Release Notes
Added
Place profile instructions for Claude in CLAUDE.md
Applying a profile for the Claude harness now writes its instructions entries into a profile-keyed managed region of the repository's CLAUDE.md, mirroring the existing Copilot AGENTS.md behavior. Existing user content is preserved, and removing the profile strips only its own region. Previously Claude applies skipped instructions with a warning.
Changed
Unify the "not a git repository" error message
edit, sync, and create now validate the target repository through the same shared check as apply, so all commands report Target is not a git repository: <path> instead of three slightly different variants.
Reserve the @global overlay namespace
Overlay sources now skip the reserved @global and @library directories instead of treating them as org/repo/name overlays, and neither can be addressed as a literal org, repo, or overlay name. This lets clients tolerate sources that use the upcoming global-overlay feature.
Security
Reject overlay directories containing symlinks that escape the overlay
In symlink mode, a directory declared in an overlay is linked into the target repo as-is, so a malicious overlay could embed a symlink exposing arbitrary host paths (for example .claude/evil -> ~/.ssh) through the target repository. Directories are now vetted before anything is applied: applying fails with a "Symlink escape detected" error and the target repo is left untouched. Symlinks that stay within the overlay directory continue to work. Copy mode already had equivalent protection.
Harden git checkout/fetch invocations against pathspec-ambiguous refs
Internal git checkout and git fetch invocations now terminate argument parsing with --, matching the existing clone invocations. Refs were already validated to never begin with -; this is defense-in-depth so a ref that also names a file in the repository cannot be misinterpreted by git.
Avoid panic on short commit strings when listing available updates
repoverlay update truncated commit hashes to 7 bytes with a byte-range slice, which would panic if persisted overlay state held a commit string shorter than 7 bytes (for example a corrupt or hand-edited state file). The truncation is now length-checked, matching the rest of the codebase.
Install repoverlay 0.16.0
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://github.com/tylerbutler/repoverlay/releases/download/v0.16.0/repoverlay-installer.sh | shInstall prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c "irm https://github.com/tylerbutler/repoverlay/releases/download/v0.16.0/repoverlay-installer.ps1 | iex"Install prebuilt binaries via Homebrew
brew install tylerbutler/tap/repoverlayDownload repoverlay 0.16.0
| File | Platform | Checksum |
|---|---|---|
| repoverlay-aarch64-apple-darwin.tar.xz | Apple Silicon macOS | checksum |
| repoverlay-x86_64-apple-darwin.tar.xz | Intel macOS | checksum |
| repoverlay-x86_64-pc-windows-msvc.zip | x64 Windows | checksum |
| repoverlay-aarch64-unknown-linux-gnu.tar.xz | ARM64 Linux | checksum |
| repoverlay-x86_64-unknown-linux-gnu.tar.xz | x64 Linux | checksum |
Verifying GitHub Artifact Attestations
The artifacts in this release have attestations generated with GitHub Artifact Attestations. These can be verified by using the GitHub CLI:
gh attestation verify <file-path of downloaded artifact> --repo tylerbutler/repoverlayYou can also download the attestation from GitHub and verify against that directly:
gh attestation verify <file-path of downloaded artifact> --bundle <file-path of downloaded attestation>