Skip to content

Releases: LyoSU/capka

Capka v0.8.0 🐾

Choose a tag to compare

@github-actions github-actions released this 11 Jul 19:24

Added

  • Import a public Claude or ChatGPT share link (experimental, off by default — set CAPKA_SHARE_IMPORT=true to enable): paste a claude.ai/share/… or chatgpt.com/share/… URL into the composer and Capka offers to import that conversation as a new chat and continue it with any configured model. The page is rendered in the sandbox (never the platform process), so it also needs sandbox egress (SANDBOX_ALLOW_NETWORK=true); when egress is off the attempt fails with a clear, non-blocking notice. Text/markdown only; attachments, images, and tool calls are not imported. The model is not run until the user's first reply.

Changed

  • On touch devices, long-pressing a chat row or a message now opens a full-width bottom action sheet (swipe-down / tap-outside to dismiss) instead of a cramped popover; desktop keeps the dropdown menu.

Fixed

  • The code viewer now keeps Ctrl+A / Cmd+A scoped to the open file instead of selecting text across the whole page.
  • The composer no longer shows a phantom vertical scrollbar when empty or on a single line (sub-pixel rounding of the auto-grow height); it now scrolls only once the text actually exceeds the max height.

Full changelog: https://github.com/LyoSU/capka/blob/master/CHANGELOG.md

Capka v0.7.1 🐾

Choose a tag to compare

@github-actions github-actions released this 11 Jul 16:57

Changed

  • Large attached images are downscaled in the sandbox (long edge 2048px) before being sent to the model, keeping them under provider per-image caps and cutting token cost; the full-resolution original stays in the workspace for view_file and metadata questions.

Fixed

  • The agent is no longer told it can "see" an attached photo whose bytes never reached the model (sandbox download failure, over the per-file/aggregate size cap) — it now announces only successfully delivered files as inline-readable and routes the rest to its tools, instead of answering as if it saw an image it didn't.
  • Sending a message could, rarely, attach it to the wrong point in the conversation — appearing to edit or fork an earlier message — when a persisted send queue drained before the chat's history finished loading. Message parent linkage is now server-authoritative (anchored to the chat's active branch), and sends wait for history to load.
  • A network drop mid-send (or mid-edit/regenerate) now surfaces a localized "no connection" message instead of the browser's raw Failed to fetch; failed edits/regenerations no longer fail silently.
  • The composer no longer scrolls a long message back to the top on every keystroke, and no longer raises the on-screen keyboard when returning to the app on mobile (autofocus is desktop-only).
  • Markdown tables in chat now scroll horizontally on narrow screens instead of crushing their columns to fit the message width.
  • Chat list: more spacing between rows, and on touch devices the per-chat actions open via long-press (the always-visible ⋮ is hidden on touch, matching the message action menu).
  • File tools (read_file, list_files, search_files, str_replace) no longer leak raw shell errors like sed: can't read …: No such file or directory into the chat; a missing/inaccessible path now reads as a plain "File not found: …". Actionable failures (e.g. over-quota) still pass through unchanged.
  • Sandbox image rendering no longer exhausts the process budget under gVisor and fail with misleading Cannot allocate memory errors: the new SANDBOX_PIDS_LIMIT setting defaults to 256 (up from the previous fixed limit of 100), while view_file bounds ImageMagick's worker threads per render.

Full changelog: https://github.com/LyoSU/capka/blob/master/CHANGELOG.md

Capka v0.7.0 🐾

Choose a tag to compare

@github-actions github-actions released this 10 Jul 12:26

Changed

  • The model picker no longer lays out and paints every catalog row on each keystroke: off-screen rows use content-visibility: auto, so filtering a large provider catalog (e.g. OpenRouter) stays smooth. Behaviour, keyboard navigation, and screen-reader access are unchanged.
  • Chat messages, edits, and streaming answer blocks now settle in with a short opacity fade instead of the 500ms blur-rise, so the busiest surface reads calm and does no per-mount GPU blur work; the cinematic entrance stays on rare surfaces (onboarding, auth, empty states).
  • Buttons and several chat transitions no longer animate every property (transition-all → explicit property lists), removing accidental layout/color animation and keeping motion on transform/opacity; the button press is a single scale, not scale + nudge.
  • Tooltips now wait ~400ms before opening (was instant), so passing the cursor over controls no longer flashes stray tooltips; a series of tooltips still opens instantly after the first.
  • SECURITY.md now documents that the workspace disk quota is enforced at command boundaries (a single command can transiently overshoot) and recommends a filesystem project quota / size-limited volume for multi-tenant or untrusted deployments, and clarifies the two-layer sandbox egress model (the SANDBOX_ALLOW_NETWORK kill-switch vs the sandbox_network org default).

