Releases: Intevity/sentinel
Releases · Intevity/sentinel
Release list
Sentinel v0.8.9
Bug fixes
- daemon: show user-scope and Claude Desktop MCP servers in the context inventory
- the Optimize context-bloat inventory only listed per-project servers from ~/.claude.json, so user-scope entries and everything Claude Desktop spawns from claude_desktop_config.json (including Sentinel's own bridge entry) were invisible
- both surfaces now appear with scope labels: (user) and (claude desktop)
- on a Desktop-only machine the inventory is no longer structurally empty
Full changelog: v0.8.8...v0.8.9
Sentinel v0.8.8
Features
- daemon: expose Sentinel's MCP server to Claude Desktop via a stdio bridge
- new mcp-stdio bridge mode in the daemon binary relays newline-delimited JSON-RPC to the local /mcp endpoint (Claude Desktop only spawns stdio MCP servers and silently drops http entries)
- enabling desktop routing installs a sentinel entry in claude_desktop_config.json; disabling removes it, preserving every other server and key
- a startup self-heal keeps the entry current across app updates, port changes, and token rotation
- desktop Code sessions gain the same compression-retrieval and code-mode tooling as the CLI
- app: set an organization at add time and edit account name/org later
- the add-account name step gains an optional Organization field (setup tokens can't derive it from the API)
- new Edit action on each account card opens a name + organization editor
- update_account IPC accepts displayName/orgName; edits to the active account are mirrored into ~/.claude.json so refresh can't clobber them back
Bug fixes
- daemon: never let a stopped sandbox-sync engine's in-flight work write settings
- pull/push paths capture a generation at entry and bail after each await when stop() has run, so an in-flight debounced pull can no longer race shutdown and write a stale policy
- fixes the order-dependent sandbox-sync integration flake where a previous test daemon's late write flipped syncToClaudeCode on the next daemon's freshly-seeded settings
- a fresh manual pull after disabling sync still works (the guard is per-generation, not a kill switch)
- ci: restore the id-token permission for Windows code signing
- the Windows release leg's Azure login uses GitHub OIDC for Authenticode signing; removing the workflow-level id-token permission with the S3 job broke the v0.8.7 build
- the permission is now scoped to the build job only
CI & build
- release: switch auto-updates from S3 to GitHub Releases
- the updater endpoint is now the release channel itself (releases/latest/download/latest.json) instead of the unset S3 placeholder, enabling in-app updates for the first time
- the finalize workflow assembles the corrected cross-platform manifest and replaces tauri-action's stale one on the release; the S3 mirror job and its AWS OIDC permissions are removed
- release builds no longer stamp the updater endpoint from the UPDATER_PUBLIC_BASE repo variable
Maintenance
- repo: remove the stale documentation/ planning notes
- the compression, optimize, security, and screenshots plans all describe features that shipped long ago; the docs site is the living documentation
- the contributing guide now carries the screenshot-capture instructions inline instead of linking the deleted file
- repo: fix the README badges and add the MIT LICENSE for the public repo
- add the LICENSE file (MIT) so GitHub license detection and the license badge resolve
- run CI on pushes to main and point the CI badge at branch=main so it reflects main, not whichever PR finished last
- declare the license in package.json
- site: document Claude Desktop support and the setup-token account flows
- landing page states Sentinel covers both Claude Code and the Claude Desktop app (hero, feature grid, pillars, meta description)
- accounts docs rewritten for the setup-token add flow: name/organization fields, Restore for deleted accounts, re-authentication, editing name and org
- quick start updated for the in-app terminal add flow and Desktop routing step
- Desktop guide: Windows verified end-to-end, full-quit nuance (Task Manager), credential health lives in Sentinel
- troubleshooting: replaced stale browser-OAuth sections with setup-token entries, added Desktop credential-rejection and stuck model-picker fixes with Desktop log locations
Full changelog: v0.8.6...v0.8.8
Sentinel v0.8.6
Features
- app: restore a deleted account from the add-account flow
- the name-this-account step offers previously deleted accounts as Restore choices
- restoring attaches the fresh setup-token to the old account, preserving its name, organization, and usage history
Bug fixes
- daemon: never leave the proxy serving a removed account's token
