Skip to content

v0.7.0

Choose a tag to compare

@github-actions github-actions released this 18 Jun 22:51

Coyote v0.7.0

This release introduces a brand-new persistent memory system and a fully built-in sandboxing (sbx) layer powered by Docker — letting Coyote remember things across sessions and giving every run an isolated, mixin-extensible environment — alongside REPL ergonomics, diagnostic tooling, and a host of reliability improvements.

Important

📦 Reinstall the updated built-in assets

This release updates and adds several built-in assets. After upgrading, reinstall them with the .install REPL command or the coyote --install CLI flag for every asset category listed below:

coyote --install functions

Or, from within the REPL:

.install functions

Reinstalling overwrites the bundled assets with this release's versions.


✨ Highlights

🧠 Memory — persistent, configurable knowledge across sessions

Coyote now ships a first-class memory system that lets the LLM read and write durable memory tied to the global config, a workspace, a role, an agent, or a single session. Memory is a file-backed, append-only knowledge store the model can consult before answering and update as it learns.

  • New memory module with persistent on-disk storage and a generated MEMORY.md index that is auto-appended on every write — no more relying on the model to remember to update it.
  • Memory configuration is wired into the main app config, roles, sessions, and agents, with global and workspace scopes selectable independently.
  • Built-in memory tools for listing, reading, writing, and updating memories, with read-only and read/write modes governed by a memory-specific system prompt that's appended whenever memory is active.
  • --init-memory [global|workspace] CLI flag to quickly enable and scaffold memory in either scope, plus --no-memory to disable memory for a single invocation.
  • Auto-bootstrapped workspace memory when Coyote is launched inside a git repo, so workspace knowledge starts collecting automatically.
  • REPL integration: .set memory commands to toggle memory injection and switch modes mid-conversation, and memory's global configuration is now surfaced in both --info and .info output.
  • Example configurations and docs updated to cover the new memory settings and the --init-memory flag.

📦 Sandboxing — first-class, Docker-powered, mixin-extensible sandboxes

Coyote now has built-in sandboxing ("sbx") powered by Docker, giving every run an isolated environment that can be tailored per workspace via a flexible mixin system.

  • New sbx-kit asset category providing the core sandbox spec, plus a mixin kit for built-in functions and MCP servers so the bundled tooling drops straight into the sandbox.
  • Dynamic sbx mixin discovery: Coyote loads sbx mixins from both the user's workspace and config directories, so projects can ship their own mixins alongside their config.
  • New sbx-vault-mixins asset category with first-party mixins for AWS Secrets Manager, Azure Key Vault, GCP Secret Manager, gopass, and 1Password, so every supported secrets provider works seamlessly inside the sandbox.
  • --fresh CLI flag for spinning up a truly bare-bones sandbox with no config bootstrapping — useful for clean-room experimentation.
  • The .info and --info outputs now include the active sbx directories, so it's obvious what's mounted and where.
  • Cross-platform path handling: Windows-based local vault password file locations now resolve correctly and are bootstrapped into the sandbox when possible, and user-prefixed Mac and Linux paths for the vault password file are auto-translated when running inside a sandbox.

🛠️ REPL, diagnostics & reliability

  • Direct shell execution from the REPL — run shell commands inline without leaving the session.
  • New .info tools diagnostic subcommand to make it easy to see exactly which tools are enabled in every context (global, role, agent, session).
  • Additional .info output for enabled skills and sbx directories.
  • .skills command completion migrated to use StateFlags, with updated help messages.
  • Tool scope is now rebuilt after dynamically updating skills_enabled in the REPL, so toggling skills mid-session takes effect immediately.
  • Tool stdout is now buffered alongside stderr, so any tool that writes errors to stdout has them captured and returned to the model — giving the LLM the context it needs to reason about and recover from failures.
  • Improved fs_patch script description and error handling, making patch failures legible and recoverable.
  • Explicit guardrail handling for pending agents, preventing them from being invoked in inconsistent states.
  • New Claude Fable 5 entry in models.yaml, with require_max_tokens correctly set.
  • Non-streaming Claude requests now use rawPredict for correctness.
  • Pinned aws-smithy-types and time to work around the upstream aws-smithy-types release breakage.

🐛 Notable fixes

  • Auto-bootstrapped memory was incorrectly writing MEMORY.md to the repo root instead of .coyote/memory/MEMORY.md.
  • .vault list no longer attempts to autocomplete past the end of the command.
  • Sandbox: Windows local vault password file paths are now resolved and bootstrapped into the sandbox when possible, and user-prefixed Mac/Linux paths are auto-translated.
  • auto_continue=false no longer leaves stale todo functions in the active function list.
  • Linter complaints in the paths module cleaned up.

AI Use Disclosure

The above release notes were created by Claude Opus 4.8 and reviewed and revised by myself, @Dark-Alex-17.

All code (the new memory system, the sbx sandboxing layer and its mixin kit, the vault mixin specs, REPL diagnostics, and built-in tool fixes) was first designed by myself and tested out with simple POCs. AI was used to do the implementation step-by-step with myself intervening between each step to review, sometimes write more complex code manually (because I don't trust it), and make changes and catch bugs.

All bugs that emerge as part of this release and any new code added are fully my responsibility and fully created by myself.

Every line of code written was thoroughly reviewed, tested, and devised by myself prior to any commit.

Models used:

  • Claude (Opus and Sonnet)
  • OpenAI (GPT 5.4)
  • Ollama (Gemma4, Phi4, Qwen3, llama3.3)
  • Mistral (Codestral and Devstral)
  • Gemini (3.1-pro-preview)