v2026.4.7: : Native ARM64 Python on Windows

Compare Source

This patch release fixes precompiled Python installation on Windows ARM64 machines. Previously, mise always downloaded the x86_64 Python build on Windows regardless of architecture, which caused failures when loading native ARM64 libraries. mise now correctly downloads the aarch64 build on Windows ARM64 systems.

Fixed

• Precompiled Python on Windows ARM64 -- On Windows ARM64, mise unconditionally selected the x86_64 precompiled Python build, ignoring the host architecture. This caused runtime errors such as [WinError 193] %1 is not a valid Win32 application when loading native ARM64 DLLs. mise now downloads the native aarch64-pc-windows-msvc build on ARM64 Windows while continuing to use x86_64 on x64 Windows. #​8961 by @​JohanLorenzo

New Contributors

• @​JohanLorenzo made their first contribution in #​8961

Full Changelog: jdx/mise@v2026.4.6...v2026.4.7

v2026.4.6: : Tera templates in miserc.toml, shim race condition fix, and SPM self-hosted support

Compare Source

This release adds Tera template support to .miserc.toml files for dynamic early-stage configuration, fixes a race condition during shim creation that affected multi-backend setups, and improves SPM backend compatibility with self-hosted GitHub Enterprise and GitLab instances. Several other bug fixes improve environment variable handling across tasks, redaction, and the vfox backend.

Highlights

• Tera templates in .miserc.toml -- Use environment variables, XDG directories, and OS-level functions like arch() and os() directly in your .miserc.toml configuration, enabling dynamic early-stage settings such as platform-specific ceiling paths.
• Shim race condition fixed -- Multi-backend setups where different plugins provide overlapping shims no longer intermittently fail during mise reshim or mise install.
• SPM self-hosted instance support -- The SPM backend now automatically derives the correct API URL for self-hosted GitHub Enterprise and GitLab instances from the tool URL.

Added

• Tera template support in .miserc.toml -- .miserc.toml files now support Tera templates with a limited context available during early initialization: OS environment variables, config_root, cwd, XDG directories, and built-in functions/filters. Templates that fail to render gracefully fall back to raw content. #​8867 by @​richardthe3rd

  # .miserc.toml
  ceiling_paths = ["{{ env.HOME }}"]
  ignored_config_paths = ["{{ xdg_config_home }}/mise/shared.toml"]

• sing-box added to the built-in registry -- Install the sing-box universal proxy platform via mise use sing-box. #​8944 by @​tony-sol

Fixed

• Shim race condition with overlapping backends -- When multiple plugins provide the same shim (e.g., nodejs via the default registry and asdf:nodejs), concurrent make_shim calls could race on file removal, producing intermittent "No such file or directory" errors. The file removal now tolerates already-deleted files. #​8947 by @​brander-john

• mise env --redacted missing tools-only redactions -- Env vars declared with both tools = true and redact = true were not included in the redaction filter for mise env --redacted. Both the standard and tools-only redaction sets are now checked. #​8956 by @​jakedgy

• SPM backend API URL for self-hosted instances -- When using the SPM backend with a full URL pointing to a self-hosted GitHub Enterprise or GitLab instance, mise now derives the correct API URL from the host instead of always falling back to api.github.com. Explicit api_url options still take precedence. #​8955 by @​ThomasDutartre

• vfox backend missing dependency env -- When a vfox backend plugin declared depends on another tool, the dependency's binaries were not available on PATH during plugin Lua hooks (BackendListVersions, BackendInstall, BackendExecEnv). Dependency environment is now properly propagated, matching the behavior of other backends. #​8952 by @​cprecioso

• Task usage Tera templates failing with flags -- Task usage field defaults using {{ env.VAR }} Tera templates would fail with "Variable not found in context" whenever any flags were passed. The task argument parser now uses the full computed environment instead of an empty map. #​8957 by @​jdx

• Clarified attestation settings placement -- The help messages for Python and Ruby attestation settings now specify that they must be placed under [settings] in mise.toml, not under [python] or [ruby] where they are silently ignored. #​8939 by @​fru1tworld

New Contributors

• @​ThomasDutartre made their first contribution in #​8955
• @​jakedgy made their first contribution in #​8956
• @​brander-john made their first contribution in #​8947
• @​fru1tworld made their first contribution in #​8939

Full Changelog: jdx/mise@v2026.4.5...v2026.4.6

v2026.4.5: : GitLab and Forgejo token support, env file diagnostics, and shell fixes

Compare Source

This release extends mise's authentication support to GitLab and Forgejo backends, surfaces env files in diagnostic commands, and fixes several bugs in bash shell hooks, Windows tool installation, and PATH handling.

