Releases: Garretts-Apps/buildwithnexus
Release list
v0.12.2
Fixed
- Bundle analyzers work now. Added a
browserfield pointing at a
dependency-free stub entry (index.browser.js) — tools like bundlephobia
that webpack-bundle the package no longer fail onchild_processand the
platform binary packages the Node entry resolves. The stub exposes
{ version }and throws clearly if the CLI surface is called in a browser. - Publish workflow: the crates.io "already published" check queried the local
workspace instead of the registry (cargo inforesolves workspace members
locally), silently skipping real publishes. It now asks the sparse index.
What's Changed
- fix(release): crates.io existence check queried the local workspace, not the registry by @geaglin in #51
- release 0.12.2: browser stub entry so bundle analyzers build the package by @geaglin in #52
Full Changelog: v0.12.1...v0.12.2
Fixed
- Bundle analyzers work now. Added a
browserfield pointing at a
dependency-free stub entry (index.browser.js) — tools like bundlephobia
that webpack-bundle the package no longer fail onchild_processand the
platform binary packages the Node entry resolves. The stub exposes
{ version }and throws clearly if the CLI surface is called in a browser. - Publish workflow: the crates.io "already published" check queried the local
workspace instead of the registry (cargo inforesolves workspace members
locally), silently skipping real publishes. It now asks the sparse index.
What's Changed
- fix(release): crates.io existence check queried the local workspace, not the registry by @geaglin in #51
- release 0.12.2: browser stub entry so bundle analyzers build the package by @geaglin in #52
Full Changelog: v0.12.1...v0.12.2
Fixed
- Bundle analyzers work now. Added a
browserfield pointing at a
dependency-free stub entry (index.browser.js) — tools like bundlephobia
that webpack-bundle the package no longer fail onchild_processand the
platform binary packages the Node entry resolves. The stub exposes
{ version }and throws clearly if the CLI surface is called in a browser. - Publish workflow: the crates.io "already published" check queried the local
workspace instead of the registry (cargo inforesolves workspace members
locally), silently skipping real publishes. It now asks the sparse index.
What's Changed
- fix(release): crates.io existence check queried the local workspace, not the registry by @geaglin in #51
- release 0.12.2: browser stub entry so bundle analyzers build the package by @geaglin in #52
Full Changelog: v0.12.1...v0.12.2
Fixed
- Bundle analyzers work now. Added a
browserfield pointing at a
dependency-free stub entry (index.browser.js) — tools like bundlephobia
that webpack-bundle the package no longer fail onchild_processand the
platform binary packages the Node entry resolves. The stub exposes
{ version }and throws clearly if the CLI surface is called in a browser. - Publish workflow: the crates.io "already published" check queried the local
workspace instead of the registry (cargo inforesolves workspace members
locally), silently skipping real publishes. It now asks the sparse index.
What's Changed
- fix(release): crates.io existence check queried the local workspace, not the registry by @geaglin in #51
- release 0.12.2: browser stub entry so bundle analyzers build the package by @geaglin in #52
Full Changelog: v0.12.1...v0.12.2
v0.12.1
Supply-chain hardening: the npm install is now inert and auditable at a glance.
Changed
- Per-platform binary packages. The prebuilt binary ships as five
buildwithnexus-<os>-<cpu>packages selected automatically via
optionalDependencies(the esbuild pattern). The main package is ~7 readable
files with no install scripts, no network code, no shell-outs (beyond
spawning the CLI itself), no bundled sources, no eval — supply-chain
scanners have nothing to flag. Binaries are SHA-256-verified when packaged
and carry build-provenance attestations. - Auto-update moved into the binary. The daily npm-registry check and
silentnpm install -grefresh now run inside the CLI (background thread,
never blocks startup) instead of the npm wrapper.BWN_NO_AUTO_UPDATE=1
still disables installs; an update notice prints on the next launch. - Installs with
--omit=optionalskip the platform binary; pointBWN_BIN
at a self-built binary (documented in the launcher's error message and at
buildwithnexus.dev/docs/install). - Added a
mainentry point (index.js) with a tiny programmatic API
({ version, binaryPath, run }) so bundle analyzers stop erroring on the
bin-only package.
What's Changed
- release 0.12.1: zero supply-chain flags, crates.io publishing (
cargo install bwn), CI action bumps (supersedes #47) by @geaglin in #49 - release: ship-now/tokens-later publishing (npm OIDC day one) + inline image rendering in the TUI by @geaglin in #50
Full Changelog: v0.12.0...v0.12.1
Supply-chain hardening: the npm install is now inert and auditable at a glance.
Changed
- Per-platform binary packages. The prebuilt binary ships as five
buildwithnexus-<os>-<cpu>packages selected automatically via
optionalDependencies(the esbuild pattern). The main package is ~7 readable
files with no install scripts, no network code, no shell-outs (beyond
spawning the CLI itself), no bundled sources, no eval — supply-chain
scanners have nothing to flag. Binaries are SHA-256-verified when packaged
and carry build-provenance attestations. - Auto-update moved into the binary. The daily npm-registry check and
silentnpm install -grefresh now run inside the CLI (background thread,
never blocks startup) instead of the npm wrapper.BWN_NO_AUTO_UPDATE=1
still disables installs; an update notice prints on the next launch. - Installs with
--omit=optionalskip the platform binary; pointBWN_BIN
at a self-built binary (documented in the launcher's error message and at
buildwithnexus.dev/docs/install). - Added a
mainentry point (index.js) with a tiny programmatic API
({ version, binaryPath, run }) so bundle analyzers stop erroring on the
bin-only package.
