* ci: add clippy and docs checks to PR CI workflow
- Add 'cargo clippy --workspace --all-features --locked -- -D warnings' step
to the lint job (previously only ran in release.yml)
- Enable docs job on all triggers (push/PR), not just weekly schedule
to catch broken doc links before merge
- Add clippy component to rust-toolchain setup
* ci: revert docs job to schedule-only (pre-existing broken links in tui crate)
* ci: install Linux deps before clippy
---------
Co-authored-by: Hu Qiantao <huqiantao@HudeMacBook-Air.local>
Co-authored-by: Hunter B <hmbown@gmail.com>
Add a dedicated GitHub Actions workflow for the Next.js web frontend
that runs on changes to the web/ directory:
- ESLint checks via 'npm run lint'
- TypeScript type checking via 'tsc --noEmit'
- Runs on push to main and PRs targeting main
- Uses npm cache for faster dependency installation
Co-authored-by: Hu Qiantao <huqiantao@HudeMacBook-Air.local>
* feat: add mobile smoke tests and QR code for mobile URL
#2396: Add scripts/mobile-smoke.sh that launches the compiled binary on
loopback ports and verifies the mobile surface through real HTTP requests:
- Token auth (401/200, Bearer, query param, approval 404)
- Insecure mode (no token required)
- Binding warnings (0.0.0.0, LAN URL hint)
Add mobile-smoke job to CI workflow.
#2397: Add --qr flag to 'codewhale serve --mobile' that renders a
terminal QR code for the mobile URL. Uses the LAN IP when available,
falls back to 127.0.0.1. Adds qrcode crate (pure Rust, no C deps).
* fix: address review feedback on mobile smoke tests
- Fix Test Group 3 subprocess capture: use temp file instead of command
substitution to avoid hanging and subshell variable isolation
- Allow BINARY path to be overridden via BINARY env var
- Add libdbus-1-dev system dependency to CI job for ubuntu build
* fix: pass auth header in mobile smoke status helper
* fix: send approval JSON in mobile smoke
---------
Co-authored-by: Hu Qiantao <huqiantao@HudeMacBook-Air.local>
Co-authored-by: Hunter B <hmbown@gmail.com>
Adds riscv64 to build pipelines so CodeWhale ships prebuilt binaries
and npm wrappers for 64-bit RISC-V Linux (glibc) systems.
Changes:
**CI / build**
- release.yml: +2 build matrix entries (codewhale + codewhale-tui for
riscv64gc-unknown-linux-gnu), cross-compilation toolchain step using
a dedicated DEB822-format apt source for ports.ubuntu.com, bundle
step, and release-notes table row.
- nightly.yml: +2 matrix entries, matching cross-compilation setup.
- resolve job: handle workflow_dispatch when the target tag does not
yet exist (fall back to HEAD SHA).
**Packaging**
- npm/codewhale/scripts/artifacts.js: add riscv64 to ASSET_MATRIX
under linux so npm install -g codewhale resolves on RISC-V.
**Docs**
- docs/INSTALL.md: add riscv64 row to supported platforms table;
replace with clearer 'other architectures' wording.
Build strategy: cross-compile from ubuntu-latest (x86_64) using
gcc-riscv64-linux-gnu. The dbus runtime dependency (from the keyring
crate's secret-service backend) is satisfied via ports.ubuntu.com.
PKG_CONFIG_ALLOW_CROSS and a cross-target libdir are set so the
keyring crate finds dbus-1 during cross-compilation.
Docker support for linux/riscv64 is intentionally not added here:
GitHub Actions does not yet provide the infrastructure to build or
emulate riscv64 containers. The Dockerfile changes will follow when
the hosted CI surface supports it.
The formula downloaded deepseek-macos-arm64 (the deprecation shim) as the
main binary. After the rebranding, deepseek is just a wrapper that spawns
codewhale, but codewhale was never installed — causing "codewhale not
found on PATH" for every Homebrew user.
Now the formula downloads codewhale-* as the primary binary and installs
all four artifacts: codewhale, codewhale-tui, deepseek (legacy shim), and
deepseek-tui (legacy TUI shim).
