From c2f0a565384c452966b43a6826b01a13766b223b Mon Sep 17 00:00:00 2001 From: Hunter Bown Date: Sat, 2 May 2026 16:54:11 -0500 Subject: [PATCH] docs: add v0.8.5 changelog + contributor thanks to README --- README.md | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) diff --git a/README.md b/README.md index e07c73af..9e87b50f 100644 --- a/README.md +++ b/README.md @@ -119,6 +119,56 @@ cargo install --path crates/tui --locked # requires Rust 1.85+ --- +## What's new in v0.8.5 + +### ๐Ÿ›ก๏ธ SSRF protection for fetch_url + +`fetch_url` now validates target hostnames and IPs before connecting โ€” +localhost-only HTTP for loopback, DNS pinning for remote hosts, and +blocked internal IP ranges. Contributed by Hafeez Pizofreude (#261) +and Jason. + +### ๐Ÿ–ฅ๏ธ Schema-driven config editor + +`/config tui` opens a forms-style config editor powered by schemaui. +Bare `/config` opens the legacy native modal; `/config web` launches a +browser surface (requires the `web` feature). Contributed by Unic +(YuniqueUnic) via #365. + +### ๐Ÿท๏ธ DeepseekCN provider + +`ApiProvider::DeepseekCN` targets `api.deepseeki.com` for China-based +users. Auto-detects when `zh-*` is the system locale on first run. + +### ๐Ÿ” Atomic file writes + +All writes to `~/.deepseek/` now go through `write_atomic` (tempfile + +fsync + rename), preventing corruption from mid-write crashes. + +### ๐Ÿงต Panic safety foundations + +`spawn_supervised` catches and logs task panics with crash dumps instead +of silently dropping the task. + +### โŒจ๏ธ `/config ` wiring + +`/config model deepseek-v4-flash`, `/config locale zh-Hans`, etc. change +settings live in-session without opening the editor. + +Full changelog: [CHANGELOG.md](CHANGELOG.md). + +--- + +## Thanks + +v0.8.5 shipped with help from these contributors: + +- **[Hafeez Pizofreude](https://github.com/pizofreude)** โ€” SSRF protection in `fetch_url` and Star History chart +- **[Unic (YuniqueUnic)](https://github.com/YuniqueUnic)** โ€” Schema-driven config UI (TUI + web) +- **[Jason](mailto:jason@aveoresearchlabs.com)** โ€” SSRF security hardening + +--- + ## What's new in v0.8.0 ### โšก Shell stability and post-send responsiveness