What's Changed
- release 0.12.1: zero supply-chain flags, crates.io publishing (
cargo install bwn), CI action bumps (supersedes #47) by @geaglin in #49 - release: ship-now/tokens-later publishing (npm OIDC day one) + inline image rendering in the TUI by @geaglin in #50
Full Changelog: v0.12.0...v0.12.1
Supply-chain hardening: the npm install is now inert and auditable at a glance.
Changed
- Per-platform binary packages. The prebuilt binary ships as five
buildwithnexus-<os>-<cpu>packages selected automatically via
optionalDependencies(the esbuild pattern). The main package is ~7 readable
files with no install scripts, no network code, no shell-outs (beyond
spawning the CLI itself), no bundled sources, no eval — supply-chain
scanners have nothing to flag. Binaries are SHA-256-verified when packaged
and carry build-provenance attestations. - Auto-update moved into the binary. The daily npm-registry check and
silentnpm install -grefresh now run inside the CLI (background thread,
never blocks startup) instead of the npm wrapper.BWN_NO_AUTO_UPDATE=1
still disables installs; an update notice prints on the next launch. - Installs with
--omit=optionalskip the platform binary; pointBWN_BIN
at a self-built binary (documented in the launcher's error message and at
buildwithnexus.dev/docs/install). - Added a
mainentry point (index.js) with a tiny programmatic API
({ version, binaryPath, run }) so bundle analyzers stop erroring on the
bin-only package.
What's Changed
- release 0.12.1: zero supply-chain flags, crates.io publishing (
cargo install bwn), CI action bumps (supersedes #47) by @geaglin in #49 - release: ship-now/tokens-later publishing (npm OIDC day one) + inline image rendering in the TUI by @geaglin in #50
Full Changelog: v0.12.0...v0.12.1
Supply-chain hardening: the npm install is now inert and auditable at a glance.
Changed
- Per-platform binary packages. The prebuilt binary ships as five
buildwithnexus-<os>-<cpu>packages selected automatically via
optionalDependencies(the esbuild pattern). The main package is ~7 readable
files with no install scripts, no network code, no shell-outs (beyond
spawning the CLI itself), no bundled sources, no eval — supply-chain
scanners have nothing to flag. Binaries are SHA-256-verified when packaged
and carry build-provenance attestations. - Auto-update moved into the binary. The daily npm-registry check and
silentnpm install -grefresh now run inside the CLI (background thread,
never blocks startup) instead of the npm wrapper.BWN_NO_AUTO_UPDATE=1
still disables installs; an update notice prints on the next launch. - Installs with
--omit=optionalskip the platform binary; pointBWN_BIN
at a self-built binary (documented in the launcher's error message and at
buildwithnexus.dev/docs/install). - Added a
mainentry point (index.js) with a tiny programmatic API
({ version, binaryPath, run }) so bundle analyzers stop erroring on the
bin-only package.
What's Changed
- release 0.12.1: zero supply-chain flags, crates.io publishing (
cargo install bwn), CI action bumps (supersedes #47) by @geaglin in #49 - release: ship-now/tokens-later publishing (npm OIDC day one) + inline image rendering in the TUI by @geaglin in #50
Full Changelog: v0.12.0...v0.12.1
Supply-chain hardening: the npm install is now inert and auditable at a glance.
Changed
- Per-platform binary packages. The prebuilt binary ships as five
buildwithnexus-<os>-<cpu>packages selected automatically via
optionalDependencies(the esbuild pattern). The main package is ~7 readable
files with no install scripts, no network code, no shell-outs (beyond
spawning the CLI itself), no bundled sources, no eval — supply-chain
scanners have nothing to flag. Binaries are SHA-256-verified when packaged
and carry build-provenance attestations. - Auto-update moved into the binary. The daily npm-registry check and
silentnpm install -grefresh now run inside the CLI (background thread,
never blocks startup) instead of the npm wrapper.BWN_NO_AUTO_UPDATE=1
still disables installs; an update notice prints on the next launch. - Installs with
--omit=optionalskip the platform binary; pointBWN_BIN
at a self-built binary (documented in the launcher's error message and at
buildwithnexus.dev/docs/install). - Added a
mainentry point (index.js) with a tiny programmatic API
({ version, binaryPath, run }) so bundle analyzers stop erroring on the
bin-only package.
What's Changed
- release 0.12.1: zero supply-chain flags, crates.io publishing (
cargo install bwn), CI action bumps (supersedes #47) by @geaglin in #49 - release: ship-now/tokens-later publishing (npm OIDC day one) + inline image rendering in the TUI by @geaglin in #50
Full Changelog: v0.12.0...v0.12.1
v0.12.0
The Ferrari release: a full UI/UX overhaul — instant, multimodal, and clean.
Added
- Live slash-command autocomplete. Typing
/(or@, or a sub-argument)
opens a popup above the composer with one-line descriptions for all built-in
commands; ↑/↓ navigate, Tab/Enter accept, Esc dismisses. Removed the ghost
commands (/effort,/plugin,/marketplace) that autocomplete offered but
no handler implemented. - True multimodal input.
Ctrl+Vpastes clipboard images (Wayland/X11/
macOS/WSL) as attachments;@clip.mp4(and other containers) is parsed with
ffmpeg/ffprobe into up to 8 evenly-sampled frames plus a metadata block.
