Changelog

Headline this week is a new authorship notes backend built for massive monorepos. refs/notes/ai works great at most scales, but on repos landing ~1k commits/hour the fetch-merge-push cycle can lose to contention and some users' notes pushes get dropped. The new HTTP backend swaps in a commit-addressable key-value store with a local SQLite cache and async daemon flush — fully opt-in, no change for existing users.

We also extended transcript capture to subagents, finished migrating Codex hooks to inline TOML, and added a batch of new attributes on metric events for downstream analytics.

Earth's biggest monorepos

• HTTP notes backend (opt-in) — set notes_backend.kind = "http" in ~/.git-ai/config.json to swap refs/notes/ai for a commit-addressable HTTP store. git push no longer touches the notes ref, reads are local-first via SQLite, and git pull pre-warms the cache for up to 500 commits behind new tips.
• git ai notes migrate — bulk-uploads existing refs/notes/ai content for repos moving onto the HTTP backend.
• Transparent everywhere else — log, blame, diff, show, search, rebase/amend, virtual attribution, range authorship, and stats all route through a single notes_api module that dispatches by backend kind.

Subagent transcripts

Building on last week's transcript streaming rewrite, this week was about getting more signal out of long-running sessions without a performance or memory hit.

• Incremental reads with byte-offset watermarks — the new CopilotCliAgent (and the streaming pipeline more broadly) tracks where it last left off in each transcript file and only reads new bytes on each sweep, instead of re-parsing the whole file. Flat memory and near-constant CPU even on multi-hour sessions.
• Subagent transcript sweep — when a Claude checkpoint fires, the transcript worker discovers and enqueues any subagent transcripts under the session's subagents/ directory, linking them via external_parent_session_id. Full agent trees reconstruct end-to-end without re-walking everything on every checkpoint.
• Per-event timestamps for every agent — agents now provide a concrete u32 timestamp per transcript event instead of falling back to SystemTime::now(), fixing ordering bugs in mixed-agent sessions and removing a wall-clock dependency from the hot path.

Codex toml migration

• Inline TOML hooks — migrated Codex from the deprecated hooks.json to inline [[hooks.PreToolUse]] in config.toml, and from codex_hooks to hooks under [features]. Existing hooks.json entries are cleaned up at install time.

Headline this week was Sessions v2. The old flat JSON arrays masked complex agent behavior — parallel tool calls, sub-agents, and other branching trajectories all got flattened into a single blob. We're now storing proper agent trajectories and linking each line of code to the exact tool call that produced it. Before, lines were only tied to the session they came from — too low-res to be useful. Now we can query and derive insights from huge agent sessions at tool-call-to-line granularity, which wasn't possible before. We're really excited about some of the insights this will unlock -- more on that soon.

We also shipped better background agent support and a lot of bug fixes and performance improvements across the board.

Sessions v2

• Authorship notes v2 with sessions & trace IDs — every checkpoint and prompt is now anchored to a session and a trace, so multi-step agent runs reconstruct cleanly instead of collapsing into a single blob.
• Transcript streaming — agents stream raw transcript events as they happen rather than batching at the end. Lower memory, faster ingestion, and live visibility into in-flight runs.
• First-principles checkpoint rewrite — the checkpoint pipeline was rebuilt from scratch to be fast, use a fraction of the memory, and be fully async. This is what we'd have built first if we knew what we know now.

Agent support

• Copilot across CLI, VSCode, and JetBrains — the Copilot preset has been split into dedicated CLI and IDE paths, so attribution now works correctly whether prompts are coming from the Copilot CLI, the VSCode extension, or the JetBrains/IntelliJ plugin. The two surfaces emit different hook payload shapes, so trying to handle them in one preset was producing gaps; now each is parsed on its own terms.
• Codex apply_patch and file-edit hooks — Codex's file-edit tool variants and apply_patch are now hooked, so Codex edits attribute more accuratly.
• Codex shell tool variants classified — additional Codex shell tool variants are now recognized in tool classification (closes #1204).
• VSCode plugin dependency refresh — @types/vscode, posthog-node, @typescript-eslint/parser, eslint, typescript, and @vscode/vsce all bumped to current versions.
• JetBrains plugin dependency refresh — intellij-platform, kotlin.jvm, gradle-wrapper, and sentry.jvm.gradle all bumped to current versions.

