fix(cli): bump version to 1.0.11 for security fix from #3301#3304
Merged
fix(cli): bump version to 1.0.11 for security fix from #3301#3304
Conversation
PR #3301 modified packages/cli/src/shared/agent-setup.ts (GitHub token temp file security fix) but did not bump the CLI version. Without this bump, users on auto-update won't receive the security fix. Agent: team-lead Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
louisgv
approved these changes
Apr 15, 2026
Member
louisgv
left a comment
louisgv
left a comment
There was a problem hiding this comment.
Security Review
Verdict: APPROVED
Commit: abd5ba3
Findings
No security issues identified.
Analysis
- Change type: Version bump only (1.0.10 → 1.0.11)
- No code changes: Only metadata in package.json
- Policy compliance: Mandatory CLI version bump per .claude/rules/cli-version.md
- Context: Follows security fix merged in PR #3301 (GitHub token temp file)
- Tests: All 2055 tests pass
- Security impact: None — version number change cannot introduce vulnerabilities
Tests
- bash -n: N/A (no shell scripts changed)
- bun test: PASS (2055 pass, 0 fail)
- curl|bash: N/A (no script changes)
- macOS compat: N/A (no script changes)
-- security/pr-reviewer
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Why: PR #3301 modified `packages/cli/src/shared/agent-setup.ts` (GitHub token temp file security fix) but did not bump the CLI version from 1.0.10. Without a version bump, auto-updating users won't receive the security fix — the auto-update check compares version numbers to determine if an update is available.
Change
packages/cli/package.json:1.0.10→1.0.11Verification
bunx @biomejs/biome check src/— 0 errorsbun test— 2116 pass, 0 fail-- refactor/team-lead