Both are gated on a per-model vision-capability check — text-only models get
an explicit notice instead of silently dropped images. - Clickable files and links (OSC 8). Markdown links and
⏺ edit/write
headers are terminal hyperlinks: click a path to open the file in the OS
default app. The ANSI scanners learned OSC strings so links cost zero
display columns. - npm auto-update. A detached background process checks the registry at
most once a day and silently installs newer versions; the next launch prints
a one-line notice. Opt out withBWN_NO_AUTO_UPDATE=1. Startup never waits
on the network. - Esc interrupts the agent (with queued prompts auto-sending next turn),
double-click word / triple-click line selection with a soft theme highlight
and a "⎘ copied" footer flash, prefix-filtered ↑ history that preserves the
in-progress draft, Ctrl/Alt+←→ word jumps, and mode-aware cursor shapes
(accent bar / vim block / visual underline) hidden while the agent works.
Changed
- GitHub-grade diffs. One renderer for edit previews, write previews, and
applied changes: dual line-number gutter, background-tinted rows, word-level
change emphasis on replacement pairs, hunk elision, and a 40-row cap.
NO_COLORkeeps signed- / +text. - Bordered composer box (opencode-style) with the spinner inside showing
elapsed seconds and an interrupt hint; minimal banner (gradient wordmark +
aligned model/cwd/mode rows) replacing the emoji-heavy boxed header. - Grouped, auto-aligned
/help, rendered markdown for/verify, rule
violations,/agents, and/memory(no more raw##/**), human-readable
verification statuses, and a consistent✓ / ✗ / ⚠ / ⟳message vocabulary. - Removed fabricated telemetry: the hardcoded
est. costfigure and the
tok/s badge derived from character counts are gone; the context meter shows
only real used/total tokens.
Fixed
- Tool denials rendered dim-grey (now red); failed background workflows were
announced in success-green; a raweprintln!corrupted the alt-screen
during/resume; HTTP retries were silent for up to 10s (now a visible
⟳ retryingline); tool previews and the permission prompt could smear a
multi-line command across the screen (capped at 80 cols, prompt legend on
its own line).
Performance
- ~215× faster streaming renders. The renderer re-wrapped the entire
transcript on every streamed chunk/keystroke/scroll; now each line wraps
once (incremental cache), repaints are coalesced to ~60fps and applied as
atomic frames (DEC 2026), and multi-line blocks (diffs, code, command
output) paint in one repaint instead of one per row. - Instant startup: dependency probes moved off the critical path; the screen
paints chrome immediately so there is never a black frame.
What's Changed
- release: 0.12.0 — UI/UX overhaul, 215× faster renders, true multimodal, npm auto-update by @geaglin in #48
Full Changelog: v0.11.4...v0.12.0
The Ferrari release: a full UI/UX overhaul — instant, multimodal, and clean.
Added
- Live slash-command autocomplete. Typing
/(or@, or a sub-argument)
opens a popup above the composer with one-line descriptions for all built-in
commands; ↑/↓ navigate, Tab/Enter accept, Esc dismisses. Removed the ghost
commands (/effort,/plugin,/marketplace) that autocomplete offered but
no handler implemented. - True multimodal input.
Ctrl+Vpastes clipboard images (Wayland/X11/
macOS/WSL) as attachments;@clip.mp4(and other containers) is parsed with
ffmpeg/ffprobe into up to 8 evenly-sampled frames plus a metadata block.
Both are gated on a per-model vision-capability check — text-only models get
an explicit notice instead of silently dropped images. - Clickable files and links (OSC 8). Markdown links and
⏺ edit/write
headers are terminal hyperlinks: click a path to open the file in the OS
default app. The ANSI scanners learned OSC strings so links cost zero
display columns. - npm auto-update. A detached background process checks the registry at
most once a day and silently installs newer versions; the next launch prints
a one-line notice. Opt out withBWN_NO_AUTO_UPDATE=1. Startup never waits
on the network. - Esc interrupts the agent (with queued prompts auto-sending next turn),
double-click word / triple-click line selection with a soft theme highlight
and a "⎘ copied" footer flash, prefix-filtered ↑ history that preserves the
in-progress draft, Ctrl/Alt+←→ word jumps, and mode-aware cursor shapes
(accent bar / vim block / visual underline) hidden while the agent works.
Changed
- GitHub-grade diffs. One renderer for edit previews, write previews, and
applied changes: dual line-number gutter, background-tinted rows, word-level
change emphasis on replacement pairs, hunk elision, and a 40-row cap.
NO_COLORkeeps signed- / +text. - Bordered composer box (opencode-style) with the spinner inside showing
elapsed seconds and an interrupt hint; minimal banner (gradient wordmark +
aligned model/cwd/mode rows) replacing the emoji-heavy boxed header. - Grouped, auto-aligned
/help, rendered markdown for/verify, rule
violations,/agents, and/memory(no more raw##/**), human-readable
verification statuses, and a consistent✓ / ✗ / ⚠ / ⟳message vocabulary. - Removed fabricated telemetry: the hardcoded
est. costfigure and the
tok/s badge derived from character counts are gone; the context meter shows
only real used/total tokens.
Fixed
- Tool denials rendered dim-grey (now red); failed background workflows were
announced in success-green; a raweprintln!corrupted the alt-screen
during/resume; HTTP retries were silent for up to 10s (now a visible
⟳ retryingline); tool previews and the permission prompt could smear a
multi-line command across the screen (capped at 80 cols, prompt legend on
its own line).