Performance & cleanup

• gix-config for remotes — remotes() and remotes_with_urls() now read git config directly via gix instead of spawning a git subprocess on every call. Big win on the checkpoint hot path.
• Windows install + PowerShell fixes — a batch of install-time fixes for PowerShell quoting, path handling, and the Windows happy path.
• Loud warning for git < 2.22.0 — install-hooks now warns prominently at the end if the system git is too old, instead of silently producing weird behavior later.
• Filesystem-based git reads for checkpoints — checkpoint flow now reads from the filesystem instead of shelling out for plumbing.
• Skills install opt-in — install-hooks no longer installs Claude Code skills by default; pass --skills if you want them. Smaller, faster default install.

Bug fixes

• repo_url in AgentUsage events — agent usage telemetry now includes the repo URL, fixing a gap in self-hosted dashboards.
• Squash rebase preserves humans metadata — squash rebases no longer drop human authorship metadata, and the author identity now includes email.
• bg tail defaults to print-and-exit — git ai bg tail now prints once and exits by default; pass -f/--follow to stream.
• Multi-user reformat attribution — added an end-to-end test covering multi-user reformat AI attribution (closes #394) so this regression can't sneak back.

This week was a lot of bug fixes, as well as a big to represent Agent Sessions as trees (not giant JSON arrays) to better represent more complex agent behaviors, and make prompt telemetry easier to emit, store, and query at scale.

Bug Fixes

• Stale INITIAL-only prompts filtered — human-only commit notes no longer pick up leftover stub prompts. @svarlamov (#1123)
• AI-authored gap lines — gap lines between AI edits are now correctly attributed instead of falling through to human authorship. @svarlamov (#1099)
• Authorship notes survive rebases — conflict resolution during rebase preserves the AI authorship notes instead of dropping them, and rebases no longer write notes onto unrelated merge commits. @svarlamov (#1121, #1131)
• Stash attribution in release builds — stash/pop attribution now works in release binaries, matching debug behavior. @svarlamov (#1122)
• CRLF/LF normalization — stats and checkpoint diffing now normalize line endings, fixing inflated/empty diffs in mixed-EOL repos. @svarlamov (#1075)
• No-data gaps from detect_copies — removed copy detection from diff blame; was producing false no-data regions in some commits. @svarlamov (#1132)
• Sibling heuristic false-positives — fixed a Docker-on-real-git case where the sibling heuristic was over-matching. @svarlamov (#1102)

Daemon & Performance

• ~60× faster captured checkpoints — checkpoints captured by the daemon no longer wait for trace ingestion before returning. @svarlamov (#1135)
• Daemon support for update-ref plumbing — low-level update-ref calls now flow through the daemon. @svarlamov (#1175)
• Centralized agent_usage metric emission — all AI hooks now emit usage through a single path. @svarlamov (#1124)

Agent Support

• Windsurf fixes — bash attribution for agent-generated files (migrations, scaffolding, etc), installer no longer skips when .codium/windsurf is missing, and model_name is now extracted from the hook payload. @acunniffe (#1139, #1174, #1117)
• Android Studio plugin path — JetBrains plugin now uses the Google plugin dir on macOS, and prefers dataDirectoryName everywhere. @peckfly (#1146, #1151)
• Copilot hooks moved — Copilot hooks now live at ~/.copilot/hooks. @svarlamov (#1141)
• OpenCode memory consumption — reading large OpenCode DBs no longer balloons memory. @steventohme (#1120)
• Bash tool git calls — routed through exec_git_allow_nonzero so non-zero exits don't break attribution. @jwiegley (#1182)
• Agent presets refactor — presets rewritten as pure parsers around a single CheckpointRequest type. @svarlamov (#1157)

