Fixes

• Strengthen Stop-event deny/instruct instructions with mandatory framing so agents execute required actions instead of asking for confirmation (#109)
• Include legacy commit statuses (CodeRabbit, etc.) in CI green check — previously only Check Runs API was queried (#109)

Docs

• Remove beta version annotations from convention-based policies and allow(message) documentation (#110)

Fixes

• Strengthen Stop-event deny/instruct instructions with mandatory framing so agents execute required actions instead of asking for confirmation (#109)
• Include legacy commit statuses (CodeRabbit, etc.) in CI green check — previously only Check Runs API was queried (#109)

Full Changelog: v0.0.4...v0.0.5-beta.0

What's new in 0.0.4

Features

• Graduate 4 workflow policies from beta to stable: require-commit-before-stop, require-push-before-stop, require-pr-before-stop, require-ci-green-before-stop (#105)

Full Changelog: v0.0.3...v0.0.4

Features

• Graduate 4 workflow policies from beta to stable: require-commit-before-stop, require-push-before-stop, require-pr-before-stop, require-ci-green-before-stop (#105)

What's new in 0.0.3

Features

• Use portable npx -y failproofai command for project-scope hooks, making .claude/settings.json committable to git (#96)
• Parallelize translation workflow across 14 languages with concurrent file translation for faster CI (#98)
• Add manual workflow dispatch for translations with force (ignore cache) and languages filter inputs (#98)
• Tier-based model selection for translations: Sonnet for Tier 1, Haiku for Tier 2/3; add prompt caching on system prompt (#98)

Fixes

• Fix hooks not working in failproofai's own repo by using local binary instead of npx (#98)
• Fix translation workflow placing files at repo root instead of docs/ by setting download artifact path (#100)

Full Changelog: v0.0.2-beta.10...v0.0.3

0.0.2-beta.9 — 2026-04-15

Features

• Use portable npx -y failproofai command for project-scope hooks, making .claude/settings.json committable to git (#96)
• Parallelize translation workflow across 14 languages with concurrent file translation for faster CI (#98)
• Add manual workflow dispatch for translations with force (ignore cache) and languages filter inputs (#98)
• Tier-based model selection for translations: Sonnet for Tier 1, Haiku for Tier 2/3; add prompt caching on system prompt (#98)

Fixes

• Fix hooks not working in failproofai's own repo by using local binary instead of npx (#98)
• Fix translation workflow placing files at repo root instead of docs/ by setting download artifact path (#100)
• Revert misplaced translations and fix download path (#101)
• Fix consolidation crash from hidden cache file and missing artifacts (#99)

0.0.2-beta.8 — 2026-04-14

Features

• Add changelog-check, docs-check, and pr-description-check convention policies
• Track .claude/settings.json in git

Fixes

• Accumulate all instruct messages instead of only delivering the first one
• Rename convention policy prefix from convention/ to .failproofai-{scope}/ (e.g. .failproofai-project/, .failproofai-user/) and add convention_scope to telemetry

Docs

• Document cross-cutting hint param in built-in policies reference and add block-force-push hint example
• Add block-force-push hint to project config suggesting fresh branch as alternative

v0.0.2-beta.7

Highlights

This release introduces convention-based policy auto-discovery, a major quality-of-life improvement that lets you drop policy files into .failproofai/policies/ and have them loaded automatically — no --custom flag or config changes needed. It also extends CI validation to cover third-party bot checks and fixes several bugs in custom hook loading and scoped configuration.

Features

Convention-based policy auto-discovery (#91)

Drop files matching *policies.{js,mjs,ts} into .failproofai/policies/ at either the project ({cwd}/.failproofai/policies/) or user (~/.failproofai/policies/) level and they are loaded automatically on every hook invocation — no --custom flag or config file edits required.

