Add rehype-sanitize to the markdown plugin chain to prevent XSS via
malicious HTML in rendered content. The rehype-raw plugin was passing
inline HTML through without sanitization, allowing script injection
through tags like <img onerror=...> or <script>.
The sanitization schema extends GitHub's default allowlist with additional
tags Claude commonly uses (mark, abbr, u, figure, figcaption) while
stripping all event handlers, scripts, and dangerous attributes.
Plugin order: rehype-raw → rehype-sanitize → rehype-highlight ensures
raw HTML is parsed, then cleaned, then syntax highlighting is applied.
- Integrate @sentry/electron and @sentry/react for crash reporting
- Add Sentry Vite plugin for source maps
- Add error tracking to main process, renderer, and IPC layer
- Exclude source maps from packaged builds
- Update README with new screenshots
- Add Sentry opt-out toggle in settings
- Update release workflow with Sentry config
In packaged Electron apps process.cwd() does not point to the app
directory so the mcp-server bundle was never found. Additionally the
mcp-server dist was not included in the package at all.
Changes:
- Bundle mcp-server into a single self-contained ESM file (tsup
noExternal + createRequire banner for CJS compat)
- Ship mcp-server/dist/index.js and package.json via extraResources
- Resolve entry via process.resourcesPath when app.isPackaged is true
- Build controller + mcp-server in prebuild so dist exists before
electron-builder runs
- Add mcp-server/dist/index.js to CI verify steps on all platforms
- Improve error message to list checked paths for easier debugging
- Removed `remark-stringify` from the project to avoid ESM→CJS interop issues in Electron's main process.
- Updated the text formatting pipeline to use a custom plain-text compiler instead of `remark-stringify`.
- Enhanced task ID matching logic in `TeamMemberLogsFinder` to accommodate both full UUIDs and their short display forms, improving flexibility in task identification.
- Added comments to clarify the changes in task ID handling and regex construction.
- Added `remark-stringify` to the project for converting markdown to plain text.
- Updated the text formatting pipeline to include `remark-stringify` for improved markdown handling.
- Commented out performance logging in `TeamMemberLogsFinder` to reduce console output during execution.
- Enhanced the `getUnreadCount` and `getLegacyCutoff` functions in `commentReadStorage` to clarify legacy comment handling logic.
- Introduced a new IPC call for sending test notifications, allowing users to verify notification delivery.
- Updated app identifiers in package.json and notarization script to reflect the new application name.
- Enhanced notification handling in the NotificationManager to prevent garbage collection of active notifications.
- Updated UI components to include a test notification button in the settings, improving user experience.
Replace Textarea + Edit/Preview tabs with a reusable WYSIWYG editor
based on Tiptap v3. Integrated into TaskDetailDialog for editing
task descriptions with native markdown I/O.
Components:
- TiptapEditor: main component with EditorContext.Provider pattern
- TiptapToolbar: configurable toolbar with useEditorState for v3 reactivity
- TiptapBubbleMenu: floating formatting menu on text selection
- useTiptapEditor: core hook with markdown I/O, content sync, stale closure prevention
- presets: full/compact/minimal editor configurations
- tiptapStyles.css: ProseMirror styles matching MarkdownViewer values
Key details:
- Data format stays markdown string (not HTML)
- contentType: 'markdown' for both init and setContent
- GFM enabled via markedOptions
- ProseMirror li>p margin fix, nested list styles, gapcursor
- Integrated the @radix-ui/react-alert-dialog package for improved alert dialog functionality.
- Updated SkillImportService to include a new inspectSourceDir method for enhanced file inspection and warning generation during skill imports.
- Refactored existing methods to streamline file reading and directory walking processes, improving overall performance and error handling.
- Added new SkillPlanService to manage skill upsert plans, enhancing the skills mutation workflow.
- Updated UI components to support new features and improve user experience in the skills management interface.
- Introduced skills catalog management with functionalities to list, get details, preview, and apply skill changes.
- Implemented IPC handlers for skills-related actions, enhancing communication between renderer and main processes.
- Updated the UI to include a dedicated Skills panel within the extension store, improving user access to skills management.
- Added new constants and types for skills API integration, ensuring a structured approach to skills handling.
- Enhanced state management to support skills loading, error handling, and detail fetching.
- Introduced a new KanbanGridLayout component for improved task organization and layout management.
- Updated KanbanBoard to utilize the new grid layout, enhancing the visual structure of tasks.
- Added CSS styles for grid layout and resizing handles to improve user interaction.