- removing or purging the active account now hands the proxy to another live account, or clears the injected token so clients use their own credentials
- a newly added setup-token account takes over as active when the previous active account was removed or lost its credential
- re-auth and restore adopt the account as active when the active slot is unusable
- heal a stale ~/.claude.json active pointer at startup by switching to a live account (fixes Claude Desktop 401s after delete-then-re-add)
- skip the upstream-401 reauth broadcast for removed accounts
Full changelog: v0.8.5...v0.8.6
Sentinel v0.8.5
Features
- app: guide Claude Code installation when the CLI is missing
- the add-account panel's CLI-not-found error now shows the platform's official install one-liner with a copy button (PowerShell installer on Windows, shell installer on macOS/Linux)
- add a Retry button that relaunches the setup-token terminal after the user installs the CLI, without closing the panel
Bug fixes
- app: find the Claude Code CLI on Windows in the add-account flow
- probe extension-aware Windows install paths (.local\bin\claude.exe native installer, %APPDATA%\npm\claude.cmd npm shim, .bun\bin\claude.exe) instead of extensionless Unix-shaped ones
- run the
where claudefallback with the augmented PATH so a CLI missing from the GUI process environment is still found - never resolve Claude Desktop's WindowsApps
claude.exeGUI alias as the CLI - spawn .cmd/.bat shims through
cmd.exe /c(ConPTY cannot exec batch files directly)
Maintenance
- app: format claudeInstall test per prettier
Full changelog: v0.8.4...v0.8.5
Sentinel v0.8.4
Bug fixes
- daemon: detect Claude Desktop MSIX and legacy installs on Windows
- recognize the MSIX package dir (%LOCALAPPDATA%\Packages\Claude_pzs8sxrjxfjjc) used by the claude.com installer, Microsoft Store, and WinGet
- recognize the Squirrel-era %LOCALAPPDATA%\AnthropicClaude app dir
- recognize the Claude-3p data dir on all platforms as install evidence
Maintenance
- assets: add Sentinel mascot image
Full changelog: v0.8.3...v0.8.4
Sentinel v0.8.3
Features
- site: link the footer Intevity mark to the Intevity Labs page
- the Intevity name in the site footer copyright now links to intevity.com/labs with github-site UTM attribution
Bug fixes
- app: point the Built by Intevity footer link at the Intevity Labs page
- footer link now opens intevity.com/labs with desktop-app UTM attribution
Full changelog: v0.8.2...v0.8.3
Sentinel v0.8.2
Features
- usage: track the Fable weekly quota, replacing the retired per-Sonnet window
- rename every Sonnet-weekly surface (saturation gate, token-rotator overage detour, alert scope, usage bars, demo scenarios) to the Fable weekly quota
- use the live-verified unified-7d_oi rate-limit window name, captured from real Fable response headers (the convention-implied unified-7d_fable does not exist)
- parse the Fable weekly window from the usage JSON's limits[] weekly_scoped entry — the schema has no seven_day_fable key
- migrate account-sonnet alerts to account-fable and purge stale unified-7d_sonnet rows once on upgrade (sonnet_to_fable_v1)
- honor Retry-After on usage-endpoint 429s (15-min fallback, 60-min clamp) so the 90s poller stops re-arming the shared per-org rate limit
- refresh the usage fixture and fake-Anthropic default body to the real 2026-07 wire shape
Maintenance
- app: update usage E2E expectation to the refreshed fake usage body
- the fake's claude.ai 5h utilization is now the realistic percent-scale 18, so the healthy readout renders 18.0% instead of 0.1%
- daemon: fix Prettier formatting in token-rotator
- site: add Optimal settings section to the reduce-token-costs guide
- recommend installing seven curated subagents (file-explorer, log-analyzer, diff-pre-pass, web-fetcher, dep-tracer, bulk-reader, bash-loop-summarizer) out of the gate
- recommend Aggressive compression with Reversible retrieval enabled so trimming stays lossless
- recommend switching MCP servers to code execution and pruning the context-bloat inventory
Full changelog: v0.8.1...v0.8.2
Sentinel v0.8.1
Bug fixes
- daemon: stop Claude Code prompting for the retrieve MCP tool on every call
- Add a PreToolUse allow-hook for mcp__sentinel__retrieve so Claude Code auto-approves it without a prompt, in the main thread and subagents alike — working around Claude Code bug #28580, where persisted permissions.allow rules are ignored for lazily-discovered HTTP MCP tools
- Mark the retrieve tool alwaysLoad (tool _meta + server config) so it loads eagerly instead of deferring via ToolSearch, which removes the bug's trigger
- Annotate the retrieve tool readOnlyHint:true, since it only reads back content Sentinel already elided