Performance
- ~215× faster streaming renders. The renderer re-wrapped the entire
transcript on every streamed chunk/keystroke/scroll; now each line wraps
once (incremental cache), repaints are coalesced to ~60fps and applied as
atomic frames (DEC 2026), and multi-line blocks (diffs, code, command
output) paint in one repaint instead of one per row. - Instant startup: dependency probes moved off the critical path; the screen
paints chrome immediately so there is never a black frame.
What's Changed
- release: 0.12.0 — UI/UX overhaul, 215× faster renders, true multimodal, npm auto-update by @geaglin in #48
Full Changelog: v0.11.4...v0.12.0
The Ferrari release: a full UI/UX overhaul — instant, multimodal, and clean.
Added
- Live slash-command autocomplete. Typing
/(or@, or a sub-argument)
opens a popup above the composer with one-line descriptions for all built-in
commands; ↑/↓ navigate, Tab/Enter accept, Esc dismisses. Removed the ghost
commands (/effort,/plugin,/marketplace) that autocomplete offered but
no handler implemented. - True multimodal input.
Ctrl+Vpastes clipboard images (Wayland/X11/
macOS/WSL) as attachments;@clip.mp4(and other containers) is parsed with
ffmpeg/ffprobe into up to 8 evenly-sampled frames plus a metadata block.
Both are gated on a per-model vision-capability check — text-only models get
an explicit notice instead of silently dropped images. - Clickable files and links (OSC 8). Markdown links and
⏺ edit/write
headers are terminal hyperlinks: click a path to open the file in the OS
default app. The ANSI scanners learned OSC strings so links cost zero
display columns. - npm auto-update. A detached background process checks the registry at
most once a day and silently installs newer versions; the next launch prints
a one-line notice. Opt out withBWN_NO_AUTO_UPDATE=1. Startup never waits
on the network. - Esc interrupts the agent (with queued prompts auto-sending next turn),
double-click word / triple-click line selection with a soft theme highlight
and a "⎘ copied" footer flash, prefix-filtered ↑ history that preserves the
in-progress draft, Ctrl/Alt+←→ word jumps, and mode-aware cursor shapes
(accent bar / vim block / visual underline) hidden while the agent works.
Changed
- GitHub-grade diffs. One renderer for edit previews, write previews, and
applied changes: dual line-number gutter, background-tinted rows, word-level
change emphasis on replacement pairs, hunk elision, and a 40-row cap.
NO_COLORkeeps signed- / +text. - Bordered composer box (opencode-style) with the spinner inside showing
elapsed seconds and an interrupt hint; minimal banner (gradient wordmark +
aligned model/cwd/mode rows) replacing the emoji-heavy boxed header. - Grouped, auto-aligned
/help, rendered markdown for/verify, rule
violations,/agents, an...
v0.11.4
Gemma local-model support, from a real gemma-2-2b-it session on llama.cpp.
Added
- Parse Gemma's
tool_codetool-call format. Gemma emits tool calls as a
```tool_codefenced Python call —write_file("/p", """…"""),
sometimes wrapped inprint(...). The harness only understood JSON/<tools>,
so it treated the call as prose and (eventually) published an empty artifact.
The recovery parser now handles the Python-call syntax: it unwrapsprint(),
splits arguments while skipping triple/single/double-quoted strings, and maps
keyword and positional args through each tool's signature. Verified: Gemma's
write_filenow executes on the first attempt.
Fixed
- Gemma multi-turn no longer crashes on the chat template. Gemma's llama.cpp
template rejects thesystem/toolroles and requires strictly alternating
user/assistant turns, so any turn carrying a tool result 400'd and the agentic
loop died after one step. On such a template error the OpenAI-compatible path
now retries once with a flattened, strictly-alternating message body. (qwen's
template accepts the standard roles, so its path is unchanged.)
What's Changed
- release: 0.11.4 — Gemma local-model support (tool_code parsing + template-role flatten) by @geaglin in #46
Full Changelog: v0.11.3...v0.11.4
Gemma local-model support, from a real gemma-2-2b-it session on llama.cpp.
Added
- Parse Gemma's
tool_codetool-call format. Gemma emits tool calls as a
```tool_codefenced Python call —write_file("/p", """…"""),
sometimes wrapped inprint(...). The harness only understood JSON/<tools>,
so it treated the call as prose and (eventually) published an empty artifact.
The recovery parser now handles the Python-call syntax: it unwrapsprint(),
splits arguments while skipping triple/single/double-quoted strings, and maps
keyword and positional args through each tool's signature. Verified: Gemma's
write_filenow executes on the first attempt.
Fixed
- Gemma multi-turn no longer crashes on the chat template. Gemma's llama.cpp
template rejects thesystem/toolroles and requires strictly alternating
user/assistant turns, so any turn carrying a tool result 400'd and the agentic
loop died after one step. On such a template error the OpenAI-compatible path
now retries once with a flattened, strictly-alternating message body. (qwen's
template accepts the standard roles, so its path is unchanged.)
What's Changed
- release: 0.11.4 — Gemma local-model support (tool_code parsing + template-role flatten) by @geaglin in #46
Full Changelog: v0.11.3...v0.11.4
Gemma local-model support, from a real gemma-2-2b-it session on llama.cpp.
Added
- Parse Gemma's
tool_codetool-call format. Gemma emits tool calls as a
```tool_codefenced Python call —write_file("/p", """…"""),
sometimes wrapped inprint(...). The harness only understood JSON/<tools>,
so it treated the call as prose and (eventually) published an empty artifact.
