v1.4.0May 7, 2026

Promotes the `1.4.0-soak.0` build (in soak since 2026-05-02) to `latest`.

Promotes the `1.4.0-soak.0` build (in soak since 2026-05-02) to `latest`. Soak-check verdict on 2026-05-07 09:00 PDT: **PASS** (samples=188, rss_p99=290 MB / budget 700, cpu_load=0.044 / budget 50, alive_pct=100, errors=0, slope=-11.35 MB/hr).

Promotes the 1.4.0-soak.0 build (in soak since 2026-05-02) to latest. Soak-check verdict on 2026-05-07 09:00 PDT: PASS (samples=188, rss_p99=290 MB / budget 700, cpu_load=0.044 / budget 50, alive_pct=100, errors=0, slope=-11.35 MB/hr).

Added

  • massu watch daemon (Plan 3a) — long-running file-watcher that re-runs detection on stack-relevant changes and auto-installs new variant templates. Subcommands: massu watch [--once] [--quiescence-ms N] and massu refresh-log. Supervises via claude-bg or launchd. Self-defense: refuses to start if the watch surface exceeds the configured watch.max_watched_files cap and the user has not opted in via watch.paths_full_root_opt_in. Quiescence detector uses tick-gap heuristic + lockfile-mid-op detection + git-mid-rebase detection to avoid storming during interactive operations. New config block: watch: { scope, debounce_ms, storm_window, max_watched_files, paths_full_root_opt_in }.
  • AST adapter framework (Plan 3b Phase 1) — Tree-sitter-based per-language adapters under packages/core/src/detect/adapters/. 4 first-party adapters ship: python-fastapi, python-django, nextjs-trpc, swift-swiftui. Adapter contract types in detect/adapters/types.ts. Per-field confidence levels (high/medium/low/none) — a single weak field never poisons stronger fields. Grammar SHA-256 manifest is hardcoded; mismatch → GrammarSHAMismatchError with no silent fallback. Atomic cache writes under ~/.massu/wasm-cache/ with LRU eviction (closes Phase 3.5 finding F-011).
  • Optional LSP enrichment layer (Plan 3b Phase 4) — TypeScript-language-server / Python pyright integration for symbol-precise enrichment beyond Tree-sitter. Stays disabled unless lsp.enabled: true. Hard RSS watchdog on LSP spawn (closes Phase 3.5 finding F-015). SUID-detection refuses to spawn if the LSP binary is setuid (closes F-014).
  • Codebase-aware command templates (Plan #2) — slash-command scaffolds installed by npx massu init / config refresh are now substituted against the consumer's massu.config.yaml AND a per-language detected: block sampled from existing source files. Templating engine (template-engine.ts) is mustache-style {{var}} and {{var | default("…")}} — string-substitution only. TPL-SEC-01..07 adversarial tests verify zero eval/Function/vm/exec/spawn, no prototype walk, no recursive expansion, no template-literal injection. 6 new sub-framework templates: massu-scaffold-router.python-{fastapi,django}.md, massu-deploy.python-{launchd,systemd,docker,fly}.md. runDetection({skipIntrospect}) flag preserves session-start hook's 5s budget.
  • Public-repo leak-defense infrastructure — 6-layer architecture preventing private-content leaks to the public massu npm/GitHub repo:
  • Plan 3c-prework Phase A + Cdocs/*/ added to packages/core files[] (so security/authoring docs ship to npm); tar@^7.4.3 and tweetnacl@^1.0.3 deps added (for Phase 5 signed-allowlist registry); 5 placeholder workspace stubs for @massu/adapter-{rails,phoenix,aspnet,spring,go-chi} (Phase 7 fills implementation); targeted .gitignore patterns replace blanket *.pem so the registry pubkey can ship.

Fixed

  • Path-aware introspect matching for routers/views — adapter signal logic now considers the file's PATH (e.g., apps/*/routers/) in addition to its content shape. Previously, FastAPI router signals could fire on any file containing from fastapi import APIRouter regardless of project layout.
  • Plan 3a hotfix 2026-05-02 — watcher self-defense + measurable RSS/CPU budgets. The 2026-05-02 hotfix added the watch-surface preflight cap, exclusion of high-churn directories (/.next/, /coverage/, /logs/, /data/, editor temp files), and switched the verdict from spot-percentile CPU to integral cpu-load fraction (catches the 30-100% sustained CPU misconfig pattern that produced false-PASS on a multi-runtime monorepo).

Security

  • Phase 3.5 deep security audit — 20 findings, 0 unfixed. Adapter-loading code path audited for prototype pollution, SSRF, RCE, and resource exhaustion. Adversarial test suite (tests/security/) verifies the LSP IPC layer, Tree-sitter loader, and adapter contract are not exploitable. Audit doc retained internally.
  • Public-repo historical leak scrub — 17 historical leak markers removed/anonymized: internal-doc JSDoc cross-references (5), user-machine hardcoded paths (2), incident-doc CHANGELOG citations (3), customer-name design comments (11), test fixture renames (2 directories).

Tests

  • +248 tests since 1.2.1: watcher daemon + quiescence (54), AST adapter framework + 4 adapters (62), LSP enrichment (14), codebase-aware templates (50 templating + 13 introspector + 12 variant matrix), security adversarial (35), watcher session-start banner (5), refresh-log (3). Total: 1729 passing (was 1373 on 1.2.1, 1481 in interim).

Design notes

  • This release intentionally bundles 3a + 3b + Plan #2 codebase-aware + leak-defense infra in one minor bump. The alternative (three separate minors) was rejected because 3a + 3b share a deep security audit (Phase 3.5) and splitting them would compress the audit window for downstream consumers.

Try this release

Install the latest version of Massu and start governing your AI development today.

Install FreeFull Changelog