- Self-heal the hook on daemon startup and upgrade pre-alwaysLoad installs in place so existing users recover on next launch with no action, and remove the hook when the last retrieve install is uninstalled
- Add ensureClaudeSettingsPreToolUseHook / removeClaudeSettingsPreToolUseHook writers that surgically touch only Sentinel's own hook entry and preserve all other settings
Full changelog: v0.8.0...v0.8.1
Sentinel v0.8.0
Features
- desktop: route the Claude Desktop app through Sentinel alongside the CLI
- detect the Claude Code CLI and Claude Desktop app independently and broadcast surface state only on change, so a surface installed later is picked up automatically
- add one-click Enable/Disable for the Claude Desktop app by writing its Claude-3p configLibrary gateway config with atomic temp+rename, preserving any non-Sentinel entries and never leaving appliedId dangling
- inject the rotating pool token for desktop /v1/messages requests so the desktop app inherits multi-account routing (its dummy gateway key never reaches upstream)
- watch the desktop configLibrary for drift and offer one-click re-apply, matching the CLI OTEL re-patch behavior
- track desktop routing health from the claude-desktop-3p proxy user-agent marker (positive-only; desktop emits no OTEL)
- add a Claude Desktop status card and drift banner to the app UI, rendered only when the desktop app is detected
- persist the Sentinel-owned desktop config id in settings so update and remove target exactly our entry
- document both surfaces in the README and site, including a new Connect Claude Desktop guide and troubleshooting entry
Bug fixes
- daemon: stop subagent prompts for Sentinel's retrieve tool when settings-sync is off
- write Sentinel's own read-only/loopback allow-rules (mcp__sentinel__retrieve and the code-mode curl endpoint) straight into ~/.claude/settings.json when Claude Code settings-sync is off, so they reach subagents (which do not inherit a project-local grant) instead of only living in the DB and prompting on every call
- add ensureClaudeSettingsAllow / removeClaudeSettingsAllow: additive, idempotent settings.json writers that preserve every other key
- re-assert the infra allow-rules on daemon startup so an install from a prior session self-heals into settings.json with no user action
- add mcp__sentinel__retrieve to every curated subagent's tools allowlist so reversible elision is actually reversible inside restricted-tools agents
- extend the retrieval-MCP integration test to assert settings.json (not just the DB) carries the allow-rule
- app: hide the Claude Desktop banner once active and move Disable into Settings
- hide DesktopSurfaceCard when the desktop app is already routed through Sentinel (active), matching the CLI ActivationBanner's active-state gate, so the banner no longer persists with a Disable button after enabling
- keep the banner only for the two actionable states: Enable (not routed) and Re-apply (foreign-gateway drift recovery)
- add a "Route Claude Desktop through Sentinel" toggle to Settings, General tab, wired to the drift hook's activate/deactivate, shown only when the desktop app is installed and disabled while an action is in flight
- add optional disabled support to the ToggleRow settings primitive
- daemon: roll over usage windows on an internal timer when their reset elapses
- add RateLimitStore.expireStaleWindows to zero utilization, clear status, and null the reset on any window whose reset timestamp has already passed
- add a rate-limit sweeper that runs at daemon startup and every 60s, broadcasting rate_limits_updated for each account it rolls over
- reset stale pool and per-account usage (and stop the "resets soon" countdown) even when no requests flow through the proxy
- release a lingering weekly-rate-limit pause off the now-allowed status via a recompute hook, since a nulled reset is skipped by the reset-delta release paths
Maintenance
- apply Prettier formatting to daemon desktop, sweeper, and claude-sync files
- reformat files flagged by the CI format:check (whitespace and line-wrapping only, no logic change)
- site: update Claude Desktop enable/disable flow and note retrieve auto-allow
- move the Claude Desktop disable instructions from the now auto-hiding banner card to Settings, General tab
- note that the desktop card disappears once routing is active, in both the connect guide and troubleshooting
- document that Sentinel auto-allows mcp__sentinel__retrieve in ~/.claude/settings.json so Claude Code never prompts for it, including inside subagents
Full changelog: v0.7.0...v0.8.0
Sentinel v0.7.0
Features
- site: re-record the Optimize hero clip so the savings climb on camera
- replace the date-selector pan with a push-in on the Compression savings that counts up live from a low number to the real $15,951.72 / 1.37B tokens
