Release watcher
tools login

mise-en-place

notes:

Edit component notes:

 
Release list
2026.3.10: Security fix for .tool-s templates, Python checksum verification, and 15+ bug fixes
TODAY
2026.3.9: Shared install directories, secret redaction, and better Ctrl-C handling
2026.3.8: Wrapper recursion fix and lockfile provenance correction
2026.3.7: Cleaner conda PATH handling
2026.3.6: Per-environment lockfiles, Windows fixes, and fork bomb prevention
2026.3.5: Provenance tracking in lockfiles and task deduplication fix
2026.3.4: Runtime musl detection, interactive tasks, and platform install fixes
2026.3.3: Standalone installer zstd fix
2026.3.2: Local-scoped upgrades, config-based quiet/silent, and redaction fixes
2026.3.1: Bug fixes for tasks, Swift, Julia, and installer
2026.3.0: Smarter prepare, task-backed hooks, and per-task vars
2026.2.24: Hooks get Tera templates, aqua cache cleanup, and better error messages
2026.2.23: Stricter lockfile enforcement and vfox backend options
2026.2.22: Outdated plugins, rename_exe fixes, and smoother installs
2026.2.21: Bug fix roundup for monorepo tasks, conda noarch, and exec PATH handling
2026.2.20: Conda rewrite, .NET SDK core plugin, and per-task timeouts
2026.2.19: # v2026.2.19: Fixes for interactive tasks and failed install cleanup
2026.2.19: Fixes for interactive tasks and failed install cleanup
2026.2.18: Task Reliability & Developer Experience
2026.2.18
Release notes:

A small patch release that fixes infinite recursion in mise exec when wrapper scripts and shims coexist in PATH, and corrects lockfile provenance detection for aqua tools with opts-only cosign configurations.

Fixed

  • mise exec no longer infinite-loops when wrapper scripts and shims are both in PATH -- In devcontainer setups (and similar environments), a wrapper script like .devcontainer/bin/gitleaks that calls mise x -- gitleaks would resolve back to itself instead of the real binary when the wrapper directory appeared before the shims directory in PATH. This caused infinite recursion until the environment exceeded ARG_MAX, producing confusing errors. The fix reorders the internal lookup PATH so that mise-managed tool bin directories are checked before system PATH entries, ensuring the real binary is always found first. The child process still inherits the full unmodified PATH. #8560 by @jdx

  • Lockfile no longer records unverifiable cosign provenance for opts-only aqua tools -- Tools like yamlfmt, trufflehog, and tflint configure cosign in the aqua registry with only CLI opts (e.g. --certificate-identity) but no key or bundle config. mise lock was recording provenance = "cosign" for these tools, but mise install can only verify cosign natively via key-based or bundle-based flows, causing "Lockfile requires cosign provenance ... but no verification was used" errors on install. Now cosign provenance is only recorded when the tool has a key or bundle config that can actually be verified. #8559 by @jdx

Added

  • turbo added to the registry -- Turborepo, the high-performance build system for JavaScript and TypeScript codebases, can now be installed via mise use turbo. #8553 by @igas
  • workmux added to the registry -- workmux, a tool for git worktrees + tmux windows for zero-friction parallel development, can now be installed via mise use workmux. #8555 by @ifraixedes

New Contributors

  • @himkt made their first contribution in #8558
  • @ifraixedes made their first contribution in #8555
  • @igas made their first contribution in #8553

Full Changelog: https://github.com/jdx/mise/compare/v2026.3.7...v2026.3.8

Copyright © 2023 - All right reserved by Yadoc SAS