Remove stale v0.8.59 release docs (release-notes-v0.8.59.md, docs/V0_8_59_RELEASE_TRIAGE.md) now that v0.8.59 is shipped.
Clear three clippy release-gate lints: const-evaluate the DEFAULT_SPAWN_DEPTH ceiling assert, and allow the intentional await_holding_lock on two Z.ai routing tests that must hold the test-env mutex across the await.
Credit new 0.8.60 models and first-party provider routes in the changelog: GLM-5.2 (Z.ai + OpenRouter), first-party Z.ai, StepFun/StepFlash (step-3.7-flash), and MiniMax (MiniMax-M3) routes (#3187/#3191). Regenerate the embedded crates/tui/CHANGELOG.md slice.
Refs #1310.
Adds the direct minimax provider slot, auth/config/env bindings, model aliases, docs, and picker/status surfaces. MiniMax requests now set reasoning_split and preserve reasoning_details history so thinking stays out of answer text.
Also updates Moonshot/Kimi reasoning classification for the Kimi Code route so reasoning_content streams into Thinking cells instead of inline prose.
Cut the 0.8.59 changelog section, bump workspace/npm/README versions, refresh Cargo.lock and generated web facts, and sync the embedded TUI changelog slice.
Also fixes the short codew shim to prefer its sibling codewhale dispatcher before PATH so fresh installs do not delegate to an older global binary.
Harvests #3052 onto the v0.8.59 release branch. Noninteractive CLI launches default to concise output discipline unless config, env, or --verbosity overrides it; interactive TUI launches remain normal by default.
Also forwards CODEWHALE_VERBOSITY as the primary env bridge while keeping DEEPSEEK_VERBOSITY for compatibility, documents the setting, and records @cyq1017 credit in both changelogs.
Adapt PR #3011 so unsupported interactive providers report their actual source and config-sourced unsupported providers fall back to DeepSeek without forwarding a stale keyring secret.
Co-authored-by: cyq1017 <61975706+cyq1017@users.noreply.github.com>
Harvest #2895 for the v0.8.59 release lane. SiliconFlow CN now reads its own providers.siliconflow_cn / providers.siliconflow-CN table and falls back to providers.siliconflow only when api_key, base_url, or model are unset.
Maintainer amendments wire the TUI fallback paths, provider config get/set/unset/redaction surfaces, env override routing, model normalization, tests, and changelog credit.
Fixes#2893.
Reported-by: Artenx <18120598+Artenx@users.noreply.github.com>
Qwen 3.6 Plus already had full catalog/resolver/picker support. Add
dedicated provider-hinted resolution tests to close the remaining gap.
- Add qwen3_6_plus_resolves_to_canonical_on_openrouter test
- Add qwen3_6_plus_alias_qwen_dash_resolves test
- Both verify /model qwen3.6-plus resolves to qwen/qwen3.6-plus on OpenRouter
Tightens the experimental OpenAI Codex (ChatGPT) provider so the v0.8.55
gate is green.
- clippy: collapse 5 nested if/if-let blocks flagged by
clippy::collapsible_if into let-chains (oauth.rs env-override
resolution, responses.rs SSE delta handling). cargo clippy --workspace
--all-targets -- -D warnings is now clean.
- fmt: cargo fmt --all over the Codex/Together changes (the gate's
--check was failing, incl. a mangled "| ApiProvider::Ollama").
- default model: Config::default_model() now resolves to the Codex
default (gpt-5.5) for the Codex provider instead of leaking a DeepSeek
default_text_model the Responses backend rejects. The carve-out sits
after the explicit provider-scoped model block (so
[providers.openai_codex] model still wins) and before the
DeepSeek-validating path, which is unchanged. Adds a behavior test.
https://claude.ai/code/session_013cHWv5sR6XPnVWzfMP8uma
Completes the in-progress OpenAI Codex provider and bumps the workspace to
0.8.55. Builds on the committed Together AI provider + model catalog work.
OpenAI Codex (ChatGPT) provider — experimental:
- Wire the previously-dead OAuth module into credential resolution. The TUI
config now resolves the access token via the Codex CLI login in
~/.codex/auth.json (env overrides OPENAI_CODEX_ACCESS_TOKEN/CODEX_ACCESS_TOKEN),
refreshing expired tokens synchronously via the OpenAI token endpoint —
mirroring the existing Kimi OAuth flow rather than introducing a new pattern.
- Send the ChatGPT backend's required headers from the Responses client
(chatgpt-account-id, OpenAI-Beta: responses=experimental, originator) and
stop duplicating the Authorization header already installed on the client.
- Fix the cli crate's non-exhaustive ProviderKind matches (compile blocker).
Consistency / de-slop pass (so the provider fits the whole app, not one path):
- has_api_key_for / active_provider_has_config_api_key now detect the Codex
OAuth login on disk, the same way they detect Kimi OAuth — a `codex login`
user is no longer reported as unauthenticated.
