# Changelog
All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [Unreleased]
### Added
- Input validation for worktree names, branch names, agent IDs, and messages using Zod
- Git version checking to ensure git 2.5+ is available
- Cross-platform directory size calculation (replaced Unix-only `du` command)
- Comprehensive test suite using Vitest
- ESLint configuration for code quality
- MIT License file
- Constants for magic strings to improve maintainability
### Changed
- Setup commands now use environment variables (`ROOT_WORKTREE_PATH`) instead of string replacement for better security
- Improved error messages with more context
### Fixed
- Command injection vulnerability in setup command processing
- Windows compatibility issue in clean() command
- Unused import warnings
### Security
- Fixed potential command injection vulnerability by using environment variables instead of string interpolation
- Added input validation to prevent path traversal attacks
## [1.0.0] - Initial Release
### Added
- Git worktree management CLI
- MCP (Model Context Protocol) server integration
- Agent coordination with worktree locking
- Automatic setup command execution
- Conflict resolution tools
- Worktree cleanup based on retention policies
- Cursor editor compatibility (.cursor/worktrees.json)