The recovery parser now handles the Python-call syntax: it unwrapsprint(),
splits arguments while skipping triple/single/double-quoted strings, and maps
keyword and positional args through each tool's signature. Verified: Gemma's
write_filenow executes on the first attempt.
Fixed
- Gemma multi-turn no longer crashes on the chat template. Gemma's llama.cpp
template rejects thesystem/toolroles and requires strictly alternating
user/assistant turns, so any turn carrying a tool result 400'd and the agentic
loop died after one step. On such a template error the OpenAI-compatible path
now retries once with a flattened, strictly-alternating message body. (qwen's
template accepts the standard roles, so its path is unchanged.)
What's Changed
- release: 0.11.4 — Gemma local-model support (tool_code parsing + template-role flatten) by @geaglin in #46
Full Changelog: v0.11.3...v0.11.4
Gemma local-model support, from a real gemma-2-2b-it session on llama.cpp.
Added
- Parse Gemma's
tool_codetool-call format. Gemma emits tool calls as a
```tool_codefenced Python call —write_file("/p", """…"""),
sometimes wrapped inprint(...). The harness only understood JSON/<tools>,
so it treated the call as prose and (eventually) published an empty artifact.
The recovery parser now handles the Python-call syntax: it unwrapsprint(),
splits arguments while skipping triple/single/double-quoted strings, and maps
keyword and positional args through each tool's signature. Verified: Gemma's
write_filenow executes on the first attempt.
Fixed
- Gemma multi-turn no longer crashes on the chat template. Gemma's llama.cpp
template rejects thesystem/toolroles and requires strictly alternating
user/assistant turns, so any turn carrying a tool result 400'd and the agentic
loop died after one step. On such a template error the OpenAI-compatible path
now retries once with a flattened, strictly-alternating message body. (qwen's
template accepts the standard roles, so its path is unchanged.)
What's Changed
- release: 0.11.4 — Gemma local-model support (tool_code parsing + template-role flatten) by @geaglin in #46
Full Changelog: v0.11.3...v0.11.4
v0.11.3
Small-model BUILD reliability, from a real qwen2.5-coder-1.5b session that
looped instead of building a page.
Fixed
- Small models no longer stall on the clarifying-question tool. The
questiontool is dropped from the compact (local/small-model) tool set — a
1.5B model was re-asking "use a framework?" endlessly instead of building. It
now acts on sensible defaults; larger models and PLAN mode keep the tool. - Question answers now echo what you type. The answer prompt was a
multi-line string, which mis-positioned the alt-screen composer cursor and
hid typed input. The question prints on its own line and the answer is read
with a single-line prompt. - HTML artifacts that link a local stylesheet are rejected with an
actionable message (name the file, inline the CSS), mirroring the existing
local-<script src>check; the too-small message now explicitly demands a
single self-contained file with no external links.
What's Changed
- release: 0.11.3 — small-model BUILD reliability (question stalling, answer echo, external CSS) by @geaglin in #45
Full Changelog: v0.11.2...v0.11.3
Small-model BUILD reliability, from a real qwen2.5-coder-1.5b session that
looped instead of building a page.
Fixed
- Small models no longer stall on the clarifying-question tool. The
questiontool is dropped from the compact (local/small-model) tool set — a
1.5B model was re-asking "use a framework?" endlessly instead of building. It
now acts on sensible defaults; larger models and PLAN mode keep the tool. - Question answers now echo what you type. The answer prompt was a
multi-line string, which mis-positioned the alt-screen composer cursor and
hid typed input. The question prints on its own line and the answer is read
with a single-line prompt. - HTML artifacts that link a local stylesheet are rejected with an
actionable message (name the file, inline the CSS), mirroring the existing
local-<script src>check; the too-small message now explicitly demands a
single self-contained file with no external links.
What's Changed
- release: 0.11.3 — small-model BUILD reliability (question stalling, answer echo, external CSS) by @geaglin in #45
Full Changelog: v0.11.2...v0.11.3
Small-model BUILD reliability, from a real qwen2.5-coder-1.5b session that
looped instead of building a page.
Fixed
- Small models no longer stall on the clarifying-question tool. The
questiontool is dropped from the compact (local/small-model) tool set — a
1.5B model was re-asking "use a framework?" endlessly instead of building. It
now acts on sensible defaults; larger models and PLAN mode keep the tool. - Question answers now echo what you type. The answer prompt was a
multi-line string, which mis-positioned the alt-screen composer cursor and
hid typed input. The question prints on its own line and the answer is read
with a single-line prompt. - HTML artifacts that link a local stylesheet are rejected with an
actionable message (name the file, inline the CSS), mirroring the existing
local-<script src>check; the too-small message now explicitly demands a
single self-contained file with no external links.
What's Changed
- release: 0.11.3 — small-model BUILD reliability (question stalling, answer echo, external CSS) by @geaglin in #45
Full Changelog: v0.11.2...v0.11.3
Small-model BUILD reliability, from a real qwen2.5-coder-1.5b session that
looped instead of building a page.
Fixed
- Small models no longer stall on the clarifying-question tool. The
questiontool is dropped from the compact (local/small-model) tool set — a
1.5B model was re-asking "use a framework?" endlessly instead of building. It
now acts on sensible defaults; larger models and PLAN mode keep the tool. - Question answers now echo what you type. The answer prompt was a
multi-line string, which mis-positioned the alt-screen composer cursor and
hid typed input. The question prints on its own line and the answer is read
with a single-line prompt. - HTML artifacts that link a local stylesheet are rejected with an
actionable message (name the file, inline the CSS), mirroring the existing
local-<script src>check; the too-small message now explicitly demands a
single self-contained file with no external links.