- keep the steady "content reduced 75%" headline on screen while the dollar and token counters spin up
- site: open hero carousel demos in a click-to-open lightbox
- click any hero carousel clip (or press Enter/Space) to open it full size in a centered modal with native playback controls
- show a hover and focus expand affordance on the active clip, and pause the inline carousel videos while the lightbox is open
- close the lightbox on backdrop click, the X button, or Escape, with body-scroll lock and focus moved into the dialog
- site: play 15 feature demo videos in the carousel and pillar lightboxes
- add the 15 recorded demo clips and first-frame poster images under public/videos and flip every feature and pillar entry to hasVideo
- stack the carousel clips so a tab switch plays instantly, crossfade between slides, and hydrate the island eagerly so the first click is never lost
- open pillar demos in a click-to-open lightbox with full playback controls, closable by backdrop, button, or Escape
- remove the placeholder poster SVGs now that real recordings and JPEG posters exist
- app: add a demo-clip recording pipeline for the marketing videos
- add demo-recordings: a mock IPC bridge, a fake macOS desktop stage, a synthetic-cursor Playwright recorder, and per-slug recipes that drive the real React UI and composite branded bookends with ffmpeg
- add video-bookends: branded HTML intro and outro scenes plus a headless capture script that renders them to 1920x1080 MP4
- add a record-demo-clip skill documenting the run procedure and the recording gotchas
- git-ignore rendered clips and scratch harnesses; the shipped clips live under packages/site/public/videos
- optimize: detect when Claude Code bypasses Sentinel's proxy and explain the empty Optimize tab (#17)
- add a capture-health tracker that compares OTEL api_request activity against real (non-probe) proxy /v1/messages traffic and flags proxy-bypassed when telemetry flows but no API calls reach the proxy
- surface a banner on the Optimize tab that explains the bypass and tailors the fix by whether settings.json already points ANTHROPIC_BASE_URL at Sentinel (file correct: look for an OS env or higher-precedence settings override; file wrong: fix the base URL)
- add a get_capture_health IPC plus a capture_health_changed broadcast that fires only on real state transitions
- read ANTHROPIC_BASE_URL into the OTEL drift inspector's observed env without changing the metrics drift classification
- feed the tracker via new onRealMessagesRequest (proxy) and onApiRequestEvent (OTEL receiver) callbacks, excluding probes and count_tokens from the proxy count
- site: add a pulsating ion-engine plume under the hero mascot
- Add a thruster beneath the robot head: an outer layer rides the mascot's float so the plume stays glued to the head, while an inner plasma flame swells and flickers, so it looks like the mascot fires a small rocket to sustain its float
- Honor prefers-reduced-motion by settling the plume into a calm static state
- site: refresh marketing copy, add pillar sections, and animate the hero
- Reframe usage and metrics copy away from "limits Claude Code hides" toward the overage status and Team/Enterprise budget Claude Code does not surface
- Frame multi-account around managing the accounts you own rather than pooling to beat limits
- Cover the sandbox and all three optimization levers (curated subagents, compression, code execution) in the feature copy
- Move Optimize to the second slot in the feature carousel
- Add pillar deep-dive sections for multi-account, security, and optimization with sub-feature cards and demo placeholders
- Animate the hero with a floating mascot, breathing glow, sonar pulse rings, and a staggered entrance
- Add a faint hero dot-grid and a soft ambient glow behind the feature and pillar sections
- Expand the demo shot list and add poster placeholders for the new sub-feature clips
- Attribute the footer copyright to Intevity
- accounts: replace round-robin with a single "Auto" account-switching mode
- Rename the Manual/Round-robin toggle to Manual/Auto and remove the Balance strategy; Auto always uses the earliest-reset engine
- Auto-migrate persisted settings on load (switchingMode 'round-robin' → 'auto', drop roundRobinStrategy) so beta users keep rotation with no data loss
- Show the account currently serving requests (email + plan) in the header instead of a round-robin pill, updating live via a new routed_account_changed broadcast
- Add an "Account Switching" label with an info modal explaining Manual vs Auto, aligned right with a divider next to Refresh/Add Account
- Remove the rotation-strategy selector from Settings and delete the RoundRobinStrategyMenu component
- De-brand "round-robin" across Settings, the tour step/illustration, the Usage/Metrics pool views, and the marketing site
