- Added support for live runtime model metadata in team provisioning.
- Implemented functions to extract and manage CLI flag values for team members.
- Updated member specifications to include effective models based on provider defaults.
- Enhanced UI dialogs to check selected providers in parallel, improving responsiveness.
- Added tests for handling model unavailability during team bootstrap and launch processes.
- Introduced CLI_INSTALLER_VERIFY_PROVIDER_MODELS IPC channel for on-demand model verification.
- Implemented handler for verifying provider models in the CliInstallerService.
- Enhanced CLI installation status management with model verification state and availability.
- Updated related components to support model verification feedback in the UI.
- Replaced inline drawing logic for task comments with a new `drawCommentBubble` function to enhance readability and maintainability.
- The new function encapsulates the drawing of a speech-bubble icon, including the rounded rectangle body, tail, and inner dots to suggest text.
- Simplify LAUNCH_RE by pre-stripping optional (resume) prefix to bring
regex complexity from 23 to within the allowed 20
- Use RegExp.exec() instead of String.match() per lint rules
- Use path.normalize() in BranchStatusService tests for cross-platform
compatibility (fixes \repo vs /repo on Windows)
- Introduced 'task_comment_notification' message kind to enhance message handling in the team services.
- Updated TeamDataService, TeamInboxReader, and TeamSentMessagesStore to accommodate the new message kind.
- Modified filtering logic to exclude task comment notifications from the displayed messages.
- Added tests to ensure correct handling and filtering of task comment notifications.
- Replaced direct access to session.firstMessage with formatSessionLabel for consistent label formatting across components.
- Updated SessionItem, TeamSessionsSection, and KanbanFilterPopover to utilize the new formatting function.
- Enhanced display logic in SessionItem to differentiate between regular and team sessions, improving user experience.
- Added new icons for team sessions and adjusted metadata display for better clarity.
Root cause: handleTeammatePermissionRequest was called from 3 paths
(early inbox scan, Category 4 relay scan, stdout/native) but only
the early scan checked processedPermissionRequestIds, causing
duplicate ToolApprovalRequests and extra permission_responses.
Fix:
- Move processedPermissionRequestIds check INTO handleTeammatePermissionRequest
so ALL callers are protected by the same dedup gate
- Remove duplicate Category 4 scan that re-processed inbox messages
(early scan already covers all messages including read=true)
- Category 4 now only builds a filter Set to exclude permission_request
from relay to lead
relayLeadInboxMessages only processes unread messages after
provisioningComplete, but CLI marks permission_request messages as
read after native delivery -- before our relay runs.
Move permission_request inbox scan BEFORE provisioningComplete check.
Scan ALL messages (including read=true), track processed IDs via
processedPermissionRequestIds Set on ProvisioningRun to prevent
re-emitting. Also look up both alive and provisioning runs so the
scan works during team bootstrap.
When auto-approve is disabled, teammate tool requests arrived as
permission_request JSON via SendMessage and rendered as "Raw JSON"
with no way to approve/deny (#29).
- Intercept permission_request in lead inbox relay, convert to
ToolApprovalRequest and show in existing ToolApprovalSheet
- Respond via teammate inbox (permission_response) + control_response
via stdin as fallback
- Show teammate name in approval header (e.g. "bob — Bash")
- Compact noise label in Messages panel for permission_request/response
- Proper file locking, race condition protection, idempotency checks
- markdownPlugins.ts: use dot notation for abbr attribute access
- useResizablePanel.ts: wrap ref.current assignments in useEffect
to comply with react-hooks/refs rule
The previous Object.fromEntries spread would silently overwrite the
custom abbr attribute list if rehype-sanitize adds abbr to its default
schema in a future version. Simplify to a direct merge.
Add rehype-sanitize to the markdown plugin chain to prevent XSS via
malicious HTML in rendered content. The rehype-raw plugin was passing
inline HTML through without sanitization, allowing script injection
through tags like <img onerror=...> or <script>.
The sanitization schema extends GitHub's default allowlist with additional
tags Claude commonly uses (mark, abbr, u, figure, figcaption) while
stripping all event handlers, scripts, and dangerous attributes.
Plugin order: rehype-raw → rehype-sanitize → rehype-highlight ensures
raw HTML is parsed, then cleaned, then syntax highlighting is applied.
- Upgraded TypeScript target and library to ES2023 for improved language features.
- Enhanced TeamProvisioningService to better handle plain text attachments with UTF-8 validation.
- Improved TaskCommentInput to differentiate between image and non-image file previews, including a new FileIcon for non-image files.
- Refactored attachment handling in useAttachments and useComposerDraft hooks to simplify file processing.
- Added validation for empty files in attachmentUtils to improve user feedback on unsupported uploads.
- Added support for additional attachment types: PDF and plain text.
- Updated the TeamProvisioningService to handle new attachment types with appropriate content blocks.
- Enhanced AttachmentDisplay and AttachmentPreview components to differentiate between image and non-image files.
- Modified DropZoneOverlay and SendMessageDialog to reflect changes in file handling and messaging.
- Improved user experience by allowing file previews for non-image attachments and updating error messages accordingly.
- Refactored attachment validation logic to categorize unsupported files and handle them gracefully.
- Add content-based dedup in handleGetData merge: when two directed messages
have identical from+to+text within a 5-second window, keep only the first.
Fixes duplicate display caused by both CLI and our persistInboxMessage
writing to the same inbox file.
- Reorder checks in getMemberDotClass/getPresenceLabel: check leadActivity
before isTeamProvisioning so the lead shows green dot when its process
is already running during team setup.
- Changed image format for agent comments screenshot in README.
- Improved table of contents in README for better navigation.
- Refactored imports in IPC config and discovery services for consistency.
- Added shimmer effect for waiting members in CSS.
- Enhanced dashboard view to display active teams with online indicators.
- Updated team provisioning components to support message severity.
- Improved task detail dialog layout for related tasks and dependencies.
- Adjusted team model selector default value and refined member status handling.
- Fixed minor styling issues in messages panel and tab bar.
These changes aim to improve user experience and maintainability across the application.
- Replaced instances of isLeadAgentType with isLeadMember for improved clarity in team member role checks.
- Updated README to include a new built-in review workflow feature for agent task reviews.
- Enhanced team detail and list views to accurately reflect current team members and their roles.
- Improved CSS for step progress indicators, adding new styles for a circular stepper.
- Refactored provisioning progress block to utilize a new StepProgressBar component for better visual representation of steps.
- Added "Flexible autonomy" feature to README, allowing users to configure agent control levels.
- Updated task creation description for clarity in README.
- Improved team detail view messaging to better inform users about draft teams and provisioning status.
- Enhanced review function to prevent duplicate approval comments and events, ensuring idempotency.
- Expanded expected IPC signals to include 'TEAM_DRAFT' for better error handling.
- Updated error handling in both registerUtilityRoutes and handleReadMentionedFile functions to return null for expected ENOENT errors, indicating that the file simply does not exist. This improves robustness in scenarios with stale or misdetected file references.
- Enhanced the isValidFileRef function to require either 3+ segments or a file extension to avoid false positives for npm scoped packages, ensuring more accurate file reference validation.