What's Changed
- release: 0.11.3 — small-model BUILD reliability (question stalling, answer echo, external CSS) by @geaglin in #45
Full Changelog: v0.11.2...v0.11.3
v0.11.2
Document generation, web-content quality, TUI, and small-model streaming
refinements — all additive fixes, no breaking changes.
Added
- Rich Word document generation.
create_docxnow renders inline markdown
(**bold**,*italic*,`code`) as real Word runs instead of literal
asterisks, and converts markdown tables (| col | col |) into bordered Word
tables with a bold header row. Emphasis is conservative — arithmetic like
5 * 3, glob patterns, andsnake_caseare left untouched. - Structured web search.
web_searchreturns numberedtitle / url / snippetresults (recovering the real target URL from DuckDuckGo's redirect
wrapper) instead of the raw page run through an HTML stripper — far easier for
small models to read. Falls back to the stripped text if the markup changes.
Fixed
- Numeric HTML entities in fetched content.
strip_htmland the search
parser now decode decimal/hex character references (’,’,
—), so fetched pages and snippets no longer show garbled curly quotes
and dashes. - TUI markdown emphasis. An unbalanced
`,**, or single*(e.g.
5 * 3) no longer styles the rest of the line — the inline renderer only
opens a style when a matching closer exists ahead and the marker flanks
non-space text. <think>reasoning leakage. Reasoning models (DeepSeek-R1 distills, Qwen
thinking variants) that emit<think>…</think>inline in content no longer
leak that into the final answer or written files: it's stripped on the
non-streaming parse path, and a<think>/</think>tag split across streaming
chunks (routine with token-by-token local streaming) is now reassembled
instead of leaking a partial marker.
What's Changed
Full Changelog: v0.11.1...v0.11.2
Document generation, web-content quality, TUI, and small-model streaming
refinements — all additive fixes, no breaking changes.
Added
- Rich Word document generation.
create_docxnow renders inline markdown
(**bold**,*italic*,`code`) as real Word runs instead of literal
asterisks, and converts markdown tables (| col | col |) into bordered Word
tables with a bold header row. Emphasis is conservative — arithmetic like
5 * 3, glob patterns, andsnake_caseare left untouched. - Structured web search.
web_searchreturns numberedtitle / url / snippetresults (recovering the real target URL from DuckDuckGo's redirect
wrapper) instead of the raw page run through an HTML stripper — far easier for
small models to read. Falls back to the stripped text if the markup changes.
Fixed
- Numeric HTML entities in fetched content.
strip_htmland the search
parser now decode decimal/hex character references (’,’,
—), so fetched pages and snippets no longer show garbled curly quotes
and dashes. - TUI markdown emphasis. An unbalanced
`,**, or single*(e.g.
5 * 3) no longer styles the rest of the line — the inline renderer only
opens a style when a matching closer exists ahead and the marker flanks
non-space text. <think>reasoning leakage. Reasoning models (DeepSeek-R1 distills, Qwen
thinking variants) that emit<think>…</think>inline in content no longer
leak that into the final answer or written files: it's stripped on the
non-streaming parse path, and a<think>/</think>tag split across streaming
chunks (routine with token-by-token local streaming) is now reassembled
instead of leaking a partial marker.
What's Changed
Full Changelog: v0.11.1...v0.11.2
Document generation, web-content quality, TUI, and small-model streaming
refinements — all additive fixes, no breaking changes.
Added
- Rich Word document generation.
create_docxnow renders inline markdown
(**bold**,*italic*,`code`) as real Word runs instead of literal
asterisks, and converts markdown tables (| col | col |) into bordered Word
tables with a bold header row. Emphasis is conservative — arithmetic like
5 * 3, glob patterns, andsnake_caseare left untouched. - Structured web search.
web_searchreturns numberedtitle / url / snippetresults (recovering the real target URL from DuckDuckGo's redirect
wrapper) instead of the raw page run through an HTML stripper — far easier for
small models to read. Falls back to the stripped text if the markup changes.
Fixed
- Numeric HTML entities in fetched content.
strip_htmland the search
parser now decode decimal/hex character references (’,’,
—), so fetched pages and snippets no longer show garbled curly quotes
and dashes. - TUI markdown emphasis. An unbalanced
`,**, or single*(e.g.
5 * 3) no longer styles the rest of the line — the inline renderer only
opens a style when a matching closer exists ahead and the marker flanks
non-space text. <think>reasoning leakage. Reasoning models (DeepSeek-R1 distills, Qwen
thinking variants) that emit<think>…</think>inline in content no longer
leak that into the final answer or written files: it's stripped on the
non-streaming parse path, and a<think>/</think>tag split across streaming
chunks (routine with token-by-token local streaming) is now reassembled
instead of leaking a partial marker.
What's Changed
Full Changelog: v0.11.1...v0.11.2
v0.11.1
Fixed
- Qwen2.5-Coder tool calls now work on llama.cpp/Ollama. Small local coder
models emit tool calls as<tools>{…}</tools>/<tool_call>{…}</tool_call>
text in the message content rather than as nativetool_calls. The text
recovery parser only understood bare or ```json-fenced JSON, so these calls
were treated as prose and the model never acted (an end-to-end run against
qwen2.5-coder-1.5b produced no file). The parser now strips the XML tool tags
and extracts a string-aware balanced JSON object, so acontentfield full of
CSS `{ }` braces no longer truncates the parse. Also recovers a bare JSON
object embedded after a leading sentence.
