← Back to blog

Gibil v0.2.0: Don't Switch Branches. Spin Up a Server.

New branch command, remote coding agents, port forwarding, and a security hardening pass. Here's what's new.

You're deep in a feature on main. Slack pings: "Can you check why tests are failing on feat/payments?" You stash your work, checkout the branch, install deps, run tests, debug, switch back. Fifteen minutes gone. Flow destroyed.

We built gibil v0.2.0 to make that moment disappear.

One command, one branch, one machine

gibil branch feat/payments --run "pnpm test"

That's it. Gibil detects your repo from the current directory, spins up a fresh Linux server, clones the repo, checks out the branch, installs dependencies, and runs your tests. Your local machine stays on main. Your editor doesn't close. Nothing changes.

When you're done:

gibil destroy feat-payments

Gone. No trace. The branch name becomes the server name (slashes turn into dashes), so feat/payments becomes feat-payments. You SSH in with gibil ssh feat-payments if you need to debug live.

Three branches, three machines, zero interference

Monday morning. Three PRs need testing before a release. Instead of testing them one at a time — or waiting for CI three times:

gibil branch feat/payments feat/migration fix/auth-bug

Three servers boot in parallel. Each has its own filesystem, its own Docker daemon, its own network. Run tests on all three, SSH into whichever one fails, destroy the rest. What used to block your morning for an hour is done in one boot cycle.

Run your coding agent on the server

Until now, agents like Claude Code ran on your laptop and reached into remote servers through MCP. That works for quick tasks, but for heavy work — long builds, large test suites, real Docker workflows — the network round-trips add up, and your laptop stays busy the whole time.

The --agent flag pre-installs a coding agent on the server so it's ready when you SSH in:

gibil branch feat/payments --agent claude
gibil ssh feat-payments

You land in a tmux session with Claude Code installed, the repo cloned, and the branch checked out. Set your API key and start coding:

export ANTHROPIC_API_KEY=sk-ant-...
claude

Claude Code now has direct filesystem access, a full Docker daemon, real Linux tools, and zero MCP latency. Your laptop is free. Close it if you want. The tmux session survives SSH disconnects — reconnect anytime with gibil ssh feat-payments.

Three agents are supported today:

gibil branch feat/payments --agent claude   # Claude Code
gibil branch feat/payments --agent aider    # aider
gibil branch feat/payments --agent codex    # OpenAI Codex CLI

One thing worth noting: gibil doesn't auto-forward your API keys to the server. You export them yourself after SSH. The key stays in memory and vanishes when the server is destroyed. We made this choice deliberately — your API keys shouldn't end up on disk on a remote machine without you knowing.

Preview a branch in your browser

You're working on a frontend feature and want to see it running. Start the dev server and forward the port:

gibil branch feat/payments --run "pnpm dev" --port 3000

Gibil starts the dev server in the background on the remote machine and opens an SSH tunnel to localhost:3000. Open your browser, see the branch running. The tunnel stays alive until you kill it.

This works for any number of ports. Running a full-stack app with docker-compose and a frontend?

gibil branch feat/payments --run "docker compose up -d && pnpm dev" --port 3000 --port 8080

Both ports tunnel to your localhost. Everything goes through SSH, so it's encrypted and works behind any firewall.

Security hardening

We did a full audit of the codebase and fixed 15 issues before this release. The highlights:

Input validation everywhere. Branch names, port numbers, instance names, MCP parameters, Docker image names, and job IDs are all validated before they reach any shell command. Injection attempts get a clear error message and nothing else.

Orphaned server cleanup. If server creation fails halfway through — SSH key uploaded but provisioning times out, for example — the server and all its resources are now automatically destroyed. No more ghost machines running on your Hetzner account.

API timeout. All Hetzner API requests now have a 30-second timeout. A hung API call no longer blocks the CLI indefinitely.

The test suite grew from 149 to 209 tests, with 30 dedicated to security: injection prevention across every input vector, validation edge cases, and escaping verification.

What's next

This release lays the groundwork for two things we're thinking about:

Smarter TTL. Right now, the server doesn't know if you're actively using it. We're exploring activity-based auto-extension — the server stays alive while you're SSH'd in, and dies when you walk away.

Shareable preview URLs. localhost:3000 works for you, but you can't send it to a designer. We're exploring public preview URLs — a clean HTTPS link for your branch that goes away when the server does.

Upgrading

If you're already on 0.1.x:

npm update -g gibil

Starting fresh:

npm install -g gibil
gibil init
gibil branch feat/your-feature --run "pnpm test"

Your local stays on main. The branch runs on a fresh Linux machine. SSH in if it breaks. Destroy when done.

GitHub · Docs · Changelog

That's gibil v0.2.0.