• New discoverPolicyFiles() and loadAllCustomHooks() functions in the custom-hooks-loader
• Convention-discovered hooks are registered with a convention/ prefix for PostHog telemetry
• failproofai policies --list now displays discovered convention policies alongside explicit ones
• CLI --help updated with a CONVENTION POLICIES section
• Example files shipped in examples/convention-policies/

Configurable hint field in policyParams (#91)

A new cross-cutting hint string field in policyParams lets you append custom guidance text to any deny or instruct message without modifying the policy itself. Works with built-in, custom, and convention policies. Non-string and empty values are silently ignored (fully backward-compatible).

Third-party bot status checks in require-ci-green-before-stop (#92)

The require-ci-green-before-stop policy previously only checked GitHub Actions workflow runs (gh run list). It now also queries the GitHub Checks API (gh api repos/{owner}/{repo}/commits/{sha}/check-runs) to pick up statuses from third-party bots like CodeRabbit, SonarCloud, Codecov, etc. GitHub Actions checks are filtered out to avoid double-counting. Both API sources are fail-open independently — if one call fails, the other still evaluates.

Auto-bump version after release (#73)

The publish workflow now automatically bumps the version in package.json after every release:

• Beta releases increment the beta number (e.g. 0.0.2-beta.7 → 0.0.2-beta.8)
• Stable releases bump to the next patch beta (e.g. 0.0.2 → 0.0.3-beta.0)

Bug Fixes

Scope-aware policies-config.json writes (#57)

writeHooksConfig() was hardcoded to always write to ~/.failproofai/policies-config.json (global scope), ignoring --scope project/local. This caused policy configuration to leak between projects. Now --scope project writes to {cwd}/.failproofai/policies-config.json and --scope local writes to {cwd}/.failproofai/policies-config.local.json, ensuring full cross-project isolation.

Custom hooks loader cwd, ESM shim exports, and merged LLM config (#76)

Three related bugs fixed in the custom hook loading path:

1. ESM shim exported phantom APIs — the shim was exporting createApp, getQueueCondition, clearQueueCondition (leftover from Claudeye) which don't exist in failproofai, causing runtime errors. Now exports the correct public surface: customPolicies, getCustomHooks, clearCustomHooks, allow, deny, instruct.

2. Project-scoped LLM config ignored — readLlmConfig() only read global config (~/.failproofai/policies-config.json), silently ignoring project/local overrides. Now respects all config scopes via readMergedHooksConfig(cwd).

3. Session cwd dropped during hook loading — Claude/Agent hook payloads include a cwd field, but loadCustomHooks() resolved relative customPoliciesPath values against process.cwd() instead. Now accepts and uses sessionCwd for correct path resolution.

Documentation

• Replace Discord community links with Slack community invite (#87)

Dependencies

• Bump @types/node 25.5.2 → 25.6.0 (#86)
• Bump react-dom 19.2.4 → 19.2.5 (#85)
• Bump next 16.2.2 → 16.2.3 (#84)
• Bump posthog-node 5.28.11 → 5.29.2 (#83)
• Bump lucide-react 1.7.0 → 1.8.0 (#82)
• Bump eslint-config-next 16.2.2 → 16.2.3 (#81)
• Bump vitest 4.1.2 → 4.1.4 (#80)
• Bump react 19.2.4 → 19.2.5 (#79)
• Bump actions/checkout 4 → 6 (#78)

Full Changelog: v0.0.2-beta.6...v0.0.2-beta.7

What's Changed

Bug Fixes

• require-push-before-stop skips when no changes vs base branch (#71)

Full Changelog: v0.0.2-beta.5...v0.0.2-beta.6

What's Changed

Features

• Display package version in navbar (#66)

Bug Fixes

• Show plain Allow badge instead of blue Allow(note) (#68)
• require-pr-before-stop skips when no changes vs base branch (#67)

Full Changelog: https://github.com/nicholasgriffintn/failproofai/compare/v0.0.2-beta.4...v0.0.2-beta.5