Highlights

• GitLab and Forgejo token support -- mise now resolves authentication tokens for GitLab and Forgejo backends using the same rich priority chain already available for GitHub: env vars, token files, CLI tool configs (glab/fj), credential commands, and git credential helpers.
• Env files in diagnostics -- mise config ls and mise doctor now show env files loaded via MISE_ENV_FILE or _.file directives, making it easier to trace where environment variables come from.
• Bash duplicate trust warning fixed -- Entering an untrusted project directory in bash no longer prints the trust warning twice per cd.

Added

• GitLab and Forgejo token resolution -- The GitLab and Forgejo backends now support the same multi-source token resolution as GitHub: environment variables (MISE_GITLAB_TOKEN, MISE_FORGEJO_TOKEN, etc.), per-host token files (gitlab_tokens.toml, forgejo_tokens.toml), CLI tool integration (glab, fj), credential_command, and git credential fill. A new mise token command replaces the old mise github token and adds mise token gitlab and mise token forgejo subcommands for debugging token resolution. #​8868 by @​roele

  mise token github
  mise token gitlab --unmask
  mise token forgejo forgejo.mycompany.com

• Env files in config ls and doctor -- Env files loaded via the MISE_ENV_FILE setting or _.file config directives now appear in mise config ls output (with env var keys shown in verbose mode) and in mise doctor output (both text and JSON). #​8853 by @​SamSoldatenko

Fixed

• Double .exe extension on Windows (aqua backend) -- When a package's Windows override URL already includes .exe, mise no longer appends a second .exe suffix. This affected 37 aqua registry packages including cli/cli, kubernetes/kubectl, gruntwork-io/terragrunt, and rust-lang/rustup. #​8863 by @​yusei-wy

• Duplicate trust warning in bash -- Entering an untrusted project directory in bash triggered the trust warning from both the chpwd hook and PROMPT_COMMAND, producing a duplicate message. The bash activation script now coordinates between the two hooks so the warning appears exactly once. #​8920 by @​timothysparg

• Config root injected into PATH via _.source -- When a sourced script prepended to PATH (e.g., export PATH="/custom:$PATH"), an empty path component could resolve to the config root directory and get injected into PATH. Empty path segments are now filtered out. #​8936 by @​jdx

• Spurious dependency warnings during install -- When mise.toml configured both a language runtime and a package from that ecosystem (e.g., node + npm:prettier), mise would warn that npm was missing during version resolution even though node was configured and would be installed first. The warning is now suppressed when the providing tool is present in the toolset. #​8923 by @​jdx

Changed

• mise github token renamed to mise token github -- The old mise github token command still works but is hidden from help output. The new mise token command group adds github, gitlab, and forgejo subcommands. #​8868 by @​roele

New Contributors

• @​SamSoldatenko made their first contribution in #​8853
• @​yusei-wy made their first contribution in #​8863
• @​timothysparg made their first contribution in #​8920

Full Changelog: jdx/mise@v2026.4.4...v2026.4.5

v2026.4.4: : Tool Dependencies, .NET Runtimes, and Task Argument Forwarding

Compare Source

A feature-packed release that adds user-defined tool dependencies, .NET runtime-only installs, argument forwarding to task dependencies, and stronger supply-chain security for lockfiles -- along with a large batch of bug fixes across multiple backends and shells.