Closes#2104
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
* docs: v0.8.46 CHANGELOG — platform archives, palette, sub-agents, sandbox, web install, search fixes
Closes#2188
* feat(v0.8.46): quick fixes — palette, model picker Esc, sub-agent sidebar, shell chip, model name casing, CVE bump (#2212)
* fix: bump qs to >=6.15.2 for CVE-2026-8723
Add qs override in feishu-bridge package.json to force transitive
dependency resolution to >=6.15.2, addressing CVE-2026-8723.
Refs: #2198
* fix: Esc in model picker applies last-highlighted choice
Previously Esc reverted to the initial model when the user hadn't
moved the selection. Now Esc always applies the currently highlighted
model and thinking-effort tier, making Esc consistent with Enter.
Also updates the picker footer hint from 'Esc cancel' to 'Esc apply'.
Refs: #2196
* feat: show '⏳ shell running' chip in TUI footer
Adds a footer_shell_chip function that displays a '⏳ shell running'
status chip in the footer's right cluster whenever a foreground shell
command is active via exec_shell. The chip is always visible regardless
of user-configured status items.
Refs: #2194
* feat: auto-collapse finished sub-agents in sidebar
When a sub-agent completes (status = 'done'), its detail lines
(id, steps, duration, progress) are now hidden in the sidebar agents
panel. Only the summary label line is shown, keeping the sidebar
compact. Running agents still show full detail.
Refs: #2195
* feat: refresh Whale dark palette for better contrast
Improve contrast and layer separation in the Whale dark theme:
- Deepen base background for more depth (10,17,32)
- Lighten panel (22,34,56) for clearer distinction from bg
- Lighten elevated surface (36,52,78) for better elevation
- Lighten selection (48,68,100) for clearer selected state
- Boost text hint (138,150,174) and dim (118,130,156) readability
- Brighter border (52,88,145) for better edge definition
- Update tool surface colors for consistency
Refs: #2197
* fix: preserve model name casing in normalize_model_name_for_provider
When the user enters a model name like 'DeepSeek-V4-Flash', the
normalizer was lowercasing it to 'deepseek-v4-flash' via the
canonical_official_deepseek_model_id function. Now the normalizer
preserves the caller's casing when the input already matches a known
model id case-insensitively. Compact aliases like 'deepseek-v4pro'
are still rewritten to 'deepseek-v4-pro'.
Refs: #2109
* feat(web): install download tile with arch detection, SHA256, China mirrors + companion binary fix (#2213)
* fix(web): download both codewhale and codewhale-tui binaries in install snippets
The SNIPPETS map only fetched one binary per platform, causing the
dispatcher to fail with MISSING_COMPANION_BINARY. Every arch now
downloads both codewhale AND codewhale-tui side-by-side.
- macOS/Linux: added second curl + combined chmod/xattr/mv for tui
- Windows: added second Invoke-WebRequest for codewhale-tui.exe
- VERIFY: PowerShell now hashes both binaries; Unix --ignore-missing
covers all present binaries in a single sha256sum pass
* feat(web): add install download tile with arch detection, SHA256, and China mirrors (#2192)
* feat(sandbox/linux): process hardening — PR_SET_DUMPABLE, NO_NEW_PRIVS, RLIMIT_CORE (#2214)
* feat(sandbox/linux): add process hardening module — PR_SET_DUMPABLE, NO_NEW_PRIVS, RLIMIT_CORE (#2183)
* feat(sandbox/linux): seccomp filter + bwrap passthrough
- seccomp: BPF filter whitelisting safe syscalls, denying ptrace/mount/kexec
and other dangerous syscalls. Uses raw BPF instructions via libc prctl to
avoid external dependencies (#2182).
- bwrap: optional bubblewrap passthrough when /usr/bin/bwrap is present
and [sandbox] prefer_bwrap=true in config. Creates read-only rootfs with
write access limited to the working directory (#2184).
- landlock detect_denial extended to recognize seccomp SIGSYS/"Bad system
call" patterns alongside existing Landlock EACCES/EPERM detection.
- SandboxManager gains prefer_bwrap field; set_prefer_bwrap on ShellManager.
- EngineConfig gains prefer_bwrap field, wired through main/ui/runtime_threads.
- Diagnostics now reports bwrap_available and cgroup_version.
- config.example.toml documents the prefer_bwrap key.
