potiuk opened a new pull request, #463:
URL: https://github.com/apache/airflow-steward/pull/463
## What
Bumps the pinned `claude-code` in
`tools/agent-isolation/pinned-versions.toml`
from **2.1.150** to **2.1.165** (released 2026-06-05, aged past the tool's
1-day cooldown), and bumps `pinned_at` to 2026-06-06.
Also realigns the two install commands in `docs/setup/secure-agent-setup.md`,
which still pinned the stale **2.1.141** — the previous 2.1.150 bump updated
the manifest but not the doc. They now match the manifest at 2.1.165.
## Changelog review
Per the bump process, reviewed the upstream changelog across 2.1.151-2.1.165.
Nothing changes the framework's permission-rule, sandbox, or prompt-injection
semantics — the range is forward improvements and security hardening:
- **2.1.162** — hardened cross-session messaging (relayed messages no longer
carry user authority)
- **2.1.160** — added a prompt before writing to shell startup files
(`.zshenv`, `.bash_login`, …)
- **2.1.163** — fixed a `$TMPDIR` override regression from 2.1.154
## Verification
- `tools/agent-isolation/check-tool-updates.sh` now reports `claude-code … ✓
up to date`
- `prek run --files …` passes on both changed files
🤖 Generated with [Claude Code](https://claude.com/claude-code)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