Highlights

• Declare tool dependencies in mise.toml -- A new depends field lets you ensure one tool is fully installed before another starts, useful for tools with runtime dependencies on each other.
• Pass arguments through task dependency chains -- Task dependencies can now reference the parent task's arguments using {{usage.*}} templates, enabling parameterized build/deploy pipelines.
• .NET runtime-only installs -- Install just the .NET runtime (or ASP.NET Core runtime) without the full SDK using the new runtime tool option.
• Stronger lockfile provenance verification -- mise lock now cryptographically verifies provenance for the current platform at lock time, and a new locked_verify_provenance setting enables re-verification at install time.

Added

• User-specified tool dependencies -- Declare explicit installation dependencies between tools in mise.toml with a new depends field, ensuring one tool is fully installed before another starts. #​8776 by @​cprecioso

  [tools]
  erlang = "27"
  elixir = { version = "1.18", depends = ["erlang"] }

• .NET runtime-only installs -- Install .NET runtimes alongside or instead of SDKs using the runtime tool option. Valid values: dotnet, aspnetcore, windowsdesktop. #​8524 by @​fragon10

  [tools]
  dotnet = ["9", { version = "8.0.14", runtime = "dotnet" }]

• Task dependency argument forwarding -- Task dependencies can reference parent task arguments using {{usage.*}} templates in depends, depends_post, and wait_for. Arguments flow through entire dependency chains. #​8893 by @​jdx

  [tasks.build]
  usage = 'arg "<app>"'
  run = 'echo "building {{usage.app}}"'
  
  [tasks.deploy]
  usage = 'arg "<app>"'
  depends = [{ task = "build", args = ["{{usage.app}}"] }]
  run = 'echo "deploying {{usage.app}}"'

• install_before enforced on transitive npm dependencies -- The install_before supply-chain cutoff is now forwarded to transitive dependency resolution using each package manager's native mechanism (npm --before, bun --minimum-release-age, pnpm --config.minimumReleaseAge). #​8851 by @​risu729

• locked_verify_provenance setting -- New setting (also auto-enabled by MISE_PARANOID) that forces cryptographic provenance re-verification at install time even when the lockfile already has checksum and provenance data. mise lock now also performs full verification for the current platform at lock time. #​8901 by @​jdx

• turso added to the built-in registry -- Install the Turso CLI via mise use turso. #​8884 by @​kenn

Fixed

• --env=VALUE and -E=VALUE flag parsing -- The equals-sign form of the environment flag (e.g., mise --env=production) was silently ignored, causing fallback to the default environment. Both --env=VALUE and --env VALUE forms now work correctly. #​8889 by @​jdx
• PEP 440 .dev versions filtered in fuzzy matching -- Versions like 2026.3.3.162408.dev0 no longer incorrectly satisfy stable version requests. The version regex now matches .dev in addition to -dev. #​8849 by @​richardthe3rd
• Stale lockfile entries pruned during mise lock <tool> -- Running mise lock node after a version change no longer leaves duplicate entries for the old and new versions. #​8599 by @​altendky
• Spurious direnv warning suppressed -- The failed to update DIRENV_DIFF warning no longer appears when the direnv diff environment variable is empty. #​8857 by @​yaleman
• Duplicate trust warning in zsh -- Entering an untrusted project directory in zsh no longer shows the mise trust warning twice. #​8898 by @​timothysparg
• Plain .tool-versions no longer requires trust for task listing -- Files without Tera template syntax ({{, {%, {#) are skipped during the trust check in mise task ls. #​8876 by @​dportalesr
• Tool options preserved with CLI version overrides -- filter_bins and other tool options are no longer lost when specifying a version via CLI (e.g., mise bin-paths tool@version). #​8888 by @​jdx
• Alias-specific options respected -- Tools configured with tool_alias now correctly use the alias-specific asset_pattern and other options instead of inheriting from the original tool. #​8892 by @​jdx
• Precompiled Python uses lockfile URL -- Precompiled Python installs now honor the download URL recorded in mise.lock instead of always recomputing it, fixing reproducibility for locked installs. #​8750 by @​hehaoqian
• Ruby build revisions in lockfiles -- Precompiled Ruby binaries from jdx/ruby now support build revision tags (e.g., 3.3.11-1), preventing lockfile breakage when binaries are rebuilt with different checksums. #​8900 by @​jdx
• Swift installs on unsupported Ubuntu versions -- Swift installs on Ubuntu versions newer than 24.04 now fall back to the 24.04 binary instead of 404ing. #​8916 by @​jdx