Pre-existing clippy fixes picked up in the same build:
- collapsible_if in ui.rs version-check
- cmp_owned in goal.rs test
- consecutive str::replace in normalize_auth_mode
Closes#2182, closes#2184
* docs: add cross-links to issue and PR templates in CONTRIBUTING.md (#2215)
- Link .github/ISSUE_TEMPLATE/bug_report.md and feature_request.md from
the Reporting Issues section
- Link .github/PULL_REQUEST_TEMPLATE.md from the Pull Request Guidelines
section
* feat(release): bundle platform archives with install scripts (#2216)
- Add bundle job to release workflow that creates per-platform archives
(tar.gz for Linux/macOS, .zip for Windows) containing both codewhale
and codewhale-tui binaries plus install scripts
- Create install.bat (Windows) — copies binaries to %USERPROFILE%\bin
- Create install.sh (Unix) — copies binaries to ~/.local/bin
- Windows gets a portable .zip variant without install script
- Release notes updated to promote archives as primary download method
- Individual binaries retained for npm wrapper and scripting
Closes#2193
* fix(web_search): fall back to DuckDuckGo when Bing returns zero results (#2130)
When the configured search provider is Bing and the query returns zero
results (common for technical/compound queries), fall through to the
DuckDuckGo path instead of reporting empty. A provenance message is
surfaced: "Bing returned no results; used DuckDuckGo fallback".
Also adds Security and Code of Conduct cross-links to CONTRIBUTING.md
per the sub-agent renovation (#2203).
* docs: SANDBOX.md threat model + RFCs for persistence and MCP + SandboxExecutor trait
- docs/SANDBOX.md: complete threat model describing each platform's sandbox
(Seatbelt, Landlock, seccomp, process hardening, bwrap, Windows v1).
Covers defense-in-depth layering, config keys, denial detection, limitations.
- docs/rfcs/2189-persistence-sqlite.md: RFC for SQLite migration (drafted by sub-agent)
- docs/rfcs/2190-mcp-modularization.md: RFC for MCP crate split into
protocol/client/server with OAuth support
- crates/tui/src/sandbox/policy.rs: SandboxExecutor trait definition and
SafetyLevel→SandboxPolicyBehavior mapping function with tests
Closes#2180, closes#2186, closes#2189, closes#2190
* feat: sandbox parity tests + remove sub-agent 100-turn cap
- Add sandbox parity tests covering platform detection, denial patterns,
bwrap preference, and policy consistency across modes (#2187)
- Remove arbitrary 100-turn sub-agent cap: DEFAULT_MAX_STEPS changed
from 100 to u32::MAX. Sub-agents now run until they produce a final
text response, are cancelled by the parent, or hit a configured
explicit budget (#2034)
Closes#2187, closes#2034
- New github_close_pr tool distinct from github_close_issue; proper PR wording
in tool output, audit records, and gh pr close (not issue close)
- handle_read detects art_/call_/SHA refs and points to retrieve_tool_result
with copy-pasteable hints; error messages show correct tool for each ref type
- Shell delta tool results include the command field so the UI can resolve
task_id-only exec cells when the completion metadata arrives
- Sidebar background shell tasks show the actual command on the primary row
instead of just the task ID; task ID stays available as dim detail
- Tool routing falls back to task_id when exec_shell_wait has no command,
then updates when the completion carries command metadata
- Plan mode prompt explains update_plan as the handoff signal; model waits
for user action instead of continuing to tool around
- Base prompt clarifies handle_read scope (var_handles only) vs
retrieve_tool_result (artifacts/tool-result refs)
- New tests: close_pr_schema, close distinction wording, handle_read artifact
detection, shell_wait task_id fallback, sidebar background task labels
Sweep brand mentions of `DeepSeek TUI` / `deepseek-tui` / bare
`deepseek` (the dispatcher binary) across all user-facing docs to
the new `codewhale` brand. The DeepSeek **provider** integration is
left untouched throughout: env vars (`DEEPSEEK_*`), model IDs
(`deepseek-v4-pro`, `deepseek-v4-flash`, `deepseek-chat`,
`deepseek-reasoner`), the `api.deepseek.com` host, the
`~/.deepseek/` config dir, and the `--provider deepseek` argument
value all keep the legacy spelling.
Anti-scope items deliberately left as the legacy `deepseek-tui`:
- Homebrew tap and formula (`Hmbown/homebrew-deepseek-tui`,
`brew install deepseek-tui`, `scoop install deepseek-tui`). The
tap rename ships separately.
