Ota v1.6.23 Now Available: Machine-Readable Execution Governance
Ota v1.6.23 strengthens machine-readable execution governance with explicit merge gates, stage-family output, crossing evidence, agent-safe enforcement, and broader first-class setup/orchestrator ownership.

Idea
v1.6.23 is a machine-readable governance release.
The pressure behind this version is straightforward: if Ota asks humans, CI, and AI agents to share one execution contract, then governance cannot stay partly implicit.
It has to be emitted as structured truth.
This release pushes exactly that boundary. Ota now publishes clearer governance posture before execution, clearer evidence after execution, and clearer drift ownership when contracts diverge from external repo sources.
At the same time, v1.6.23 widens first-class contract ownership for setup, orchestrator mediation, and deterministic Git materialization so more repos can stay out of shell glue.
Feature
v1.6.23 is broad, but the release is coherent. It strengthens six connected execution-governance surfaces.
1. Governance output is now significantly more machine-readable
This release adds and widens core machine output that CI systems and agent harnesses can consume directly:
- additive
governancesummaries onota run --dry-run --jsonandota up --json - additive
governance.merge_gateandgovernance.required_verification_lanesonota doctor --json - additive
metadata.governance.merge_check_idfor stable merge-lane identity - additive
capability_profileonota tasks --jsonandota workflows --json - additive
artifact_routing[]across dry-run, receipt, proof, repoup, and workspace lanes - additive
stage_familyandphasesignals across receipts, proof JSON, and workspace progress streams
The practical effect is important: external consumers can now read governance posture, execution lane identity, and follow-up artifact routing without scraping terminal prose or reverse-engineering semantics from mixed fields.
2. Agent safety moved from guidance toward enforced runtime behavior
v1.6.23 hardens agent-mode governance in two ways.
First, ota run --agent and ota up --agent now enforce execution-boundary safety at preflight time, with explicit refusal behavior and structured blocked receipts/results.
Second, governance evidence now carries clearer phase semantics (not_run_reason, crossing_record_state) so non-executed lanes are no longer ambiguous in machine output.
This is the right direction for serious agent operations: safety has to be enforceable and inspectable, not only documented.
3. Crossing and merge governance became explicit
This release introduces the first audited crossing-evidence slice for heavier lanes:
- additive
--reason <text>support onota runandota up - optional
receipt.crossingon repo-target execution receipts - mirrored
governance.crossingonota up --jsonwhere applicable
In parallel, merge-oriented governance output gets stronger with projected-vs-drift-aware merge gates and required verification lane projection.
Together, these changes make Ota much better at answering two high-value questions in machine-readable form:
- should this lane run under this governance posture?
- what exact verification identity should merge consumers trust?
4. Source-governance and detect pressure widened substantially
v1.6.23 also expands V11.2 detector-source governance and drift review pressure across real repo-owned sources:
mise.toml,.devcontainer/devcontainer.json(including JSONC),devbox.json, anddevenv.nix- structured external
AGENTS.md/CLAUDE.mdboundaries and bounded command-table lanes - Taskfile/justfile and GitHub Actions verification-lane recovery and drift warnings
The key product move is not “detect more things.”
It is that Ota now treats source provenance and source-class confidence as first-class governance signals, and warns when manual contract truth drifts from stronger external evidence.
That helps keep contracts honest as repos evolve.
5. First-class setup and action ownership widened again
This release also removes more setup-shell pressure by widening structural ownership:
prepare.kind: tool_bootstrapnow includesprepare.tool: cypress_browsersprepare.kind: dependency_hydrationnow supportssource.kind: composeraction.kind: ensure_git_templateadded for template materialization with fresh initaction.kind: ensure_git_checkoutsadded for multi-checkout bootstrapensure_git_checkout/ensure_git_checkoutswidened with remote wiring and workspace-relative targets- first-class
effects.workspace_writesfor explicit sibling/workspace mutation ownership compose.build: trueandcompose.service_ports: trueoncompose.kind: run
This continues Ota's core posture: if the behavior is real and repeatable, it should be modeled structurally in contract truth.
6. Orchestrator ownership became broader and more usable
v1.6.23 widens orchestrator mediation beyond earlier slices:
- first-class
devboxanddevenvorchestrator kinds - mediated command previews across
task,exec, andsubcommand - orchestrator-mediated prepare execution for command-backed hydration/bootstrap via
execution.orchestrator.mode: exec - native activation ordering fix for command-acquired tools used by orchestrated lanes
ota doctor --fixwidening to deterministic command-acquired tool activation
This closes a common real-world gap: repos can now keep orchestrator truth in contract-owned execution lanes without pretending host PATH ownership or dropping back to wrapper scripts.
Docs
If you want to adopt these capabilities directly, use the live docs:
- Get Started: Install Ota and begin with
ota doctor - Governance model: Governance for merge posture, safety posture, and machine-readable governance truth
- Architecture loop: Execution Governance Loop for how contract, execution, proof, and governance fit together
- Contract reference: Contract for tasks, workflows, setup, actions, and governance fields
- Command reference: Commands for
ota doctor,ota tasks,ota workflows,ota run, andota up - JSON output: JSON output reference for governance, receipt, proof, and artifact-routing output
- Workflow modeling: Workflows for verification lanes, workflow intent, and execution boundaries
Release
v1.6.23 is live here: https://ota.run/releases/v1.6.23
If you already use Ota, upgrade and verify:
ota upgradeota --versionota validateota doctor --jsonota tasks --safe --useota run <task> --dry-run --jsonv1.6.23 keeps Ota on its core path: one declared contract, one governed execution model, and machine-readable evidence that lets humans and agents trust the same operational truth.
Take action