What's Changed
Full Changelog: v0.11.0...v0.11.1
Fixed
- Qwen2.5-Coder tool calls now work on llama.cpp/Ollama. Small local coder
models emit tool calls as<tools>{…}</tools>/<tool_call>{…}</tool_call>
text in the message content rather than as nativetool_calls. The text
recovery parser only understood bare or ```json-fenced JSON, so these calls
were treated as prose and the model never acted (an end-to-end run against
qwen2.5-coder-1.5b produced no file). The parser now strips the XML tool tags
and extracts a string-aware balanced JSON object, so acontentfield full of
CSS `{ }` braces no longer truncates the parse. Also recovers a bare JSON
object embedded after a leading sentence.
What's Changed
Full Changelog: v0.11.0...v0.11.1
Fixed
- Qwen2.5-Coder tool calls now work on llama.cpp/Ollama. Small local coder
models emit tool calls as<tools>{…}</tools>/<tool_call>{…}</tool_call>
text in the message content rather than as nativetool_calls. The text
recovery parser only understood bare or ```json-fenced JSON, so these calls
were treated as prose and the model never acted (an end-to-end run against
qwen2.5-coder-1.5b produced no file). The parser now strips the XML tool tags
and extracts a string-aware balanced JSON object, so acontentfield full of
CSS `{ }` braces no longer truncates the parse. Also recovers a bare JSON
object embedded after a leading sentence.
What's Changed
Full Changelog: v0.11.0...v0.11.1
Fixed
- Qwen2.5-Coder tool calls now work on llama.cpp/Ollama. Small local coder
models emit tool calls as<tools>{…}</tools>/<tool_call>{…}</tool_call>
text in the message content rather than as nativetool_calls. The text
recovery parser only understood bare or ```json-fenced JSON, so these calls
were treated as prose and the model never acted (an end-to-end run against
qwen2.5-coder-1.5b produced no file). The parser now strips the XML tool tags
and extracts a string-aware balanced JSON object, so acontentfield full of
CSS `{ }` braces no longer truncates the parse. Also recovers a bare JSON
object embedded after a leading sentence.
What's Changed
Full Changelog: v0.11.0...v0.11.1
v0.11.0
Reliability, small-open-weight-model support, and TUI UX overhaul. Grounded in a
full-codebase review plus field research on what opencode / vtcode / aider /
cline ship for weak models.
Added
- Native Ollama protocol (
/api/chat): detects the model's real context
window via/api/showand setsnum_ctx, eliminating Ollama's silent
front-of-prompt truncation — the single biggest measured quality loss for
local models. Sendsrepeat_penalty: 1.0and a low default temperature.
…/v1base URLs stay on the OpenAI-compatible path for backward compatibility. - Live colored diffs rendered in the TUI as files are written and edited
(+/-hunks with add/remove counts), replacing opaque tool-call lines. - Markdown rendering on every output path, including streaming — headings,
bold/italic, inline code, lists, and fenced code blocks now render instead
of showing raw markdown. - Auto mode-switching: a build/plan request made in BRAINSTORM escalates to
the appropriate mode instead of only chatting about it. - "Act, don't explain" nudge: an imperative task answered with prose-only
instructions is pushed to actually use its tools. - Tiered lenient edit apply: whitespace/indentation-tolerant matching
auto-rescues near-miss edits from weak models; similarity matches remain
diagnostic-only. - Configurable
temperature,max_tokens, andcontext_tokenssettings. - CI now runs
cargo fmt --checkandcargo audit.
Changed
Replycarries a normalizedstop_reasonacross both wire protocols;
max_tokenstruncation now triggers a bounded continuation instead of
processing a truncated response.- Retry policy is status-code-based and covers HTTP 529, honors
Retry-After. - Loop guard counts only repeated errors/no-ops (threshold 3), nudges once, then
stops honestly — legitimate re-reads no longer end sessions. - Compaction can no longer sever
tool_use/tool_resultpairs, always pins the
original task, and preserves the recent tail; context-overflow errors
force-compact and retry. - Verifier is wired to real tool-call and changed-file data and feeds violations
back to the model. - System prompt restructured: role/mode contract first, deduplicated,
game/artifact guidance gated on task type, standing rules dump removed. - Compact tool set now applies to all local-context models.
- Command output truncation keeps head and tail so failing-test summaries and
exit codes survive;run_command/python_toolgain a 120s timeout. - Ask-mode auto-allow list trimmed from 44 commands to 15 read-only ones.
- Rewrote
SECURITY.md(it described the removed Python/NEXUS package) and
correctedREADME.mddrift.
Fixed
- Truncated streamed tool-call JSON no longer executes with empty input — it
surfaces as an invalid-arguments error fed back to the model. - Removed the auto-repair hijacks that overwrote correct model output with
literal task substrings and rewrote shell commands into file writes. - Removed the hardcoded "fallback canvas game" that shipped unrelated code as
a successful result; artifact rejections now report the exact reason and retry. - Artifact validator no longer rejects valid apps over
.../todo
substrings; rejections quote the offending snippet and the exact rule. - Queued-message TUI deadlock on edit/remove/consume during streaming.