- Docker image (`ghcr.io/hmbown/deepseek-tui`). Image-tag rename
ships separately.
- CNB mirror namespace (`cnb.cool/deepseek-tui.com/DeepSeek-TUI`).
Third-party hosted path.
- Security contact email (`security@deepseek-tui.com`).
- GitHub repo URL (`Hmbown/DeepSeek-TUI`).
New artifact:
- `docs/REBRAND.md` documents what changed, what didn't, the
deprecation window, and migration commands for npm / Cargo /
Homebrew / manual installs.
CHANGELOG entries:
- Root `CHANGELOG.md` and `crates/tui/CHANGELOG.md` both gain a
new `[Unreleased]` section describing the rename and the one-
release deprecation window. Historical entries are untouched.
Issue templates:
- `.github/ISSUE_TEMPLATE/bug_report.md` and `feature_request.md`
refer to "codewhale" / `codewhale --version` instead of the old
brand name in their environment fields.
The rebrand sweep was driven by a perl script with bulk patterns
(`deepseek-tui` -> `codewhale-tui`, `DeepSeek TUI` -> `codewhale`,
bare `deepseek` -> `codewhale` with provider/model/host/env-var/
config-path negative lookbehind/lookahead) followed by targeted
reverts for the anti-scope items above. Output was visually
reviewed file-by-file before committing.
Verified:
- `cargo check --workspace --all-targets --locked` — pass.
- `cargo test --workspace --all-features --locked` — pass (no
test source touched here; suite stayed green to confirm no
doc-from-string assertions broke).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Rename the npm wrapper directory and package from `deepseek-tui` to
`codewhale`. Move under `npm/codewhale/`:
- `package.json` renamed (name, bin, internal field) — keeps a
`deepseekBinaryVersion` fallback so old metadata still works.
- Bin entry points renamed to `bin/codewhale.js` and
`bin/codewhale-tui.js`; they spawn the corresponding canonical
binaries via the wrapper.
- `scripts/artifacts.js` switches to the canonical asset-name matrix
(`codewhale-*`, `codewhale-tui-*`) and `codewhale-artifacts-sha256.txt`.
- `scripts/run.js` exports `runCodewhale` and `runCodewhaleTui`; the
legacy `runDeepseek` exports are gone since nothing else inside the
package depended on them.
- `scripts/install.js`, `verify-release-assets.js`, `preflight-glibc.js`
update brand-mention strings + User-Agent headers. Env vars
(`DEEPSEEK_TUI_*`, `DEEPSEEK_*`) are explicitly anti-scope and are
left in place.
- Tests retargeted at the canonical asset names; all 19 still pass.
- README rewritten with the new install command and a deprecation
note about the old package.
Create a one-release deprecation shim at `npm/deepseek-tui/`:
- `package.json` with no `bin`, just a postinstall script that
prints a clear message telling the user to install `codewhale`
instead.
- `README.md` with the same migration note.
- Will be removed in v0.9.0 (or whenever Hunter retires the shims).
Release-side scripts in `scripts/release/` follow the rename:
- `prepare-local-release-assets.js` now requires `npm/codewhale/...`
and copies the canonical `codewhale*` binaries.
- `npm-wrapper-smoke.js` smokes the renamed package.
- `check-versions.sh` reads `npm/codewhale/package.json` for the
primary check and additionally pins the legacy shim package to
the same version.
- `check-published.sh` queries `codewhale@<version>` (with
`codewhaleBinaryVersion` lookup that falls back to the legacy
`deepseekBinaryVersion` field).
- `.github/workflows/auto-tag.yml` watches both `npm/codewhale/` and
`npm/deepseek-tui/` package.json for auto-tag triggers.
Verified:
- `npm test` inside `npm/codewhale/` passes 19/19.
- `npm install --dry-run --ignore-scripts` succeeds for both
`npm/codewhale/` and `npm/deepseek-tui/`.
- `scripts/release/check-versions.sh` reports OK.
- Rust gates re-run: `cargo check`, `cargo fmt --check`,
`cargo clippy -- -D warnings`, all clean.
