Release watcher
tools login

mise-en-place

notes:

Edit component notes:

 
Release list
2026.3.10: Security fix for .tool-s templates, Python checksum verification, and 15+ bug fixes
TODAY
2026.3.9: Shared install directories, secret redaction, and better Ctrl-C handling
2026.3.8: Wrapper recursion fix and lockfile provenance correction
2026.3.7: Cleaner conda PATH handling
2026.3.6: Per-environment lockfiles, Windows fixes, and fork bomb prevention
2026.3.5: Provenance tracking in lockfiles and task deduplication fix
2026.3.4: Runtime musl detection, interactive tasks, and platform install fixes
2026.3.3: Standalone installer zstd fix
2026.3.2: Local-scoped upgrades, config-based quiet/silent, and redaction fixes
2026.3.1: Bug fixes for tasks, Swift, Julia, and installer
2026.3.0: Smarter prepare, task-backed hooks, and per-task vars
2026.2.24: Hooks get Tera templates, aqua cache cleanup, and better error messages
2026.2.23: Stricter lockfile enforcement and vfox backend options
2026.2.22: Outdated plugins, rename_exe fixes, and smoother installs
2026.2.21: Bug fix roundup for monorepo tasks, conda noarch, and exec PATH handling
2026.2.20: Conda rewrite, .NET SDK core plugin, and per-task timeouts
2026.2.19: # v2026.2.19: Fixes for interactive tasks and failed install cleanup
2026.2.19: Fixes for interactive tasks and failed install cleanup
2026.2.18: Task Reliability & Developer Experience
2026.2.18
Release notes:

This release closes a security gap where .tool-versions files with Tera templates could execute arbitrary commands without a trust check, adds checksum verification for precompiled Python downloads, and ships over 15 bug fixes across tasks, lockfiles, the Rust plugin, bootstrap scripts, and more.

Highlights

  • Security: trust check for .tool-versions Tera templates -- .tool-versions files were processed through Tera's render_str() with the exec() function available, allowing arbitrary command execution without any trust verification. A malicious .tool-versions in a cloned repo could silently execute code when a user with mise shell activation cd'd into the directory. Template syntax in .tool-versions now requires mise trust first; plain files continue to work without trust.
  • Python checksum verification for precompiled binaries -- Precompiled Python downloads from astral-sh/python-build-standalone are now verified against lockfile checksums at install time, matching the behavior of other core plugins.
  • Python freethreaded build exclusion -- Freethreaded Python builds (e.g. Python 3.14+) are now excluded from precompiled selection by default, fixing "missing lib directory" errors. Set python.precompiled_flavor explicitly if you want freethreaded builds.
  • mise doctor PATH ordering check -- mise doctor now warns when non-mise directories appear before mise-managed tool paths in PATH, helping diagnose tool shadowing issues.

Security

  • Require trust check for .tool-versions Tera templates -- When template syntax ({{, {%, {#) is detected in a .tool-versions file, mise now requires mise trust before processing it. Plain .tool-versions files without templates are unaffected. #8675 by @jdx

Added

  • mise doctor detects PATH ordering issues -- When mise is activated (not shims-only), mise doctor now checks whether non-mise directories appear before mise-managed tool paths in PATH and lists the specific offending entries. #8585 by @jdx
  • New registry tools:

Fixed

  • Python: verify checksums for precompiled binary downloads -- Precompiled Python downloads are now checked against lockfile checksums between HTTP download and tarball extraction, preventing corrupted or tampered downloads from being silently accepted. #8593 by @malept
  • Python: exclude freethreaded builds from precompiled selection -- Freethreaded Python builds (e.g. cpython-3.14.3-freethreaded) use lib/python3.14t/ instead of lib/python3.14/, causing installation failures. These are now filtered out by default unless python.precompiled_flavor is explicitly set to a freethreaded variant. #8672 by @jdx
  • Config: resolve trust hash collision for same-name directories -- In paranoid mode, configs sharing the same parent directory leaf name (e.g. /projectA/infra/mise.toml and /projectB/infra/mise.toml) would map to a single hash file, silently breaking trust verification. The filename extension is now appended instead of replaced. Previously trusted configs may need a one-time mise trust after upgrading. #8628 by @tdragon
  • Lockfile: resolve symlinks when updating -- If a lockfile is a symlink, mise now updates the target file instead of replacing the symlink with a regular file. #8589 by @chancez
  • Rust: resolve relative CARGO_HOME/RUSTUP_HOME to absolute paths -- When CARGO_HOME or RUSTUP_HOME is set to a relative path (e.g. .cargo via [env]), the paths are now resolved to absolute before use, preventing broken PATH entries like undefined/bin after changing directories. #8604 by @simonepri
  • Bootstrap: preserve argv[0] for shim dispatch -- mise generate bootstrap now emits exec -a "$0" instead of plain exec, preserving the original invocation name so that shim symlinks (e.g. claude -> mise) dispatch correctly. #8521 by @tak848
  • Installer: normalize current version before comparison -- The standalone installer now strips the v prefix from MISE_CURRENT_VERSION before comparisons, so embedded checksums and the current-release CDN path are used correctly. #8649 by @tak848
  • Tasks: global file tasks not properly marked as such -- #8618 by @roele
  • Tasks: handle broken pipe in mise tasks ls -- Piping task output (e.g. mise tasks ls | head) no longer panics with EPIPE. #8608 by @vmaleze
  • Tasks: correctly resolve _default files with extensions -- test/_default.sh is now correctly loaded as the test task instead of test:_default. #8646 by @youta1119
  • Tasks: fix argument completion with flags in zsh -- Completing task arguments after flags (e.g. mise run build -- -c <TAB>) no longer produces errors. #8601 by @KevSlashNull
  • Git: use "origin" as remote name -- Cloned registries now consistently use "origin" as the remote name, fixing fetch failures in some configurations. #8626 by @bentinata
  • Shared tools: fix failing rebuild of runtime symlinks -- Installing tools with --system no longer fails when rebuilding runtime symlinks due to incorrect install path resolution. #8647 by @roele
  • Flutter: fix version_expr Tera parser collision -- Added spaces around the current element operator in Flutter's version_expr to prevent Tera parser errors. #8616 by @roele

Changed

  • Removed hidden --prefix and --interleave flags from mise run -- These flags were hidden in December 2024 when --output was introduced as their replacement. Their short forms (-p, -i) could silently consume flags intended for tasks. Use --output prefix or --output interleave instead. #8669 by @nkakouros

Breaking Changes

  • .tool-versions with Tera templates now require trust -- If you have .tool-versions files using template syntax ({{, {%, {#), you will need to run mise trust in those directories. Plain .tool-versions files are unaffected. #8675
  • Trust hash files regenerated -- Due to the hash collision fix, previously trusted configs in paranoid mode may need a one-time mise trust after upgrading. #8628
  • --prefix/-p and --interleave/-i removed from mise run -- Use --output prefix or --output interleave instead (available since December 2024). #8669

New Contributors

  • @nkakouros made their first contribution in #8669
  • @jianglu made their first contribution in #8667
  • @tak848 made their first contribution in #8521
  • @bentinata made their first contribution in #8626
  • @tdragon made their first contribution in #8628
  • @nygmaaa made their first contribution in #8642
  • @youta1119 made their first contribution in #8646
  • @chancez made their first contribution in #8589
  • @dector made their first contribution in #8635

Full Changelog: https://github.com/jdx/mise/compare/v2026.3.9...v2026.3.10

Copyright © 2023 - All right reserved by Yadoc SAS