Changelog

Release history

New features, improvements, and fixes.

  • v1.6.12026-06-12

    Smoother /update-gaia and /gaia-wiki runs, plus a Docker build fix.

    Improved

    • The full /gaia-wiki maintenance chain opens a single pull request covering sync, consolidate, and lint, instead of a separate pull request for each stage.
    • /update-gaia clears leftover artifacts from a previous interrupted run when you confirm an update, so each run starts from a clean state.
    • /update-gaia automatically refreshes a stale Code Review Audit CI workflow, re-rendering it from the current release template, and the refreshed workflow clears the merge gate without a redundant re-audit.

    Fixed

    • Docker builds of GAIA apps copy pnpm-workspace.yaml into their pnpm stages, so the build no longer fails on the missing workspace file.
  • v1.6.02026-06-11

    A new /gaia-harden command that turns recurring review findings into durable rules, a human gate for /gaia-audit, and preview-and-snooze for /update-deps.

    New

    • A new /gaia-harden command turns recurring review findings into durable guardrails. When Code Review Audit flags the same kind of problem across three or more pull requests in a rolling 90-day window, GAIA nudges you to run /gaia-harden; it proposes the lightest lasting fix for that pattern (a path-scoped rule, a deterministic check, or a skill) and drafts it for your approval. Nothing lands in your repo without your say-so.
    • When you run Code Review Audit on CI, it prints a per-phase progress timeline (scope, oracles, review, verification, report) into the GitHub Actions summary, so an otherwise-silent run shows where it is. It carries no tool output or secrets and never blocks the audit.

    Improved

    • /update-deps shows an interactive preview before it changes anything, grouped into major, minor, patch, and non-semver buckets. Snooze the updates you are not ready for: snoozed items drop out of the statusline count and resurface on their own after 14 days or when a newer version ships.
    • /gaia-audit researches first and presents a single Apply, Discuss, or Decline gate before it touches any file, rather than applying changes end to end. A new CONFLICT class catches entries that contradict an authoritative source, an interrupted run resumes cleanly with a 72-hour grace window before findings need re-checking, and it verifies its own edits after applying.
    • /gaia-fitness renders its report as a deterministic ASCII card, so the grades and findings read the same in every terminal instead of shifting with the model formatting.
    • GAIA apps upgrade to pnpm 11.5.2. Workspace settings (dependency overrides, allowed build scripts, hoist patterns) now live in pnpm-workspace.yaml instead of package.json and .npmrc, and /update-gaia migrates them for you field by field, keeping your own overrides and build approvals while applying the release updates.
    • Dependency refresh: React and React DOM 19.2.7, React Router 7.17.0, Storybook 10.4.2, axe-core 4.12.0, happy-dom 20.10.1, and i18next 26.3.1. Two CVE overrides (brace-expansion and ws) are dropped now that the upstream fixes ship natively.
    • The TypeScript config adopts two TypeScript 7 prerequisites, stableTypeOrdering and noUncheckedSideEffectImports, while still on TypeScript 6, so the eventual TypeScript 7 upgrade becomes a dependency bump rather than a migration.
    • Code Review Audit runs its holistic review with a coverage-first pass that surfaces every candidate finding before filtering it, so fewer real issues slip through.
    • /gaia-plan and /gaia-spec dispatch every subagent from a single orchestrator, so multi-task plans run to completion instead of occasionally stalling, and each task runs on its intended model.

    Fixed

    • react-doctor reads a single doctor.config.jsonc. If you still have a legacy react-doctor.config.json, rename it.
    • /update-gaia no longer dead-ends when you interrupt a run partway through: it defers the version-file bump until after the summary prints, so a resumed run picks up from the right baseline instead of reporting it is already up to date.
    • /update-deps no longer points at a maintainer-only file path that does not exist on your clone.
  • v1.5.02026-06-05

    Discrete /gaia-* slash commands, dependency-CVE advisories, and a smarter /update-gaia.

    New

    • The tdd skill mechanically verifies the RED phase: it confirms a new test actually fails before you write the implementation, catching tests that pass by accident before they mask missing behavior.
    • Code Review Audit now flags known-vulnerable dependencies: a pnpm audit pass surfaces high and critical CVEs during pre-merge review as an advisory, so you see them without blocking the merge.
    • The wiki commands (/gaia-wiki sync, consolidate, lint) ship with native checks instead of depending on the external claude-obsidian plugin.