No `npm publish` is run from this change — Hunter publishes manually
when the rebrand is ready to ship.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Rename the canonical binaries:
- `deepseek` → `codewhale` (CLI dispatcher)
- `deepseek-tui` → `codewhale-tui` (TUI runtime)
Both legacy names continue to ship as tiny deprecation shims that print
a one-line warning to stderr and forward argv to the new binary. The
shims are produced by two new `[[bin]]` entries in `crates/cli/Cargo.toml`
and `crates/tui/Cargo.toml` pointing at small source files under
`src/bin/`. They will be removed in v0.9.0.
Touchpoints:
- Cargo bin entries + new shim source files.
- clap `name`/`bin_name`/usage strings flip to `codewhale`.
- Dispatcher's sibling-binary discovery looks for `codewhale-tui` and
reports `codewhale` in its error/help prose. `DEEPSEEK_TUI_BIN` env
var stays — env vars are explicitly anti-scope.
- `update.rs` now downloads `codewhale-*` assets and verifies them
against `codewhale-artifacts-sha256.txt`. Legacy `deepseek-*` assets
and `deepseek-artifacts-sha256.txt` are still produced by the release
matrix so v0.8.40's `deepseek update` keeps working through one
transition release.
- `ci.yml`, `nightly.yml`, `release.yml` updated to build/upload the new
canonical binaries; `release.yml`'s matrix doubles to also ship the
legacy shim binaries so v0.8.40 update clients land on the shim.
- `scripts/release/crates.sh` and `check-versions.sh` updated for the
renamed crate names from R1.
Local gates green: `cargo check --workspace --all-targets --locked`,
`cargo fmt --all -- --check`, `cargo clippy --workspace --all-targets
--all-features --locked -- -D warnings`, `cargo test --workspace
--all-features --locked` (3226+ pass, 0 fail), and `cargo build
--release` produces all four binaries:
- target/release/codewhale (canonical dispatcher)
- target/release/codewhale-tui (canonical TUI)
- target/release/deepseek (legacy shim, forwards to codewhale)
- target/release/deepseek-tui (legacy shim, forwards to codewhale-tui)
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Add a release follow-up job that updates the Homebrew tap from the checksum manifest when a tap token is configured.
The job now skips before checkout/download/update when neither HOMEBREW_TAP_PAT nor RELEASE_TAG_PAT is configured, so missing tap credentials do not fail an otherwise successful release.
Closes#1602.
Co-authored-by: Zhiping <2716057626@qq.com>
Co-authored-by: Oliver-ZPLiu <47081637+Oliver-ZPLiu@users.noreply.github.com>
Add the Feishu/Lark long-connection bridge, Tencent Lighthouse runbooks, CNB mirror guidance, CNB tag release pipeline, and China-friendly update fallback documentation for the v0.8.37 line.
Add clearer prompts to bug reports and feature requests so users provide
reproduction details, impact, environment context, use cases, and supporting
materials up front.
`--force-with-lease` without an explicit value uses
`refs/remotes/<remote>/main` as the lease ref. The CNB push remote
is added fresh inside each workflow run (`git remote add cnb …`)
without a prior fetch, so that lease ref never exists in the
runner's local clone. The lease check then misfires with
`! [rejected] HEAD -> main (stale info)` even when CNB is correctly
behind GitHub.
Plain `--force` is the right primitive here: the CNB mirror is
one-way by design, so there's no contributor work on the CNB side
to protect against. The lease safety would only matter in a
multi-writer scenario, which we explicitly don't run.
Confirmed via failing run 25714171752 (2026-05-12T04:53:13Z) where
all three retry attempts failed with the same stale-info error
even though CNB was simply behind GitHub by two scrub commits.
The `<<EOF` heredoc inside the `run: |` step body broke YAML parsing —
heredoc bodies have to start at column 0, but YAML block scalars
require consistent indentation. Both runs of the new workflow on the
v0.8.31 push failed at the workflow-file validation stage with
`expected a comment or a line break, but found '$'` at line 128.
Switching to `printf '%s\n' "line1" "line2" ...` keeps every line of
the message at the same indent as the surrounding shell code, so the
YAML `|` scalar stays consistent. Behaviour is identical from the
contributor's perspective.
Confirmed locally with `python3 -c 'import yaml; yaml.safe_load(...)'`
before pushing.