- Replace the bogus OPENAI_CODEX_API_KEY hint (which exists nowhere else) with
the real OPENAI_CODEX_ACCESS_TOKEN/CODEX_ACCESS_TOKEN in the auth-error and
picker surfaces.
- Drop dead state in the Responses stream parser (unused ToolCallState fields /
imports); tool-call data is streamed live.
- Update docs/PROVIDERS.md, config.example.toml, and the provider-metadata wire
test for the Responses wire format.
Release:
- Bump workspace + crates + npm package to 0.8.55; update CHANGELOG.md and
crates/tui/CHANGELOG.md.
Note: the live Responses round-trip has not been exercised against the
production ChatGPT backend in this environment; the provider ships as preview.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Harvested from PR #2885 by @greyfreedom. Wires ask-rules into the
app-server and core ExecPolicyEngine (previously inert). Removes the
original PR's NeedsApproval arm that incorrectly allow-listed the
working directory as a network host.
Co-Authored-By: greyfreedom <11493871+greyfreedom@users.noreply.github.com>
1. Fix swallowed persist_config errors (app-server/lib.rs:882,896)
- Log errors when config persistence fails after set/unset
- Users previously got success response even when disk write failed
2. Fix swallowed job store load error (core/lib.rs:751)
- Add warning log when job store fails to load at startup
- Previously silently started with empty job list on corruption
3. Fix silent config parse failures (config/lib.rs:1590)
- Log warning when project config TOML is malformed
- Previously returned None indistinguishable from 'no config file'
4. Fix MCP connect_all errors swallowed (mcp.rs:2151,2189)
- Log warnings for each server that fails to connect
- Previously returned incomplete resource list with no indication
5. Fix error context stripped in engine status (core/engine.rs:2223)
- Use {err:#} format to include full error chain
- Was inconsistent with line 2234 which already used {err:#}
6. Fix tool audit log failures silently dropped (tool_execution.rs:122-136)
- Log each failure: serialization, directory creation, file open, write
- Previously silently dropped all errors for security audit trail
7. Fix Err(_) arms discarding error info (runtime_log.rs:179, runtime_threads.rs:828)
- Log stderr redirect failures on Windows
- Log poisoned mutex in pending_approvals
8. Fix env var parsing errors silently ignored (config/lib.rs:2519-2530)
- Warn when DEEPSEEK_TELEMETRY, DEEPSEEK_YOLO, DEEPSEEK_HTTP_HEADERS
have invalid values instead of silently treating as unset
9. Fix MCP config reload errors swallowed (mcp.rs:2011)
- Log config reload errors instead of complete silence
10. Fix .expect() on sub-agent runtime (core/engine.rs:1715)
- Gracefully fall back to basic tool set when API client missing
- Previously panicked if subagents enabled but no client configured
11. Fix .expect() on goal objective (core/engine.rs:2543)
- Use safe if-let pattern instead of check+expect
- Prevents panic if refactoring changes control flow
Add durable [[hotbar]] config bindings for slots 1-8, including default
bindings when no hotbar config is present.
Validate bindings without panicking: skip out-of-range slots, use the last
duplicate slot, and preserve unknown actions so future UI layers can show
disabled placeholders.
Harvests provider-scoped TLS skip-verify from #1893 by @wavezhang. Disabled by default, active-provider-only, doctor-reported, and keeps SSL_CERT_FILE as the preferred custom CA path.
Add a metadata-only provider registry foundation from #2479. The registry exposes canonical lookup, alias-aware resolution, defaults, config table keys, and API-key env candidates without changing runtime routing or activating fallback providers.
Co-authored-by: sximelon <62371427+sximelon@users.noreply.github.com>
Harvested from PR #2741 by @idling11 for #2693, with review fixes folded in: typed compaction/tool/safety enums, no silent unknown-kind fallback, unknown profile keys rejected, and whole-struct equality for future reload/runtime checks.
Co-authored-by: idling11 <8055620+idling11@users.noreply.github.com>
Adds an optional path_suffix field that lets users override the API path
for OpenAI-compatible endpoints. When set, the suffix replaces the default
/v1/<path> pattern, enabling use with endpoints that don't accept /v1/
prefixes (e.g. /chat/completions instead of /v1/chat/completions).
Changes:
- ProviderConfigToml (config crate): path_suffix field
- ProviderConfig (tui crate): path_suffix field
- merge_provider_config: propagates path_suffix
- merge_project_provider_config: propagates path_suffix
- api_url: delegates to new api_url_with_suffix function
- api_url_with_suffix: uses suffix when present, skips /v1 versioning
- DeepSeekClient: reads path_suffix from config, passes to URL builder
- config.example.toml: documents the new option
- Tests for the new URL building behavior
Closes#2089
Hunter B