Self-Hosted & Stats

• Custom CA certs — self-hosted instances behind a corporate proxy with a custom CA can now be used without env-var workarounds. @svarlamov (#1100)
• Notes tree fanout consistency — notes_add_batch is now used everywhere notes are written, for a consistent fanout shape. @a-churchill (#1074). Better support for some of the massive monorepos using Git AI .
• --skip-push on ci local merge — for offline batch-backfill of authorship notes across many historical MRs: rewrite locally in bulk, inspect, then push once at the end. @blanet (#1190)
• Protobuf default ignores — generated protobuf files are now ignored by default. @svarlamov (#1111)

Since the big release of 1.2 we've shipped a lot of smaller fixes to make sure attribution survives across some of the latest ways agents like using worktrees and hardened subagent support.

Bash

Thanks to a big efforts from @jwiegley code that ends up in the repo as the result of Agents running bash commands is properly attributed. For instance - if an agent ran a command to generated a database migration, that sql file would be attributed to that Agent session and the exact bash command that it appeared in. There's some amazing code here, heavilly tested, and highly optimized to work in the background. Great work!

Agent Support

• Pi - the unix-principles inspired agent of choice for everyone's Claws. Now supported. @siarhei-belavus
• Firebender — checkpoint preset and tool-call filtering for Firebender — by @kevo1ution
• Cursor moved to JSONL — Cursor checkpoint storage migrated from sqlite to JSONL

Bug Fixes

• Respect CLAUDE_CONFIG_DIR — install-hooks and skills now honor the env var
• Fix stats for renamed files — git ai stats no longer double-counts renames
• Worktree checkpoint routing — checkpoints route to the correct linked worktree when CWD is the main repo

Git AI 1.2 is here. Read the full story in Git AI Everywhere — the short version: Git AI no longer requires wrapping Git or setting up hooks. Attribution runs asynchronously in the background, surviving cherry-picks, rebases, squashes, and stash/pops without slowing down your Git commands.

Run git ai upgrade or install fresh from GitHub.

Performance & Bug Fixes

• Improved worktree support - some complex workflows began losing attribution after a recent Claude Code update.
• Codex daemon post-commit CAS uploads fixed — Codex Cloud users were missing some attribution data
• Checkpoint routing fixed for nested subrepos — checkpoints now route to the correct nested subrepo instead of the parent
• Detect running agents after hook updates — Git AI now warns you if agents need a restart after hook configuration changes
• Propagate cwd from hook input — fixes repo_working_dir resolution for all agent presets when invoked from hooks
• Recognize negated pathspec globals — --no-literal-pathspecs and similar flags are now handled correctly

Windows

• Guard git ai upgrade wrapper path — fixes an edge case in the Windows upgrade flow
• PowerShell progress bar disabled during download — was causing extreme slowness for some users
• Backslash path handling in clone target resolution — Windows paths with backslashes are now handled correctly

The last week we shipped broader agent and IDE coverage, a few improvements for background agents, and a couple of fixes that had been causing problems during enterprise rollouts.

Agent & IDE Support

• Cursor preToolUse hook migration — Cursor now supports pre-tool hooks; Git AI migrates from beforeSubmitPrompt to preToolUse for more accurate attribution.
• Windsurf in IntelliJ plugin — shipped for teams using Windsurf inside JetBrains IDEs. Hooks are now registered in both required locations to match Windsurf Cascade's hook discovery behavior.
• Devin, Cursor Agent, and Claude Web and Codex Cloud - commits are not attributed to AI.
• Custom Background Agent support override — teams building custom background agents can now add metadata and run Git AI in background agent mode. Used by several companies in NYC - docs and will be launched to everyone soon.

There's a lot in-flight from OSS contributors we're working to get closed and merged.