Solves the long-standing hygiene problem where contributor PRs whose
code lands via maintainer cherry-pick stay open + CONFLICTING forever,
even though their fix is credited in the CHANGELOG. v0.8.29 alone left
~5 such PRs open (#1421, #1429, #1442, #1465 — verified separately).
New workflow `.github/workflows/auto-close-harvested.yml`:
* Triggers on push to main.
* For each commit in the push, scans the commit body for lines
matching `harvested from (PR )?#N` (case-insensitive).
* For each matched PR number, closes the PR with a templated
thank-you that links back to the merged commit, thanks the
contributor by handle, and points them at CONTRIBUTING for
landing future PRs via the faster direct-merge path.
* Idempotent — already-closed PRs are skipped with a log line,
not an error.
* Concurrency-guarded so two near-simultaneous main pushes can't
both try to close the same PR.
Two commit-message patterns are recognised:
* `Harvested from PR #1234 by @username` (preferred form, used
in the templates the maintainer paste-uses for harvests)
* `harvested from #1234` (case-insensitive
fallback for older / shorter forms)
The convention is documented in CONTRIBUTING.md, which also adds a
new "How Your Contribution Lands" section explaining the harvest
model upfront so contributors know what to expect — closing their
PR isn't rejection, and the credit lives in the commit message and
CHANGELOG.
Permissions on the workflow: `pull-requests: write` to close + comment,
`issues: write` for the comment (PR comments are issue comments under
the hood), `contents: read` for the checkout.
Closes the persistent "fatal: could not read Username for 'https://cnb.cool'"
failure that bit about half of recent sync-cnb runs.
Root causes from the failure log of run 25705666413 (2026-05-12) and
25697452832 (2026-05-11):
1. The previous tencentcom/git-sync Docker action discovered every
local ref via fetch-depth: 0 and tried to push them all —
including dependabot/* branches that GitHub had locally. Those
follow-on pushes ran without the configured credential helper
in scope and failed with the basic-auth prompt error above.
2. No concurrency guard meant the back-to-back `main` push and
`v*` tag push that auto-tag.yml fires within ~15s of each other
raced. Two workflow runs would attempt to push to the same
CNB remote simultaneously; one would lose.
Rewrite:
* Hand-rolled `git push` with the CNB token URL-encoded inline so
the credential is always in scope. No Docker action dependency.
* `concurrency: group: cnb-sync, cancel-in-progress: false` so
queued runs serialize cleanly rather than racing or dropping.
* Only push the ref that triggered the run — `main` on branch
push (with --force-with-lease for safety), the specific tag on
tag push. Feature branches and dependabot refs no longer
mirror.
* 3-attempt retry with linear backoff (5s, 10s) for transient
failures (CNB rate-limit, DNS blips, etc.).
* `workflow_dispatch: {}` trigger so the maintainer can re-run
against a specific ref manually if the automated run fails.
Adds docs/CNB_MIRROR.md with: the verification steps after a
release, the manual fallback procedure (one-time `git remote add cnb`,
then `git push cnb vX.Y.Z`), the token-rotation procedure, and a
note on why binary release assets aren't on CNB today.
Cross-links from docs/RELEASE_RUNBOOK.md so the verify-after-release
step doesn't get forgotten.
- Add explicit permissions: contents: read (least-privilege)
- Bump actions/checkout@v3 → @v4
- Narrow trigger from on: [push] to on: push: branches: [main] + tags: ['v*']
Matches the hardening convention used by every other workflow in the repo.
* fix(config): keep DeepSeek beta endpoint for legacy cn alias
* fix(ci): filter download-artifact to deepseek* pattern
Prevents the release aggregation job from picking up non-binary
artifacts (e.g. Docker .dockerbuild cache layers) that cause the
checksum manifest to include spurious entries and the Release to
carry files it shouldn't.
* fix(tui): enable focus events to restore IME after app-switch
On macOS, switching away (Cmd+Tab) and back suspends the IME compositor.
Without focus-event handling, the TUI never signals readiness to the
terminal, so CJK input methods (Pinyin, Zhuyin, etc.) stop working.
