 6.4.2 in /docs in the npm_and_yarn group across 1 directory (#1230) (ab7307a)
• chore(deps): bump vite from 7.3.1 to 7.3.2 in /components/frontend in the npm_and_yarn group across 1 directory (#1229) (97ab8c0)

Edson Tirelli (2)

• fix(runner): framework-agnostic observability naming + MLflow trace IDs (#1283) (3dd8436)
• feat(runner): optional MLflow tracing parallel to Langfuse (#1263) (81c601f)

Ken Dreyer (2)

• mount trusted CA bundle in runner pods (#1258) (a1ebe4a)
• document how to mount a custom CA bundle (#1250) (dc1f42e)

angaduom (1)

• Fix hover card covering delete button in sessions sidebar (#1246) (9c0bbeb)

Matt Knop (1)

• removing label vendor value (#1241) (4c8486e)

Martin Prpič (1)

• Migrate LDAP integration from legacy to IPA (#973) (b130dc8)

Michael Skarbek (1)

• chore(deps): bump google.golang.org/grpc to v1.79.3 (#1074) (17161ac)

Patrick Martin (1)

• feat(frontend): show workspace name in sidebar (#1150) (95c1703)

Vishali Kamenani (1)

• Preserve scroll position when switching between chat and file tabs (#1125) (32faa39)

Full Changelog: v0.1.4...v0.2.0

Release v0.1.4

Release v0.1.4

Changes since v0.1.3

Gage Krumbach (1)

• fix: increase minio PVC to 2Ti to match UAT (#1196) (440f5b9)

Full Changelog: v0.1.3...v0.1.4