diff --git a/.github/badges/version.svg b/.github/badges/version.svg
index 2db07150..274b436e 100644
--- a/.github/badges/version.svg
+++ b/.github/badges/version.svg
@@ -1 +1 @@
-
+
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 00000000..9b040905
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,39 @@
+version: 2
+updates:
+ - package-ecosystem: npm
+ directories:
+ - /
+ - /landing
+ schedule:
+ interval: weekly
+ day: monday
+ time: "09:00"
+ timezone: Etc/UTC
+ cooldown:
+ default-days: 3
+ open-pull-requests-limit: 5
+ commit-message:
+ prefix: chore
+ prefix-development: chore
+ include: scope
+ groups:
+ npm-minor-and-patch:
+ patterns:
+ - "*"
+ update-types:
+ - minor
+ - patch
+
+ - package-ecosystem: github-actions
+ directory: /
+ schedule:
+ interval: weekly
+ day: tuesday
+ time: "09:00"
+ timezone: Etc/UTC
+ cooldown:
+ default-days: 3
+ open-pull-requests-limit: 3
+ commit-message:
+ prefix: chore
+ include: scope
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 642cf99b..b6856f31 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -14,6 +14,7 @@ on:
- 'runtime.lock.json'
- 'test/**'
- '.github/workflows/**'
+ - '.github/dependabot.yml'
- 'pnpm-workspace.yaml'
- 'package.json'
- 'pnpm-lock.yaml'
@@ -34,6 +35,7 @@ on:
- 'runtime.lock.json'
- 'test/**'
- '.github/workflows/**'
+ - '.github/dependabot.yml'
- 'pnpm-workspace.yaml'
- 'package.json'
- 'pnpm-lock.yaml'
@@ -66,11 +68,16 @@ jobs:
cache: pnpm
- name: Restore pnpm node-gyp executable bit
- run: find "$(dirname "$(command -v pnpm)")/store" -path '*/node-gyp/gyp/gyp_main.py' -exec chmod +x {} \; 2>/dev/null || true
+ run: |
+ PNPM_STORE="$(pnpm store path)"
+ find "$PNPM_STORE" -path '*/node-gyp/gyp/gyp_main.py' -exec chmod +x {} \; 2>/dev/null || true
- name: Install dependencies
run: pnpm install --frozen-lockfile
+ - name: Audit dependencies
+ run: pnpm audit --audit-level high
+
- name: Restore ESLint cache
uses: actions/cache@v5
with:
@@ -99,7 +106,9 @@ jobs:
cache: pnpm
- name: Restore pnpm node-gyp executable bit
- run: find "$(dirname "$(command -v pnpm)")/store" -path '*/node-gyp/gyp/gyp_main.py' -exec chmod +x {} \; 2>/dev/null || true
+ run: |
+ PNPM_STORE="$(pnpm store path)"
+ find "$PNPM_STORE" -path '*/node-gyp/gyp/gyp_main.py' -exec chmod +x {} \; 2>/dev/null || true
- name: Install dependencies
run: pnpm install --frozen-lockfile
diff --git a/.github/workflows/landing.yml b/.github/workflows/landing.yml
index f457394c..62325b21 100644
--- a/.github/workflows/landing.yml
+++ b/.github/workflows/landing.yml
@@ -31,6 +31,10 @@ jobs:
working-directory: landing
run: npm ci
+ - name: Audit dependencies
+ working-directory: landing
+ run: npm audit --audit-level high
+
- name: Generate static site
working-directory: landing
env:
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 5a1a00c7..d173a17d 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -45,6 +45,12 @@ jobs:
node-version: 22
cache: pnpm
+ - name: Restore pnpm node-gyp executable bit
+ shell: bash
+ run: |
+ PNPM_STORE="$(pnpm store path)"
+ find "$PNPM_STORE" -path '*/node-gyp/gyp/gyp_main.py' -exec chmod +x {} \; 2>/dev/null || true
+
- name: Install dependencies
run: pnpm install --frozen-lockfile
@@ -336,6 +342,11 @@ jobs:
with:
python-version: '3.11'
+ - name: Restore pnpm node-gyp executable bit
+ run: |
+ PNPM_STORE="$(pnpm store path)"
+ find "$PNPM_STORE" -path '*/node-gyp/gyp/gyp_main.py' -exec chmod +x {} \; 2>/dev/null || true
+
- name: Install dependencies
run: pnpm install --frozen-lockfile
@@ -452,6 +463,12 @@ jobs:
with:
python-version: '3.11'
+ - name: Restore pnpm node-gyp executable bit
+ shell: bash
+ run: |
+ PNPM_STORE="$(pnpm store path)"
+ find "$PNPM_STORE" -path '*/node-gyp/gyp/gyp_main.py' -exec chmod +x {} \; 2>/dev/null || true
+
- name: Install dependencies
run: pnpm install --frozen-lockfile
@@ -573,6 +590,11 @@ jobs:
sudo apt-get update
sudo apt-get install -y libarchive-tools rpm xvfb
+ - name: Restore pnpm node-gyp executable bit
+ run: |
+ PNPM_STORE="$(pnpm store path)"
+ find "$PNPM_STORE" -path '*/node-gyp/gyp/gyp_main.py' -exec chmod +x {} \; 2>/dev/null || true
+
- name: Install dependencies
run: pnpm install --frozen-lockfile
diff --git a/README.md b/README.md
index 2bce5118..5066777e 100644
--- a/README.md
+++ b/README.md
@@ -152,7 +152,7 @@ An orchestration layer for AI agent teams across Claude, Codex, and OpenCode.
- **Built-in code editor** — edit project files with Git support without leaving the app
-- **Branch strategy** — choose via prompt: single branch or git worktree per agent
+- **Branch strategy** - choose per teammate at launch: use the main checkout or run selected agents in their own git worktree. You can still spell out branch rules in the provisioning prompt.
- **Team member stats** — global performance statistics per member
@@ -252,13 +252,13 @@ Yes. Every task shows a full diff view where you can accept, reject, or comment
What happens if an agent gets stuck?
-Send a direct message to course-correct, or stop and restart from the process dashboard. If an agent needs your input, you'll get a notification and the task will show a distinct badge on the board.
+Send a direct message to course-correct, or stop and restart from the process dashboard. Agent Teams also has a nudge system: the app can send a short control message when there is a clear reason to wake an agent up, such as after a known rate-limit cooldown, when a teammate has not synced with its current task or review, or when progress appears stalled. Nudges are guarded and rate limited, so they are meant to help the agent continue, not spam it. If an agent needs your input, you'll get a notification and the task will show a distinct badge on the board.
Does it support multiple projects and teams?
-Yes. Run multiple teams in one project or across different projects, even simultaneously. To avoid Git conflicts, ask agents to use git worktree in your provisioning prompt.
+Yes. Run multiple teams in one project or across different projects, even simultaneously. To avoid Git conflicts, enable git worktree isolation for selected teammates when launching the team, and use the provisioning prompt for any extra branch or merge rules.