@imdeadpool/guardex 5.0.5 → 5.0.8

package/README.md

@@ -69,6 +69,7 @@ gx cleanup --branch "$(git rev-parse --abbrev-ref HEAD)"
 ```
 
 If you use `scripts/codex-agent.sh`, the finish flow is auto-run after the Codex session exits.
+It auto-commits sandbox changes, retries once after syncing if the branch moved behind base during the run, then pushes/opens PR merge flow against the current base branch.
 
 ## Visual workflow
 
@@ -97,6 +98,9 @@ gx status
 # setup and repair
 gx setup
 gx doctor
+# setup + repair another repo without switching your current repo checkout
+gx setup --target /path/to/repo
+gx doctor --target /path/to/repo
 
 # protected branch management
 gx protect list
@@ -108,9 +112,9 @@ gx sync --check
 gx sync
 
 # continuously monitor open PRs targeting current branch and dispatch codex-agent review/merge tasks
-bash scripts/review-bot-watch.sh --interval 30
+gx review --interval 30
 
-# cleanup merged agent branches/worktrees
+# cleanup merged agent branches and hide clean stale agent worktrees
 gx cleanup
 
 # scan/report
@@ -123,7 +127,7 @@ gx report scorecard --repo github.com/recodeecom/multiagent-safety
 Run this in your local shell to keep watching PRs targeting the current branch (or `--base <branch>`):
 
 ```sh
-bash scripts/review-bot-watch.sh --interval 30
+gx review --interval 30
 ```
 
 Useful flags:
@@ -143,9 +147,12 @@ Note: the monitor dispatches Codex through explicit `--task/--agent/--base` flag
 - `gx setup` checks GitHub CLI (`gh`) and prints install guidance if missing.
 - Interactive self-update prompt defaults to **No** (`[y/N]`).
 - In initialized repos, `setup`/`install`/`fix` block protected-base writes unless explicitly overridden.
-- In VS Code Source Control, manual (non-Codex) commits/pushes to protected branches are allowed by default.
+- Direct commits/pushes to protected branches are blocked by default.
+- Exception: VS Code Source Control commits are allowed on protected branches that exist only locally (no upstream and no remote branch).
+- Optional repo override for manual VS Code protected-branch writes: `git config multiagent.allowVscodeProtectedBranchWrites true`.
 - Codex/agent sessions stay blocked on protected branches and must use `agent/*` branch + PR workflow.
 - On protected `main`, `gx doctor` auto-runs in a sandbox agent branch/worktree.
+- In-place agent branching is disabled; `scripts/agent-branch-start.sh` always creates a separate worktree to keep your visible local/base branch unchanged.
 - `scripts/agent-branch-start.sh` hydrates `scripts/codex-agent.sh` into new sandbox worktrees when missing, so auto-finish launcher flow stays available.
 
 ## Configure protected branches
@@ -238,6 +245,24 @@ npm pack --dry-run
 
 ## Release notes
 
+### v5.0.8
+
+- Fixed `bin/multiagent-safety.js` syntax regressions in the doctor sandbox flow (`Unexpected identifier` / `Unexpected end of input`) that were breaking CLI execution and CI tests.
+- Restored `scripts/codex-agent.sh` from `templates/scripts/codex-agent.sh` so critical runtime helper parity checks pass in clean CI clones.
+- Bumped package version from `5.0.7` to `5.0.8` for the next npm publish.
+
+### v5.0.7
+### Unreleased (generated draft, not versioned yet)
+
+- Add the user-facing changes for the next release here before assigning a version number.
+- Keep this section focused on behavior changes (`Added`, `Changed`, `Fixed`) rather than version-bump-only notes.
+
+### v5.0.6
+
+- `gx cleanup` and auto-finish cleanup now prune clean agent worktrees by default, so VS Code Source Control focuses on your local branch plus worktrees with active changes.
+- Added `gx cleanup --keep-clean-worktrees` to opt out and keep clean worktrees visible.
+- Bumped package version from `5.0.5` to `5.0.6` for the next npm publish.
+
 ### v5.0.5
 
 - Bumped package version from `5.0.4` to `5.0.5` so npm publish can proceed with the next patch release.