Changed

• Go settings renamed to go.* namespace -- All go_* settings (e.g., go_set_goroot) have been renamed to the nested go.* format (e.g., go.set_goroot) for consistency with other language settings. The old names are preserved as deprecated aliases. #​8598 by @​jdbruijn

Breaking Changes

• Deprecated settings removed -- The following settings, deprecated for 18+ months, have been removed. If you are still using them, switch to their replacements: #​8904 by @​jdx
  • asdf -- use disable_backends instead
  • vfox -- use disable_backends instead
  • cargo_binstall -- use cargo.binstall instead
  • disable_default_shorthands -- use disable_default_registry instead
  • pipx_uvx -- use pipx.uvx instead
  • python_compile -- use python.compile instead
  • python_default_packages_file -- use python.default_packages_file instead
  • python_patch_url -- use python.patch_url instead
  • python_patches_directory -- use python.patches_directory instead
  • python_precompiled_arch -- use python.precompiled_arch instead
  • python_precompiled_os -- use python.precompiled_os instead
  • python_pyenv_repo -- use python.pyenv_repo instead
  • python_venv_stdlib -- use python.venv_stdlib instead

New Contributors

• @​cprecioso made their first contribution in #​8776
• @​fragon10 made their first contribution in #​8524
• @​dportalesr made their first contribution in #​8876
• @​timothysparg made their first contribution in #​8898
• @​hehaoqian made their first contribution in #​8750
• @​jdbruijn made their first contribution in #​8598
• @​yaleman made their first contribution in #​8857
• @​kenn made their first contribution in #​8884

Full Changelog: jdx/mise@v2026.4.3...v2026.4.4

v2026.4.3: : Fix seccomp build on armv7

Compare Source

A small patch release that fixes a compile error preventing mise from building on 32-bit ARM (armv7) targets.

Fixed

• seccomp network filter build on armv7 -- The seccomp sandbox code that restricts network access during mise exec failed to compile on armv7 targets. The libc::SYS_socket and libc::SYS_socketpair constants are i32 on 32-bit platforms but the rule map expects i64 keys, causing a type mismatch. An explicit as i64 cast fixes the build while remaining a no-op on 64-bit platforms. #​8869 by @​jdx

Full Changelog: jdx/mise@v2026.4.2...v2026.4.3

v2026.4.2: : Process sandboxing for exec and run

Compare Source

Note: This release's build failed so no binary assets were published. Use v2026.4.3 instead, which includes all changes from this release plus a build fix.

This release introduces experimental process sandboxing for mise exec and mise run, allowing you to restrict filesystem access, network access, and environment variables for executed processes.

Added

• Process sandboxing for mise x and mise run (experimental) -- A new lightweight sandboxing layer lets you lock down what processes spawned by mise can access. On Linux it uses Landlock for filesystem restrictions and seccomp-bpf for network filtering; on macOS it uses sandbox-exec (Seatbelt) with generated profiles. Requires experimental = true in settings. #​8845 by @​jdx

  # Block all filesystem and network access
  mise x --deny-all -- node script.js
  
  # Block network only
  mise x --deny-net -- npm run build
  
  # Block writes except to ./dist
  mise x --allow-write=./dist -- npm run build

  Task-level configuration is also supported:

  [tasks.build]
  run = "npm run build"
  deny_net = true
  allow_write = ["./dist"]

Fixed

• Docs: correct RUNTIME.osType and RUNTIME.archType values -- Fixed inconsistent documentation for runtime template variables and simplified examples. #​8785 by @​esteve

Full Changelog: jdx/mise@v2026.4.1...v2026.4.2

v2026.4.1: : Per-tool install_before and musl detection fixes

Compare Source

This release adds per-tool install_before overrides for more granular control over version freshness, fixes musl/glibc detection in minimal Docker containers, and ensures the -q flag works correctly with mise prepare.