• Kilo Code agent support (#762) — Checkpoint preset and agent detection for Kilo Code.
• Kimi Code (Moonshot AI) support (#751) — Agent detection via noreply@moonshot.cn / noreply@kimi.ai and kimi-code[bot] GitHub username, plus a KimiCodePreset checkpoint preset.
• git-ai blame in JetBrains plugin (#741) — AI blame annotations in IntelliJ matching the VS Code extension: gutter color stripes, inline model-name inlays, a status bar widget, and a Cmd+Shift+G toggle. Calls git-ai blame --json under the hood with a 300ms debounced refresh.
• Roo Code - the Roo code team is working with us to build a direct Git AI integration.

For Team and Enterprise users

• Persist install API base in config — shipped a bug fix for self-hosted and enterprise installs. git-ai install-hooks now writes API_BASE into ~/.git-ai/config.json so subsequent commands always hit the right endpoint without needing the env var set. This worked for brand new Git AI installs, but was not setting properly if a developer had installed Git AI before their company fully adopted it.
• Local Prompt analysis was broken if you logged into your enterprise org — shipped for Cloud and Enterprise users who share prompts with their team. Prompt analysis was overwriting local transcripts with the empty [] from git notes, causing most recent prompts to appear blank. Analysis now correctly falls back to the locally stored transcript.

This week was split between two priorities: broadening agent support to support the enterprises using Git AI, and tightening the new core hooks system so it's reliable in more deployment configurations. Several teams had asked for finer-grained control over hook behavior — now they have it.

Agent Support

• Windsurf agent support — shipped for the enterprises who love Windsurf. Full integration including hook installer, checkpoint preset parsing for Windsurf's nested JSON + JSONL transcript format, sync-prompts, show-transcript support, and end-to-end test coverage.
• OpenCode plugin tools — shipped for OpenCode users on newer models. Adds detection for patch and multiedit tools in the OpenCode plugin.
• First steps towards supporting Background Agents — shipped for teams where AI agents commit directly under their own git identity. A new agent detection module maps known agent author emails and GitHub usernames to tool names, synthesizing attribution across all blame output formats when no authorship note exists.

What Shipped

• Hook feature flags — shipped for platform teams managing Git AI across many repos. Two new flags: git_hooks_enabled (auto-ensure hooks on checkpoint) and git_hooks_externally_managed (write hook scripts without touching core.hooksPath). Both support env var overrides and CLI config.
• Fix blame-deletions for renamed files — shipped for teams tracking attribution on refactored codebases. Corrected attribution when --blame-deletions is enabled on files that were renamed.
• CI: auto-bump flake.nix on release — shipped for Nix users. The release workflow now keeps flake.nix version in sync with Cargo.toml automatically.

Two big themes this week. First, we shipped full git worktree support — something teams with complex branching workflows have been asking for. Second, we put serious effort into Windows reliability and accuracy — a lot of footguns around canonical paths got addressed properly.

Agent support

• Amp CLI agent support — shipped for teams using Amp as their AI coding agent. New Amp preset with transcript parsing, plugin installer and template, and integration coverage.
• GitHub Copilot hooks — for more accurate AI attribution in enterprises (Copilot is still used everywhere).

Crazy stuff for the crazy times.

• Comprehensive worktree support — shipped for teams using git worktrees for parallel branch development. Worktree-aware repository resolution with --git-common-dir handling, isolated per-worktree storage, aligned blame behavior, and new integration tests.
• External git diff tool support — shipped for a healthcare company that uses custom external diff tools. Internal git execution profiles now enforce the standard diff.
• Support checkpoints from one agent session in multiple repos — a big infra company was refactoring a bunch of code across many locally checked out repos. This fix lets one Agent edit files in n repos, grouping them by repository, and running separate checkpoints for each.

Stability now!

• Graphite CLI test suite — 25 tests verifying attribution survives Graphite operations, catching edge cases in rebase-heavy workflows.
• Windows fixes — shipped for developers on Windows across Git Bash, Fork, Sublime Merge, Cursor, and Claude Code. Fixes include PATH shadowing in Git Bash, forward-slash path handling in Fork, BOM stripping in Cursor hook input, and git-bash-style path conversion for Claude hooks.