- Refactored KanbanColumn to support additional customization options for headers and body styles.
- Enhanced persistence flows to rely on repository abstractions, promoting better separation of concerns in storage management.
- Updated package dependencies to include react-grid-layout and react-resizable for enhanced layout capabilities.
- Deleted the obsolete electron.vite.config file to streamline the project structure.
- Updated package.json to remove the "agent-teams-controller" dependency and added "@radix-ui/react-hover-card".
- Enhanced the pnpm-lock.yaml to reflect the updated dependencies.
- Modified CrossTeamService and TeamProvisioningService to accommodate new color properties in team configurations.
- Improved message handling in various components to support mention links and member hover cards.
- Cron-based task scheduling with SchedulerService (create, pause, resume, delete)
- One-shot executor using `claude -p` with stream-json output for rich log display
- CLAUDECODE env var stripped to prevent nested session detection
- JsonScheduleRepository for persistent schedule/run/log storage
- Full IPC pipeline: handlers, preload bridge, API types, HttpClient stubs
- ScheduleSection UI with create/edit dialog, run history, status badges
- ScheduleRunLogDialog with CliLogsRichView (thinking blocks, tool cards, markdown)
- Real-time run status updates via store subscription
- Retry logic with configurable max retries and auto-pause on consecutive failures
- CronScheduleInput with human-readable descriptions via cronstrue
- 3 test suites: SchedulerService, ScheduledTaskExecutor, JsonScheduleRepository
- Updated the check:workspace script to include end-to-end testing for the MCP package.
- Added a new test:e2e script in the MCP server for running end-to-end tests.
- Refactored controller import logic to support default exports from the agent-teams-controller.
- Improved team deletion handling in IPC by ensuring team provisioning is stopped before deletion.
- Introduced a function to resolve the real node binary path for better compatibility in Electron environments.
- Enhanced task display in MemberCard and TaskDetailDialog components for improved user experience.
- Enhanced package.json scripts by adding a new linting command for the MCP workspace and updating the check script to include MCP linting.
- Modified CI workflow to replace individual typecheck and lint steps with a consolidated validation step for improved efficiency.
- Introduced a new TypeScript configuration for testing in the MCP server, enhancing type checking capabilities.
- Reorganized imports in several components for better clarity and maintainability.
- Renamed the 'check' script to 'check:workspace' for clarity and updated the main 'check' script to include linting.
- Modified CI workflow to monitor changes in the '.github/workflows/**' and 'pnpm-workspace.yaml' files, ensuring better integration and tracking.
- Added new tests to validate task lifecycle and review processes, enhancing overall test coverage and reliability.
- Added agent-teams-controller as a dependency and updated the bundling configuration to exclude it.
- Refactored task management functions to utilize the new taskStore, improving code organization and maintainability.
- Introduced new methods for handling task states, including soft deletion and restoration.
- Enhanced kanban functionality with improved reviewer management and task column updates.
- Updated tests to reflect changes in task creation and approval processes, ensuring robust coverage.
- Improved task ID handling and display logic for better user experience across components.
- Added new workspace commands for type checking, building, and testing across multiple packages.
- Updated CI workflow to include paths for new packages and utilize workspace commands.
- Refactored MCP server to integrate with the agent-teams-controller, enhancing task management capabilities.
- Improved task boundary detection and logging for MCP tools, ensuring better tracking of task states.
- Updated documentation and prompts to reflect new MCP tool usage, replacing previous teamctl.js references.
- Added `strip-markdown` package to handle markdown formatting in plain-text contexts.
- Updated `teams.ts` and `NotificationManager.ts` to use `stripMarkdown` for truncating notification bodies and error messages, enhancing readability.
- Introduced `textFormatting.ts` utility for markdown stripping functionality.
- Enhanced `GlobalTaskList` component with sorting options and improved UI for task management.
- Implemented localStorage persistence for collapsed group states in `useCollapsedGroups` hook.
- Bumped package version from 0.1.0 to 1.0.0 to reflect significant updates.
- Added @codemirror/lint dependency to enhance code linting capabilities.
- Updated pnpm-lock.yaml to include the new linting dependency version.
- Integrated yet-another-react-lightbox to improve image preview functionality across various components.
- Updated ImageLightbox and AttachmentDisplay to utilize the new lightbox for displaying images.
- Enhanced TaskAttachments and TaskCommentsSection to support image lightbox previews, improving user experience when viewing attachments.
- Refactored SendMessageDialog and EditorImagePreview to ensure consistent image handling with the new lightbox implementation.