Fixed

  • Workspace panel: the live file-listing refresh is now single-flighted and abortable, so a slow listing under the during-task safety-net poll can't stack overlapping requests or clobber the list with a stale/out-of-order response, and a late response can't fire after the panel closes.
  • Accessibility: the "Copy redirect URI" button (Settings → Authentication) and the "Download all" button (workspace panel) now have accessible names, and copying the redirect URI is announced to screen readers via a polite live region.
  • sandbox-controller now fails fast at boot on a malformed numeric env var (sizes, timeouts, limits) instead of silently degrading to NaN and disabling the guard it fed; the periodic maintenance jobs (idle sweep, GC/flush, over-quota scan) are single-flighted so a slow run under disk pressure can't overlap the next tick; and MCP stdio teardown now rejects in-flight RPCs and clears their timers immediately on session destroy instead of leaving them to the 60s timeout.
  • PC folder sync now takes a server-side lease before touching files, so two browser tabs or project members can't run destructive sync operations against the same folder at once (the manifest CAS only guarded the ancestor row, not the files). The lease self-expires, so a client that dies mid-sync never locks the folder.
  • view_file on HTML no longer fails with a "Trace/breakpoint trap" — the headless-Chromium screenshot now runs with --headless=new --disable-dev-shm-usage, so it stops exhausting the sandbox's tiny /dev/shm and crashing before the render lands.
  • A finished turn whose task reached a terminal (failed/cancelled) status but whose assistant message was left stuck at "running" (a lost message write on the failure path) is now healed by the zombie reconciler, so it no longer revives a stuck spinner on every reload. Completed answers are never rewritten.
  • A rare enqueue race no longer hands the client a task id that maps to no task (the stop button targeted nothing); the follow-up now always resolves to a real, cancellable turn.
  • Automations: pausing (or deleting) an automation while its run is in flight is no longer undone — the scheduler's error-recovery re-arms a failed run only when the row is untouched, so a manual pause during a fire is respected instead of resurrected.
  • Permissions: the "Ask" capability effect was labelled as behaving like "Allow" while the runtime actually blocks it (fail-safe, same as "Deny") until human-in-the-loop approval ships. Corrected the label and dimmed the "Ask" row to match.

Security

  • Content mutations (adding/toggling/deleting skills, enabling/disabling/uninstalling/upgrading plugins, revoking a connector's OAuth tokens) now require a write-capable, active account: a read-only viewer and a pending/rejected account are refused instead of relying on session presence alone. Chat branch switching still requires an active account (blocks pending).
  • Unlinking Telegram now also revokes the Telegram login identity (the better-auth account mapping), not just the delivery link — so a previously-linked Telegram account can no longer sign in as the user after an unlink or a Telegram A→B switch.

Full changelog: https://github.com/LyoSU/capka/blob/master/CHANGELOG.md

Capka v0.6.7 🐾

Choose a tag to compare

@github-actions github-actions released this 10 Jul 09:55

Fixed

  • Adding a skill, connector (MCP), or automation through chat works again: the manage tool's args object was serialized to the model with additionalProperties: false, silently forbidding every field (repo/content/path, name/url, …) so the agent could never fill it. A malformed add now also echoes the collection's expected shape instead of a generic error.
  • The chat minimap (right-edge jump list of your own messages) is now keyboard-operable — reachable by Tab, opens on Enter, closes on Escape; it was previously mouse-hover only, leaving the jump list unreachable without a pointer.
  • Reduced-motion now also collapses animation delays, so delayed and staggered entrances no longer sit invisible before appearing; added a reduced-transparency / high-contrast fallback that drops backdrop blur on overlays and chrome.
  • Confirmation and approval cards play their success haptic only after the server accepts the action (error haptic on failure) instead of optimistically on press.

Security

  • Installing a skills repo through chat now pins to the exact commit shown in the approval preview instead of re-resolving the branch tip when the user approves, closing a window where upstream could swap the installed skills between preview and install.

