clear_agent_cache falls back to renaming the agent cache directory
to <cache_dir>/.trash/<agent_id>-<nanos>-<counter>/ when
remove_dir_all fails — typically because a running <cmd>.exe or a
Defender scan holds the file. NTFS rename succeeds on directories
whose children are locked, so Upgrade and Uninstall no longer
surface ERROR_ACCESS_DENIED on Windows.
A detached OS thread sweeps .trash/ at startup with all errors
swallowed, panics caught, and no shared state — cannot block app
startup or leak threads. Still-locked entries are left for the
next launch.
Large raw_output snapshots from tool_call_update notifications caused
O(N²) traffic through the event pipeline, multi-GB transient allocations
and WKWebView crashes. The fix turns cumulative snapshots into bounded
incremental deltas and removes redundant payload copies.
- Add ToolCallOutputCache keyed by tool_call_id with a 8KB tail
fingerprint and total length. Detects cumulative extensions by
matching the cached tail at the expected offset in the incoming
snapshot, so it works even when the full output grows into the MB
range. Emits suffix deltas with raw_output_append=true; falls back
to a truncated replacement when content diverges.
- Cap any single emitted raw_output chunk at 64KB (MAX_SINGLE_EMIT_BYTES)
with a UTF-8 char-boundary-safe tail and ANSI-sequence-safe trimming.
Apply the same cap to emit_terminal_output_update.
- Bound the cache at 256 entries with FIFO eviction, and clear entries
when the tool call reaches completed / failed / cancelled / error.
- Seed the cache via a dedicated seed() method on SessionUpdate::ToolCall
so the initial event never emits an accidental append.
- Share emit payloads as Arc<serde_json::Value> across broadcast
receivers and skip the Tauri-side clone: serialize once and hand the
same Arc to both the webview emit and the WebSocket broadcaster.
- Add 14 unit tests covering boundary cases: identity, prefix extension
past the cached tail, divergence, oversized deltas, multibyte UTF-8
truncation, final-status cleanup, FIFO eviction, seed semantics, and
ANSI-safe trimming.
Scan ~/.codex/skills/.system so Codex CLI's bundled skills (imagegen,
skill-creator, etc.) appear in the $ autocomplete and Skills settings.
Mark them read_only on the API; the save/delete handlers refuse writes
to that path, and the UI shows a system badge with a tooltip and
disables edit/delete/save for those entries.
Forward the previously-dropped `locations` and `meta` fields from ACP
SDK ToolCall/ToolCallUpdate events through to the frontend. The meta
field carries `claudeCode.parentToolUseId` which enables precise
parent-child matching for concurrent Agent tool calls during streaming.
- Forward locations/meta in Rust AcpEvent types and connection handlers
- Use parentToolUseId for exact agent→child mapping, with position-based
fallback for agents that don't provide it (Codex, OpenCode)
- Replace `any` types with proper ToolCallMeta / unknown types
- Add runtime guards for meta field parsing (defensive against
unexpected shapes from different agents)
- Cache inferLiveToolName results per tool_call_id to avoid redundant
computation across Phase 1 and Phase 2
- Lazy-construct agentStats only when children exist
Claude Code SDK now supports the "auto" permission mode, so the
filtering that hid it from the selector and silently dropped attempts
to set it is no longer needed.
Enable raw Claude SDK forwarding for ACP sessions and emit only system/api_retry events to the frontend.
Show a localized single-line retry banner with loading under the conversation input, including error details and retry progress.
Replace the spinner-only UX with live log output during agent SDK
operations, matching the existing OpenCode plugin install experience.
Backend: emit structured events (started/log/completed/failed) via
EventEmitter during npm install and binary download. npm commands now
run with piped stdio for line-by-line streaming; binary downloads
report chunked progress every 1 MB.
Frontend: subscribe to `app://agent-install` events through a new
`useAgentInstallStream` hook and render a theme-aware log terminal
below the preflight checks panel.
Also fixes the install log container in both agent settings and the
OpenCode plugins modal: auto-scroll no longer shifts the outer page,
and colours now follow the active light/dark theme.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The naive // and /* check triggered on URLs like https://... inside
string values. Now we only reject the file as JSONC when serde_json
parsing fails AND comment-like sequences are found.