/undono longer truncates binary or oversized files.- Display-width-aware wrapping (emoji/CJK), atomic session saves, hook-execution
watchdog with distinct failure codes, and edit-mismatch diagnostics that point
at the closest near-match. - Read-only command classifier hardened against
;/|/redirection smuggling,
sed -i,find -delete, andgit clean; mutating file tools are confined to
the working directory.
What's Changed
- build(deps): bump github/codeql-action from 4.36.2 to 4.36.3 in the actions group by @dependabot[bot] in #40
- feat(harness): reliability + small-model + TUI overhaul (0.11.0) by @geaglin in #42
Full Changelog: v0.10.7...v0.11.0
Reliability, small-open-weight-model support, and TUI UX overhaul. Grounded in a
full-codebase review plus field research on what opencode / vtcode / aider /
cline ship for weak models.
Added
- Native Ollama protocol (
/api/chat): detects the model's real context
window via/api/showand setsnum_ctx, eliminating Ollama's silent
front-of-prompt truncation — the single biggest measured quality loss for
local models. Sendsrepeat_penalty: 1.0and a low default temperature.
…/v1base URLs stay on the OpenAI-compatible path for backward compatibility. - Live colored diffs rendered in the TUI as files are written and edited
(+/-hunks with add/remove counts), replacing opaque tool-call lines. - Markdown rendering on every output path, including streaming — headings,
bold/italic, inline code, lists, and fenced code blocks now render instead
of showing raw markdown. - Auto mode-switching: a build/plan request made in BRAINSTORM escalates to
the appropriate mode instead of only chatting about it. - "Act, don't explain" nudge: an imperative task answered with prose-only
instructions is pushed to actually use its tools. - Tiered lenient edit apply: whitespace/indentation-tolerant matching
auto-rescues near-miss edits from weak models; similarity matches remain
diagnostic-only. - Configurable
temperature,max_tokens, andcontext_tokenssettings. - CI now runs
cargo fmt --checkandcargo audit.
Changed
Replycarries a normalizedstop_reasonacross both wire protocols;
max_tokenstruncation now triggers a bounded continuation instead of
processing a truncated response.- Retry policy is status-code-based and covers HTTP 529, honors
Retry-After. - Loop guard counts only repeated errors/no-ops (threshold 3), nudges once, then
stops honestly — legitimate re-reads no longer end sessions. - Compaction can no longer sever
tool_use/tool_resultpairs, always pins the
original task, and preserves the recent tail; context-overflow errors
force-compact and retry. - Verifier is wired to real tool-call and changed-file data and feeds violations
back to the model. - System prompt restructured: role/mode contract first, deduplicated,
game/artifact guidance gated on task type, standing rules dump removed. - Compact tool set now applies to all local-context models.
- Command output truncation keeps head and tail so failing-test summaries and
exit codes survive;run_command/python_toolgain a 120s timeout. - Ask-mode auto-allow list trimmed from 44 commands to 15 read-only ones.
- Rewrote
SECURITY.md(it described the removed Python/NEXUS package) and
correctedREADME.mddrift.
Fixed
- Truncated streamed tool-call JSON no longer executes with empty input — it
surfaces as an invalid-arguments error fed back to the model. - Removed the auto-repair hijacks that overwrote correct model output with
literal task substrings and rewrote shell commands into file writes. - Removed the hardcoded "fallback canvas game" that shipped unrelated code as
a successful result; artifact rejections now report the exact reason and retry. - Artifact validator no longer rejects valid apps over
.../todo
substrings; rejections quote the offending snippet and the exact rule. - Queued-message TUI deadlock on edit/remove/consume during streaming.
/undono longer truncates binary or oversized files.- Display-width-aware wrapping (emoji/CJK), atomic session saves, hook-execution
watchdog with distinct failure codes, and edit-mismatch diagnostics that point
at the closest near-match. - Read-only command classifier hardened against
;/|/redirection smuggling,
sed -i,find -delete, andgit clean; mutating file tools are confined to
the working directory.
What's Changed
- build(deps): bump github/codeql-action from 4.36.2 to 4.36.3 in the actions group by @dependabot[bot] in #40
- feat(harness): reliability + small-model + TUI overhaul (0.11.0) by @geaglin in #42
Full Changelog: v0.10.7...v0.11.0
Reliability, small-open-weight-model support, and TUI UX overhaul. Grounded in a
full-codebase review plus field research on what opencode / vtcode / aider /
cline ship for weak models.
Added
- Native Ollama protocol (
/api/chat): detects the model's real context
window via/api/showand setsnum_ctx, eliminating Ollama's silent
front-of-prompt truncation — the single biggest measured quality loss for
local models. Sendsrepeat_penalty: 1.0and a low default temperature.
…/v1base URLs stay on the OpenAI-compatible path for backward compatibility. - Live colored diffs rendered in the TUI as files are written and edited
(+/-hunks with add/remove counts), replacing opaque tool-call lines. - Markdown rendering on every output path, including streaming — headings,
bold/italic, inline code, lists, and fenced code blocks now render instead
of showing raw markdown. - Auto mode-switching: a build/plan request made in BRAINSTORM escalates to
the appropriate mode instead of only chatting about it. - "Act, don't explain" nudge: an imperative task answered with prose-only
instructions is pushed to actually use its tools. - Tiered lenient edit apply: whitespace/indentation-tolerant matching
auto-rescues near-miss edits from weak m...
v0.10.7
chore(release): bump version to 0.10.7
v0.10.6
fix(npm): resolve workspace target path in postinstall and binary res…