Full changelog: https://github.com/LyoSU/capka/blob/master/CHANGELOG.md

Capka v0.6.6 🐾

Choose a tag to compare

@github-actions github-actions released this 10 Jul 06:50

Security

  • Outbound fetches to user-supplied URLs (MCP servers, OAuth discovery, marketplace, custom provider base URLs, and provider model listing) now pin the TCP connection to the pre-validated IP, closing the DNS-rebinding window to a private/metadata address. First-party fixed hosts are unaffected.
  • Cleared the js-yaml moderate advisory pulled in transitively through gray-matter (npm audit).

Changed

  • The sandbox-controller image now installs strictly from its lockfile (npm ci) and fails the build on a broken/absent lockfile instead of silently falling back to npm install.

Fixed

  • GET /api/automations resolves each automation's last-run chat in one batched query instead of one round-trip per automation.
  • Workspace panel accessibility: file download buttons now have an accessible name, the closed panel is no longer reachable by keyboard (inert), and the usage-limit bar animates only its width.

Full changelog: https://github.com/LyoSU/capka/blob/master/CHANGELOG.md

Capka v0.6.5 🐾

Choose a tag to compare

@github-actions github-actions released this 09 Jul 16:48

Added

  • More brand icons selectable for a custom OpenAI-compatible connection: model creators Upstage (Solar), Nous Research, Liquid AI; inference endpoints Hugging Face, Cloudflare Workers AI, GitHub Models.

Changed

  • Settings → Connections is now a compact list: each connection is a single row that expands to its settings, and connections can be dragged (or moved with the keyboard) to set their order. That order also drives the chat model picker, and the top enabled connection is the default a new chat opens with (marked "default").
  • The xAI provider icon is now the corporate xAI mark instead of the Grok product glyph.

Full changelog: https://github.com/LyoSU/capka/blob/master/CHANGELOG.md

Capka v0.6.4 🐾

Choose a tag to compare

@github-actions github-actions released this 09 Jul 15:41

Added

  • Brand icons now cover more model creators (Tencent/Hunyuan, ByteDance/Doubao, Baidu/Ernie, Databricks/DBRX, InternLM, Baichuan, Stepfun, LongCat, 01.AI/Yi) and inference providers (Groq, Cerebras, Together, Fireworks, SambaNova, DeepInfra, Novita, Hyperbolic, SiliconFlow, Nebius, Baseten, vLLM, LM Studio, Azure); the extra provider glyphs are selectable when naming a custom OpenAI-compatible connection.

Fixed

  • The activity log now shows human names instead of raw internal ids: a changed setting shows its localized title (e.g. "Interface language", not user.locale), and enabling/disabling/removing a connector, skill, or plugin shows the item's name instead of its opaque id.

Full changelog: https://github.com/LyoSU/capka/blob/master/CHANGELOG.md

Capka v0.6.3 🐾

Choose a tag to compare

@github-actions github-actions released this 09 Jul 15:10

Changed

  • Telegram replies no longer append the model's reasoning as a collapsed
    "💭 Reasoned for Xs" block; the final message is the answer plus the tool-log
    footer only. Live thinking still shows in the streamed draft.

Fixed

  • The sandbox prompt now reflects the session's actual egress: when network is enabled (SANDBOX_ALLOW_NETWORK=true + sandbox_network=bridge or a project override), the model is told it has internet instead of the hardcoded "no network by default", so it stops refusing to install packages or make requests.

Full changelog: https://github.com/LyoSU/capka/blob/master/CHANGELOG.md

Capka v0.6.2 🐾

Choose a tag to compare

@github-actions github-actions released this 09 Jul 10:41

Fixed

  • Model-catalog resync now refreshes LiteLLM-sourced rows instead of freezing them at first insert, so a model's later-known input modalities (e.g. audio for Gemini) reach the picker — fixing a spurious "model can't read this file" for audio on LiteLLM/OpenAI-compatible gateways. Resync the catalog (Settings → Connections) after upgrading.

Full changelog: https://github.com/LyoSU/capka/blob/master/CHANGELOG.md

Capka v0.6.1 🐾

Choose a tag to compare

@github-actions github-actions released this 09 Jul 08:48

Changed

  • The "this model can't read that file" heads-up now appears quietly in the composer while a file is attached, instead of under the reply after sending — so the user can switch models before spending a turn.

Fixed

  • Audio attachments in a container the model transport can't serialize (opus/ogg/m4a/flac) are now transcoded to mp3 in the sandbox before sending, so voice notes reach audio-capable models over LiteLLM/OpenAI-compatible and OpenRouter — previously only wav/mp3 got through and anything else was dropped with a "can't read" notice.

Full changelog: https://github.com/LyoSU/capka/blob/master/CHANGELOG.md