- Refactored MentionableTextarea to use a getter for trigger index, enhancing performance and avoiding stale closures.
- Updated PRESET_ROLES to include additional roles: architect, docs, auditor, and optimizer, expanding role selection options.
- Adjusted package.json build scripts to remove automatic publishing flags for a more streamlined build process.
- Updated notification configuration to separate settings for lead and user inbox messages, improving user control over notifications.
- Enhanced the handling of inbox message notifications to respect individual inbox settings.
- Introduced new IPC methods for managing watched directories, allowing for more granular file monitoring.
- Improved task management by implementing work intervals for task status transitions, ensuring accurate tracking of task progress.
- Added validation for task creation and configuration, ensuring proper input handling for project paths and task properties.
- Introduced character limits for Markdown content in MarkdownViewer to prevent UI freezes with large content.
- Added state management for raw content display in MarkdownViewer, allowing users to expand and view large markdown files.
- Implemented performance logging in GlobalTaskDetailDialog and TaskDetailDialog to track loading states and improve debugging.
- Updated loading state handling in TaskDetailDialog to ensure accurate representation of loading conditions.
- Change releaseType from draft to release for auto-publishing
- Add upload-stable-links job to create version-agnostic asset copies
- Update README with direct download URLs per platform
- Add Requirements section to Installation
- Remove downloads/platform badges
- Add docs/RELEASE.md with versioning and release guide
- Move community docs to .github/
- Updated the postinstall script in package.json to handle rebuild failures gracefully.
- Added clearContext option in team launch requests to allow starting fresh sessions without resuming previous context.
- Improved CLI installer logging by integrating raw output chunks for better terminal rendering.
- Refactored components to utilize TerminalLogPanel for displaying installation logs, enhancing user experience during CLI installation.
- Updated various services and hooks to support the new clearContext feature and raw logging.
- Modified the asarUnpack configuration in package.json to include all node-pty files for better packaging.
- Added a new markdown file detailing findings from deep research on diff view limitations, addressing false positives and negatives, hunk index mismatches, and content duplication issues in edits.
- Added PtyTerminalService to manage PTY terminal processes, enabling terminal functionalities within the application.
- Updated CLI installer to include authentication status checks, providing feedback on user login state.
- Enhanced the dashboard with a warning banner for CLI installation status, prompting users to log in if not authenticated.
- Introduced IPC channels for terminal operations, allowing communication between main and renderer processes for terminal management.
- Improved TaskCommentsSection and other components to support new features and enhance user experience during task management.
- Implemented functionality for restoring soft-deleted teams and permanently deleting teams from the system.
- Introduced new IPC channels for team restoration and permanent deletion, enhancing team management capabilities.
- Updated TeamDataService and related components to handle the new operations, ensuring data integrity during team management.
- Enhanced UI components to support team restoration and deletion actions, improving user experience and management workflows.
- Added support for inferring team lead names from configuration, improving message attribution in task communications.
- Introduced new dependencies for CodeMirror language support, enhancing the editing experience for various programming languages.
- Implemented scoped item IDs in the CLI logs view to prevent cross-group collisions, improving UI clarity.
- Enhanced sorting logic in the team list view to prioritize alive teams and match current project paths.
- Added lazy-check functionality for task changes in Kanban cards, optimizing performance and user experience.
- Updated diff view components to support new language features and improve overall editing capabilities.
- Added support for editing file content during reviews, allowing users to save changes directly to disk.
- Introduced new IPC channels for saving edited files and handling content updates.
- Enhanced the review toolbar with actions for saving and discarding edits, along with indicators for edited files.
- Implemented keyboard shortcuts for improved navigation and editing experience.
- Integrated a new component for rendering CLI logs in a rich format, replacing the previous raw JSON display.
- Updated state management to track edited contents and handle file edits effectively.
Brings in upstream changes:
- Session analysis reports (overview, cost, tokens, tools, git, quality)
- Unified cost calculation with LiteLLM pricing data
- Custom title bar for Linux with native toggle
- Auto-expand AI response groups setting
- MoreMenu toolbar component
- Various fixes (window drag, Ctrl+R, notification guard)
All merge conflicts resolved preserving both fork features (team management,
agent language, fullscreen, diff view) and upstream additions.
- Add highlight.js as direct dependency (was transitive via rehype-highlight, missing type declarations in CI)
- Replace `app.getLocale()` with `Intl.DateTimeFormat().resolvedOptions().locale` to avoid importing electron in TeamProvisioningService (broke tests that don't mock electron)