- EnableFocusChange on startup so the terminal reports FocusGained/FocusLost
- Re-push KeyboardEnhancementFlags on FocusGained (some terminals reset
the enhanced keyboard mode on focus-loss)
- DisableFocusChange on shutdown for clean terminal handoff
* chore: cargo fmt
* docs: add DataWhale and DeepSeek to acknowledgments
* docs: fix DeepSeek name etymology in acknowledgments
* fix(tui): recapture viewport on focus restore
* docs: thank DeepSeek and DataWhale bilingually
The current CLOUDFLARE_API_TOKEN secret authenticates but lacks
User -> User Details -> Read, which OpenNext needs to call the
/memberships endpoint during the KV populate step. Until that
permission is added (or the token is regenerated from Cloudflare's
"Edit Cloudflare Workers" template), every push to web/** fails CI.
Removing the workflow file until the token is ready. Re-add when
the secret has the right scopes; the workflow's previous content
is preserved in git history at 6483997480.
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
wrangler 4 requires Node.js >=22; the deploy job was pinned to 20
and failed at `npx wrangler deploy` with "Wrangler requires at
least Node.js v22.0.0".
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
First commit of the Next.js community site that powers
deepseek-tui.com, deployed via Cloudflare Workers / OpenNext.
This commit lands the scaffold and applies the visual + correctness
pass requested by community feedback:
- Palette: drop the cream/Anthropic-feel paper (#F4F1E8) for a
DeepSeek-aligned cool white + soft gray (#FFFFFF / #F4F6FB), with
indigo accents kept. Soften default hairlines so a pure-white
background reads clean instead of harsh.
- Mobile: add a hamburger menu (mobile-menu.tsx) so phones can reach
Install / Docs / Activity / Roadmap / Contribute — previously the
link list was hidden on phones with no replacement. Tighter hero,
flexible button row, viewport-safe code blocks, columnar grids
collapse cleanly under 768px, and the printed-almanac center rule
is desktop-only now (it sliced through narrow viewports).
- "How it works" diagram: replace the hand-rolled ASCII art (which
misaligned under CJK monospace because Han characters take 2
columns vs Latin's 1, per dhh's note in WeChat) with a real
mermaid diagram rendered client-side via dynamic import. Uses the
mermaid.live standard syntax 庄表伟 recommended.
- Issue #1104: the docs listed a `deepseek-cn` provider that the
v0.8.16 binary doesn't accept (`ProviderArg` in crates/cli only
has 9 variants; the 10th lives only in the legacy tui/config.rs).
derive-facts.mjs now omits `deepseek-cn` until that variant is
wired through the shared ProviderKind, and the install page's
China-network recipe uses `base_url` / `DEEPSEEK_BASE_URL` (which
actually works on v0.8.16) instead of the unsupported provider.
Auto-deploys via .github/workflows/deploy-web.yml on push to main.
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Closes #944\n\n## Summary\n- mark Docker/GHCR publishing as experimental while the package is not publicly readable\n- align installer and release docs with the live npm/Scoop state\n- keep package-channel verification explicit for release triage\n\n## Test plan\n- ruby -e 'require "yaml"; YAML.load_file(".github/workflows/release.yml"); puts "release.yml ok"'\n- cargo test -p deepseek-tui-cli update::tests::test_asset_matching_accepts_binary_assets_and_rejects_checksums --locked\n- cargo fmt --all -- --check\n- git diff --check origin/main...HEAD\n- CI: Version drift, Lint, Test (ubuntu-latest), Test (macos-latest), Test (windows-latest), npm wrapper smoke
PR #646 imported `MessageBeep` from `windows::Win32::UI::WindowsAndMessaging`,
but in `windows` crate 0.60 the function lives at
`windows::Win32::System::Diagnostics::Debug::MessageBeep` and now takes a
typed `MESSAGEBOX_STYLE` returning `Result<()>`. The wrong import broke
every Windows build (Test, npm wrapper smoke, and the windows-msvc release
matrix entry). Fix the import path, enable the `Win32_System_Diagnostics_Debug`
feature, pass `MESSAGEBOX_STYLE(0)` for MB_OK, and discard the Result.
The v0.8.12 release also tripped on a transient `apt-get update` mirror
sync error on the ubuntu-24.04-arm runner, cascading via fail-fast. Wrap
every apt-get update in CI/release with a 5-attempt retry so flaky
ports.ubuntu.com mirrors no longer take down the binary matrix.
Verified: cargo check --target x86_64-pc-windows-gnu compiles cleanly.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Nightt