Skip to main content
June 12, 2026

Week of June 8 – June 12

New

GitHits onboarding skill A new githits-onboarding skill walks coding agents through a safe, staged GitHits setup — detecting supported tools, asking before writing any config, installing the ones you pick, guiding you through login, and verifying the result. It ships as a public skill and as part of the Claude Code plugin. Install GitHits Skills and your agent can run setup for you instead of you wiring init flags by hand.

Improved

More resilient githits init on slow machines Agent detection and config probes in githits init now run with bounded timeouts (2–5s) so a stuck binary lookup or hung config check fails fast instead of stalling onboarding. Set GITHITS_INIT_TRACE=1 to print step-by-step diagnostics on stderr when you need to debug a detection issue — JSON output on stdout is unaffected and stays machine-parseable.
June 5, 2026

Week of June 1 – June 5

New

OpenCode support in githits init githits init now detects and configures OpenCode alongside the other supported AI coding tools, with a higher generated MCP timeout tuned for OpenCode’s session flow.Safer MCP package tool inputs Package inspection tools picked up cleaner, agent-safer schemas: pkg_deps now takes max_depth, pkg_changelog takes omit_bodies, and pkg_upgrade_review takes skip_transitive_security. Defaults are no longer silently coupled to other options, so agents get more predictable behavior on every call.

Improved

Better language search results githits languages and the search_language MCP tool now route queries through the backend’s ranked /languages endpoint instead of local filtering. Short aliases like ts, py, js, c++, and c# now surface the right language first.Clearer authentication errors Auth failures now distinguish missing local credentials from backend-rejected tokens, both in CLI JSON output and MCP error envelopes. Remediation guidance points you to the right next step — OAuth login, GITHITS_API_TOKEN, or support — instead of a generic “not authenticated” message.Normalized empty MCP search filters The search tool no longer fails with INVALID_ARGUMENT when an agent passes empty docs-only filter fields. Blank filters are treated as absent, matching how other MCP inputs behave.

Fixed

  • Concurrent agents no longer invalidate each other’s auth tokens. Token refresh is now serialized across CLI and MCP processes sharing the same credentials, so running multiple agents in parallel won’t spend a single-use refresh token twice and log you out.
May 29, 2026

Week of May 25 – May 29

New

Project-level githits init githits init now supports installing GitHits MCP configuration at the project level, alongside the existing user-level setup. Project mode covers detect, install, and uninstall flows for supported agents — including a new VS Code stdio config — so you can scope GitHits to a single repo without touching your global agent setup.githits doctor diagnostics command A new githits doctor command prints a redacted snapshot of your runtime, environment, config path, service override, and auth file state. Text and --json output are both supported, and probes are read-only so running it never triggers auth migration or token refreshes. Use it first when filing an issue.Swift package support Swift is now a first-class registry across search, code navigation, documentation access, and package inspection. Vulnerability and dependency lookups, v-prefixed versions, and GitHub-shaped package coordinates all work for Swift packages out of the box.

Improved

Simpler search source selection The search tool and githits search --source now take a single source value instead of a list. Descriptions for target and source were also rewritten to be clearer for agents. Passing --source more than once is now rejected explicitly instead of silently picking one.Request timeouts everywhere REST, OAuth, and package metadata GraphQL calls now share a fetch timeout wrapper with timeout-specific error classification, so stalled requests fail fast with a clear reason instead of hanging.Structured auth failures Missing-auth failures from authenticated commands now return a consistent JSON envelope (AUTH_REQUIRED), while terminal sessions still see the friendly login guidance. Easier to handle from scripts and agents.

Fixed

  • Empty optional MCP fields no longer break tool calls. pkg_upgrade_review, search targets, pkg_changelog addressing, and code_* targets now treat harness-filled empty arrays and blank strings as absent instead of failing validation.
  • Token refresh races hardened. Concurrent refresh attempts coalesce correctly across soft and forced refreshes, rotated refresh tokens are preserved on same-lineage conflicts, and newer external sessions/logouts still take precedence.
  • Windows init no longer triggers Node DEP0190. Subprocess probes now run through cmd.exe with safe argument escaping so shim resolution works without deprecation warnings.
May 22, 2026

Week of May 18 – May 22

New

Hermes Agent support in githits init githits init now detects Hermes Agent alongside the other supported AI coding tools and writes its MCP server configuration to ~/.hermes/HERMES_HOME while preserving existing YAML comments. Run githits init to set it up.Agent-safe staged onboarding The init command now supports a staged, non-interactive flow for agents and CI. New flags on githits init:
  • --detect-agents — scan for supported AI tools and exit without making changes.
  • --install-agents <ids> — install only the agents you explicitly name. Idempotent for already-configured agents.
  • --json — emit detection and install results as structured JSON.
--yes is rejected in non-interactive runs to prevent surprise side effects. See the headless CI guide for usage patterns.Copy-paste agent snippet on the init ready screen After setup completes, githits init now prints a snippet you can drop directly into your AGENTS.md or CLAUDE.md so your agent knows when to reach for GitHits tools.

Improved

Redesigned init onboarding flow Rewritten copy across every init screen (intro, detect, choose, sign-in, install, ready, uninstall) in a clearer, agent-focused voice. The CLI also picks up a new brand color, a gradient ASCII logo, highlighted --help section titles, and an animated spinner with rotating labels on example, search, code, and docs while requests are in flight.Target resolution feedback for code navigation Code navigation tools (search, code_files, code_read, code_grep) now surface compact, actionable warnings when a target needs freshness or indexing attention, and stay quiet on healthy default-branch requests. Follow-up targets and default-branch intent are preserved across calls.Severity-filtered transitive upgrade advisories pkg_upgrade_review now applies your min_severity setting to transitive vulnerability counts, so the evidence you see matches the threshold you asked for. The previous “transitive counts are unfiltered” caveat has been removed.

Fixed

  • --no-color now actually disables color. The flag was previously registered but never wired up. Every styled output across the CLI now respects it.
  • githits logout no longer reads the keychain. Logout completes cleanly without unnecessary credential prompts.
  • Auth is refreshed before init login to avoid stale-session failures during onboarding.
  • Init detection messaging is clearer when no compatible agents are found, and login guidance is suppressed when an install step fails.
  • Node 20 compatibility restored after a regression in the previous release.
  • Stale-search warnings suppressed when the follow-up target matches the original request.