Added

• Per-tool install_before option -- You can now set install_before on individual tools to override the global setting. This is useful when some tools need tighter freshness windows than others. Precedence is: --before CLI flag > per-tool install_before > global install_before setting. #​8842 by @​sargunv-headway

  [settings]
  install_before = "7d"  # default for all tools
  
  [tools.trivy]
  version = "latest"
  install_before = "1d"  # trivy updates are time-sensitive, use a shorter window

• Registry: dbt-fusion -- dbt-fusion is now available as a short name in the mise registry, backed by aqua:getdbt.com/dbt-fusion. #​8837 by @​ryan-pip

Fixed

• Musl detection in minimal Docker containers -- A musl-compiled mise binary running in a minimal container (scratch, busybox, distroless) with no /lib/ld-* files would incorrectly identify the platform as glibc, causing it to select the wrong lockfile entries or tool variants. When no dynamic linker is found at runtime, mise now falls back to the binary's compile-time target. Additionally, a new MISE_LIBC environment variable (musl or gnu) allows explicitly overriding the detection. #​8825 by @​davireis

  ENV MISE_LIBC=musl
  RUN mise install

• mise prepare -q not suppressing output -- The -q (quiet) flag was not suppressing status messages in mise prepare because they used miseprintln!() which bypasses the logging system. These messages now use standard logging macros that respect the quiet setting. #​8792 by @​Marukome0743

• Wrong option in mise prepare docs example -- The ansible-galaxy example in the prepare documentation used -f (force) instead of -r (requirements file). #​8839 by @​rndmh3ro

New Contributors

• @​Marukome0743 made their first contribution in #​8792
• @​sargunv-headway made their first contribution in #​8842
• @​Rohan5commit made their first contribution in #​8844
• @​ryan-pip made their first contribution in #​8837
• @​rndmh3ro made their first contribution in #​8839

Full Changelog: jdx/mise@v2026.4.0...v2026.4.1

v2026.4.0: : Linked version fixes, monorepo task aliases, and Azure Developer CLI

Compare Source

This release fixes a panic when using mise link with aqua-backed tools, resolves bare task alias lookup in monorepo configurations, and handles a rustup check exit code that was incorrectly treated as an error.

Added

• Registry: azd (Azure Developer CLI) -- azd is now available as a short name in the mise registry, backed by aqua:Azure/azure-dev. Install with mise use -g azd@latest. #​8828 by @​rajeshkamal5050

Fixed

• Panic with linked versions on aqua-backed tools -- Running mise doctor, mise reshim, or any command that calls list_bin_paths on an aqua-backed tool with a linked version (created via mise link) would panic with a StripPrefixError. The root cause was that non-version link names like "brew" or "mylink" were passed to the aqua registry as version strings, where they unexpectedly matched semver constraints and produced absolute paths. Linked versions are now detected early and skip the aqua registry lookup entirely, returning install_path/bin directly. #​8801 by @​nikobockerman

• mise outdated failing for Rust -- rustup check returns exit code 100 when toolchain updates are available, which is normal behavior. Previously, mise treated this as a command failure, causing mise outdated to report an error for core:rust. The exit code is now handled correctly. #​8832 by @​shalk

• Bare task aliases not resolving in monorepo mode -- In a monorepo with config_roots configured, running mise run prl (a bare alias) would fail with "no task //:prl found", even though mise run //:prl worked. The issue was that expand_colon_task_syntax expanded bare aliases to //:prl, but the task loader then skipped config root discovery entirely. Both bare and prefixed alias forms now resolve correctly, and tab completion also works for monorepo-prefixed aliases. #​8819 by @​nkakouros

• Task help not shown for metadata-only usage specs -- When a task script defined #USAGE long_about, before_help, after_help, or examples without any arg or flag directives, mise run task --help would show the generic "This task does not accept any arguments" message instead of the usage-based help with the detailed description. #​8824 by @​nkakouros

New Contributors

• @​shalk made their first contribution in #​8832
• @​jedymatt made their first contribution in #​8833
• @​nikobockerman made their first contribution in #​8801
• @​rajeshkamal5050 made their first contribution in #​8828

Full Changelog: jdx/mise@v2026.3.18...v2026.4.0

v2026.3.18: : Python provenance verification, Go sub-module fixes, and shim recursion guards

Compare Source

This release adds supply-chain security improvements for Python, fixes several shim recursion issues that could cause system hangs, and improves Go backend version resolution for deeply nested sub-modules.