    Improved

    • The /gaia <subcommand> router is replaced by discrete /gaia-* commands, so every workflow appears in slash-command autocomplete: /gaia-plan, /gaia-spec, /gaia-audit, /gaia-fitness, /gaia-forensics, /gaia-wiki, /gaia-handoff, and /gaia-pickup. The old space-form /gaia <sub> is removed; sub-arguments are unchanged (for example /gaia-wiki sync). If you call the old form in scripts or notes, switch to the matching /gaia-<sub> command.
    • The Code Review Audit merge gate skips pull requests that change only docs, wiki, or metadata, so a docs-only change merges without waiting on an audit marker.

    Fixed

    • /update-gaia merges your package.json field by field instead of as one opaque block: it never touches your name, version, description, or author, applies only the real dependency and script changes from the release, and never re-adds a dependency you removed. A version-only release now skips package.json entirely instead of raising a full-file conflict every time.
  • v1.4.02026-06-02

    /update-gaia stops fighting you over your own files.

    Fixed

    • /update-gaia no longer re-adds files you intentionally deleted.
    • /update-gaia only raises conflicts for files that actually changed in the release, instead of flooding you with spurious patches.
    • Wiki entries take their dates from your system clock instead of the model, so timestamps are always correct.
  • v1.3.52026-06-02

    Faster, cheaper CI and a hardened dependency supply chain.

    New

    • Dependency supply-chain hardening: new package versions are quarantined for 7 days before GAIA installs them, and downgrades are blocked, defending against a compromised fresh release.
    • GAIA apps now ship with a Content-Security-Policy that restricts which scripts can run, hardening them against script injection.

    Improved

    • Code Review Audit on CI is now opt-in and installs on demand. When it runs, it only audits changes since the last green run instead of the whole codebase, so CI is faster and cheaper.
    • React Router v8 future flags are enabled so your app is ready for the v8 upgrade early. One flag (v8_passThroughRequests) changes how loaders and actions receive the request: if you have customized app/root.tsx, a small migration is needed. See the full changelog for exact steps.
    • Kickoff prompts print to the terminal instead of silently copying to your clipboard.

    Fixed

    • Form/Chain merges class names with twMerge, so your utility classes override the component's defaults instead of conflicting with them.
  • v1.3.42026-05-26

    Internal CI and release-tooling fixes.

    Maintenance release. Internal fixes to GAIA's own CI and PR-rollup tooling, with no change to adopter-facing behavior.

  • v1.3.32026-05-22

    /setup-gaia-ci detects and repairs drifted CI workflow files.

    New

    • /setup-gaia-ci now detects when your committed GAIA CI workflow files have drifted from what GAIA would generate today. On a re-run it compares each tool's workflow YAML against a fresh render and reports what is out of sync, then offers to re-render, skip, or fully reconfigure instead of silently doing nothing. A new drift-fix path opens a branch and PR that regenerates only the workflow YAML, leaving your tool selection and bot token untouched.
  • v1.3.22026-05-22

    GAIA CI maintenance

    Internal correctness fixes to the GAIA CI Code Review Audit workflow.

  • v1.3.12026-05-22

    /update-gaia runs to completion and opens a PR.

    Fixed

    • /update-gaia now finishes a full run and opens a pull request at the end, instead of leaving the update stranded on a branch.
    • /update-gaia records the new version correctly when it busts its cache.
  • v1.3.02026-05-22

    GAIA apps now ship with a Content-Security-Policy, and accessibility testing is built in.

    New

    • GAIA apps now ship with a per-request nonce Content-Security-Policy, so only scripts carrying the request nonce can run and inline injection is blocked.
    • axe-core accessibility testing is wired into both Vitest and Playwright, so you can catch a11y violations in unit tests and end-to-end flows.
    • /gaia plan and /gaia spec can run concurrently in separate sessions without clashing. Atomic writes keep racing sessions from corrupting committed state.

    Improved

    • GAIA apps detect client hints with a pre-paint inline script instead of a reload, removing the flash and extra page load on first visit.
    • The /setup-gaia command is renamed to /setup-cloned-gaia-project.

    Fixed

    • The Checkboxes, FieldDescription, and TextArea components ship accessibility fixes, including a dropped nested live region that screen readers announced incorrectly.
    • Form components handle edge cases correctly across the board.
    • GAIA apps reject non-local redirect targets and close an XSS vector, so a crafted redirect or payload cannot send users off-site or run injected markup.
  • v1.2.32026-05-20

    Internal release-tooling hardening

    Hardens GAIA's own release and repo-safety tooling with no change to how GAIA apps behave.