- install_missing_plugins now pins ALL @latest specs (not just newly installed)
- When nothing is missing but @latest exists, the pin-only path runs
- Modal button switches to 'Pin @latest Versions' when no missing plugins
- Added pinVersions i18n key for 10 languages
After a successful plugin install, read the actual installed version from
node_modules and replace @latest in opencode.json with the pinned version.
This prevents opencode from hitting the npm registry on every startup.
Also add a preflight warning when @latest specs are detected, guiding
the user to install via the plugin manager to auto-pin.
Add InstallOpencodePlugins variant to FixActionKind and wire
opencode_plugins::check_opencode_plugins into check_binary_environment
so preflight surfaces missing/installed plugin status for OpenCode agents.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add concurrency lock (PLUGIN_OP_LOCK), install/uninstall functions with
bun subprocess management, progress event streaming via EventEmitter, and
protected-package guard for @opencode-ai/* internals.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add check_opencode_plugins() to read ~/.config/opencode/opencode.json,
parse the plugin[] array, and cross-reference against
~/.cache/opencode/node_modules/ to report installed vs. missing plugins.
Also adds opencode_config_path, opencode_cache_dir, and
has_project_opencode_config helpers.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Session-page connect never triggers download/install; returns
SdkNotInstalled immediately and prompts the user to install from
Agent Settings instead
- Binary agents now accept any cached version via
find_best_cached_binary_for_agent so stale caches still connect
- Bound Initialize handshake with a 60s timeout and convert it to
AcpError::InitializeTimeout via a sentinel in run_connection
- Spawn background task owns ConnectionManager map insertion and
removes the entry on exit through an RAII guard that survives
panics, preventing leaked stale entries
- AcpError gains SdkNotInstalled and InitializeTimeout variants plus
a stable code() identifier; AcpEvent::Error carries code so the
frontend can render localized messages by key
- Frontend preflight now runs for all connect sources; error event
handler switches on code to show translated text for
initialize_timeout, sdk_not_installed, platform_not_supported,
process_exited, spawn_failed and download_failed
- Remove ConnectionStatus::Downloading enum variant, all frontend
branches, and i18n strings; drop obsolete autoLinkFailedTitle,
autoLinkPreflightFailed, preflightCheckFailedDefault and
preflightFailedTitle keys across 10 locales
- Add backendErrors.* translations in 10 languages
- Diagnostic logging: always log agent stderr plus binary
path/size/args/env keys and Initialize timing; gate stdin/stdout
JSON-RPC tracing behind CODEG_ACP_DEBUG to avoid persisting user
content into OS log files
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
When reopening a Gemini CLI history session, session/load fails with
"Authentication required" and the fallback session/new overwrites the
DB external_id with a new session ID that has no corresponding file,
causing all historical messages to disappear.
- Skip session/new when session/load returns "Authentication required"
- Add Gemini to the parser fallback so stale external_ids recover via
folder_path + started_at matching
- Guard externalIdSavedRef for existing conversations to prevent
session/new from overwriting the persisted external_id
- Only update conversation status on disconnect when user has sent a
message, avoiding spurious "completed" flips on pure history views
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Split env vars and config file persistence into separate save operations
- Add model_provider_id field to agent_setting for tracking selected provider
- Add "Model Provider" auth mode for Claude Code, Codex CLI, and Gemini CLI
- Add "Custom Endpoint" auth mode for Claude Code (previously only official subscription)
- Unify auth mode labels across all three agents (official subscription / custom endpoint / model provider)
- When model provider is selected, fill api_url and api_key into env and config automatically
- Resolve model provider credentials at ACP connect time as a backend fallback
- Clear provider deletion cascades to agent_setting.model_provider_id
- Claude Code writes API credentials to config.env (ANTHROPIC_BASE_URL / ANTHROPIC_AUTH_TOKEN)
- Codex: switching auth modes patches config.toml instead of clearing it
- Add i18n keys for new auth modes in all 10 supported languages
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Claude Code errors when setting config options to "auto". Strip "auto"
values from config options returned to frontend and skip set requests
with "auto" value for Claude Code agent.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