- accounts: add dev-only demo mode to mask account identity in recordings
- Add demoMode.ts to mask every account's email, name, and organization in the UI (dev builds only) for screen recordings
- Add a Settings toggle for demo mode and thread masking through the accounts/daemon hooks and the IPC layer
- security: reorganize Settings into sub-tabs and consolidate all security config under Settings → Security
- Split the Settings → Security tab into Scanning / Permissions / Isolation / Sync sub-tabs and the Data tab into Retention / Features / Telemetry, persisting the active sub-tab across restarts
- Move the tool-permission rules editor inline into Settings → Security → Permissions and remove the standalone SecurityRulesOverlay modal
- Fold the scanning allowlist and sandbox isolation config into the Settings → Security sub-tabs as the single source of truth
- Reduce the top-level Security dashboard to a live monitor with compact quick-toggles plus a Configure deep-link into the relevant sub-tab
- Point the header shield icon directly at Settings → Security → Permissions
- Add a search box to Permission bypasses and a shared SearchInput used consistently across detectors, allowlist, bypasses, and rules
- Extract reusable AllowlistPanel, PermissionRulesPanel, and FilterChip components from the removed overlay
- security: surface sandbox isolation on the Security page, setup wizard, and tour
- add a first-class Isolation card to the Security page with master and leg toggles, live capability status, and a link to configure domains and paths
- add an opt-in Isolation step to the Security Setup Wizard (off by default; writes the policy only when the user enables it)
- add a first-run tour step that points at the Isolation card on the Security tab
- open the Security overlay directly to the Isolation tab from the card's Configure link
- security: add OS-level sandbox isolation via @anthropic-ai/sandbox-runtime
- add a canonical IsolationPolicy model (network/filesystem/credentials) with pure mappers onto Claude Code's settings.json sandbox block and the sandbox-runtime config
- Leg A: bidirectionally sync the policy into ~/.claude/settings.json#/sandbox, mirroring the permissions claude-sync engine (push/pull, merge/import/export, file watcher, first-enable marker)
- Leg B: wrap code-mode MCP stdio children in the OS sandbox via SandboxManager, with per-platform capability detection and graceful degrade when the host cannot enforce
- add sandbox IPC (sandbox_sync_pull, get_sandbox_status, get_sandbox_capability) and an Isolation tab in the Security overlay for editing domains, paths, and credentials
- ship the seccomp/srt-win helper binaries beside the sidecar in build-sidecar and resolve them at runtime; Windows is network-only
- opt-in and off by default; the daemon starts, stops, and refreshes the sandbox engines on settings changes
Bug fixes
- optimize: reach bridged MCP servers from subagents and stop repeated retrieve prompts (#35)
- Inject a managed code-mode block into ~/.claude/CLAUDE.md so bridged MCP servers are reachable from subagents, which get no skill advertisement, in every project including plugin agents
- Preload the sentinel-code-mode skill into installed Bash-capable curated agents while code mode is active, and strip it when the last server reverts
- Auto-allow mcp__sentinel__retrieve so Claude Code never prompts for Sentinel's own read-only, loopback-gated retrieval tool (durable, user-global, covers subagents)
- Auto-allow the code-mode endpoint curl so subagents can call bridged servers without a native Bash prompt
- Detect CLAUDE.md block drift in get_code_mode_status, self-heal it at daemon startup, and add a Repair action to the Optimize context panel
- Tear down the block, curated preloads, and allow rules cleanly on revert-to-zero and retrieval uninstall
- app: center the demo recorder push-in and add a parametrized savings ramp
- fix the zoompan focal math so the push-in stays centered on the window; the previous scaled-space formula shoved the frame off-center past about 1.6x zoom
- let __demo_ramp take from and ms so a recipe can spin the savings up from any starting fraction, and add __demo_ramp_set to freeze the totals low before the climb
- rewrite the optimize recipe to freeze the savings low, push in on the money tiles, then climb to the real total
- site: replace the clipped Intevity footer logo with a full, padded mark
- The footer logo PNG was a 12x14 crop with the orange mark flush to every edge (its bottom row clipped), so it read as cut off at any display size; replace it with the full-resolution mark re-cropped from source with transparent padding, rendered via object-contain so it st...