  • v1.2.22026-05-19

    Maintenance release

    Internal release-tooling fixes. No changes to how GAIA apps behave.

  • v1.2.12026-05-19

    Concurrency-safe task orchestration and WSL support.

    Fixed

    • Running two planning or orchestration sessions at once no longer corrupts shared state: a running sentinel detects a concurrent orchestrator, and plan creation uses an atomic directory claim to avoid a race.
    • Husky git hooks now run on Linux and WSL.
  • v1.2.02026-05-12

    A new health check that diagnoses and repairs your Claude integration.

    New

    • /gaia fitness, a command that audits your project's Claude integration, auto-heals the problems it finds, and reports a health grade so you can tell at a glance whether your setup is in good shape.
  • v1.1.12026-05-11

    GAIA release fixes

    Fixes the maintainer reference in the GAIA release tooling, plus follow-up corrections surfaced while running new-project setup.

  • v1.1.02026-05-10

    Built-in accessibility testing, dead-code detection, and Serena-powered code intelligence.

    New

    • Accessibility testing is built in: axe-core runs in both Vitest and Playwright, so your components and user flows are checked for a11y violations as part of the normal test suite.
    • Dead-code detection via knip. Run pnpm knip after refactors or before release-candidate PRs to find unused files, exports, and dependencies. The config is template-aware, so intentional exports in your library surface are not flagged.
    • Serena MCP gives Claude LSP-backed code intelligence for fast, accurate TypeScript and TSX symbol lookups instead of text search. Registered by /gaia-init; requires uv.
    • /gaia forensics turns a workflow misfire into a redacted, filing-ready bug report in one pass.

    Improved

    • **BREAKING:** the /wiki-sync, /wiki-consolidate, and /wiki-lint slash commands are removed. Use /gaia wiki sync, /gaia wiki consolidate, /gaia wiki lint, or /gaia wiki for the full chain. This resolves a name collision with the claude-obsidian plugin. See the full changelog for details.
    • /gaia audit no longer covers intra-wiki duplication or broken-wikilink checks, which overlapped with the wiki commands. Run /gaia wiki separately for wiki-internal audits.
  • v1.0.52026-05-04

    Language-aware project setup and visible update prompts.

    Improved

    • /gaia-init now asks for your primary language and any additional locales when it scaffolds a project, with an opt-out path that strips i18n entirely.

    Fixed

    • The /update-deps and /update-gaia prompts move to the statusline, so they stay visible instead of firing once where you might miss them.
  • v1.0.42026-05-01

    Maintenance release

    Internal maintenance only: a fix to a GAIA repo-scope git guard and a wiki hygiene pass. No changes to how GAIA apps behave.

  • v1.0.32026-05-01

    Maintenance release

    Internal reliability fixes to GAIA's own Claude hooks. No changes to how GAIA apps behave.

  • v1.0.22026-05-01

    Quiet the pnpm build-script warning on a fresh install.

    Fixed

    • A fresh pnpm install of a GAIA app no longer prints the pnpm build-script approval warning: the build scripts for core-js-pure, esbuild, msw, and unrs-resolver are pre-approved.
  • v1.0.12026-05-01

    Typing /init reliably redirects to /gaia-init.

    Fixed

    • Running /init in a GAIA project now redirects you to /gaia-init reliably, and the "blocked by hook" banner no longer appears.
  • v1.0.02026-04-30

    The first public release of GAIA.

    Inaugural release. GAIA ships a Claude-native React foundation built for agentic development from day one: a curated React Router 7 app skeleton (React 19, Tailwind v4, Vite, Vitest, TypeScript, MSW) with type-safe forms (Conform plus Zod), remix-i18next localization scaffolded for English and Japanese, and cookie-based dark mode. It comes with a Claude integration surface (rules, hooks, agent skills, and commands), GAIA workflows for task planning, session handoff and pickup, and knowledge-store hygiene, a wiki vault documenting the architecture and decisions, and a mandatory pre-commit quality gate that runs typecheck, lint, unit and end-to-end tests, and a build with zero warnings tolerated. Bootstrap a new project with npx create-gaia@latest my-app.

Follow new releases

Each version tags on GitHub with notes. Watch the repo or follow Releases for the next ship.