Highlights

• Python provenance verification -- Precompiled Python binaries from astral-sh/python-build-standalone can now be verified using GitHub Artifact Attestations, with downgrade protection in lockfiles.
• Shim recursion guards -- Two separate infinite-recursion bugs involving mise shims have been fixed, preventing fork bombs in devcontainer environments and when using exec() templates with mise-managed tools.
• Go sub-module support -- Deeply nested Go sub-modules that return no versions from go list -versions now correctly install with @latest instead of incorrectly resolving to a parent module's version.

Added

• Python GitHub Artifact Attestations -- Precompiled Python binaries are now verified against GitHub Artifact Attestations from astral-sh/python-build-standalone, following the same pattern already used for Ruby. A new python.github_attestations setting (env: MISE_PYTHON_GITHUB_ATTESTATIONS) overrides the global github_attestations setting for Python specifically. When enabled, mise lock records provenance = "github-attestations" in lockfile entries, and mise install verifies downloaded tarballs. If a lockfile records provenance but verification is disabled at install time, the install fails with a downgrade-attack error. #​8820 by @​malept

  # settings.toml or mise.toml [settings]
  [python]
  github_attestations = true  # defaults to the global github_attestations value

• Registry: svgo -- svgo (SVG Optimizer) is now available as npm:svgo. #​8817 by @​3w36zj6

Fixed

• Shim infinite recursion with system shims on PATH -- When tools are installed via mise install --system (e.g. in Docker/devcontainer images), a second shims directory is created at MISE_SYSTEM_DATA_DIR/shims. If both the user and system shims directories were on PATH, invoking a shim for a tool not in any config file would hang indefinitely. The PATH fallback now skips both shims directories and rejects any binary that canonicalizes to the mise binary itself. #​8816 by @​andrewthauer

• Fork bomb from exec() templates, credential commands, and git credentials -- Three subprocess-spawning code paths inherited mise shims in PATH. When the subprocess invoked a mise-managed tool (e.g. gh auth token in an exec() template or credential_command), the shim re-entered mise, triggering the same subprocess again -- causing infinite recursion. Observed as load average >1800 on affected systems. A new shared path_env_without_shims() helper now strips the shims directory from PATH in all three call sites. #​8802 by @​antonioacg

• Go backend --locked mode -- The Go backend was missing a supports_lockfile_url() -> false override, causing mise install --locked to fail for any go-backend tool since their lockfile entries never contain download URLs. #​8790 by @​palootcenas-outreach

• Go deeply nested sub-module version resolution -- mise ls-remote for deeply nested Go sub-modules (e.g. github.com/go-kratos/kratos/cmd/kratos/v2) would incorrectly resolve to the root module's versions. The version fetching logic now tries the exact tool path first and treats an empty version list as authoritative, falling back to @latest for installation instead of using a parent module's version. Results are now cached per module path. #​8823 by @​roele

• Flutter version sorting -- Fixed version sorting in the Flutter registry entry by stripping the -stable suffix before sorting, and switched to per-platform URL templates. #​8818 by @​roele

New Contributors

• @​antonioacg made their first contribution in #​8802
• @​palootcenas-outreach made their first contribution in #​8790

Full Changelog: jdx/mise@v2026.3.17...v2026.3.18

v2.70.1

Compare Source

Changelog

Features

• 221fd69 feat: Add .chezmoi.rawHomeDir template variable
• 4b909dc feat: Add build-info check to doctor command
• 487db8d feat: Add globCaseInsensitive template function
• dd03362 feat: Detect unknown fields when parsing config files

Fixes

• 06ab2d0 fix: Fix Debian ARM package names
• f85b2f8 fix: Don't warn on secrets when re-adding encrypted files

Documentation

• 1323292 docs: Add missing protonpass password manager entry
• 2ba550a docs: Make the AI/LLM stance even more obvious