Release 2.0.58 (2026-05-26)¶
Bug fixes¶
- add 'repo list' to subcommand allowlist
- use Bearer auth for JWT-authenticated API calls The CLI sends GH_TOKEN values with Authorization: token, but GitHub requires JWTs to use Authorization: Bearer. Replace the two JWT-authenticated CLI calls with urllib.request using the correct Bearer scheme. Ref #1161
Features¶
- inject host VCS identity into VM during credential setup Copy user.name and user.email from the host global VCS configuration into the VM when injecting credentials. This ensures commits made inside the VM are attributed correctly without bulk-copying the host dotfiles.
Also fixes an implicit dependency on pull.ff=only in the release back-merge phase by adding --ff-only explicitly to the pull call.