v0.1.5

v0.1.5

Release date: June 27, 2026
Channel log since the initial v0.1.5 tag: 6 follow-up commits · 2 merged PRs · 9 files changed · 1 community contributor

The compatibility + trust release. v0.1.5 makes Hermes Browser Extension clearer about what it can reach, what it sends to Hermes, and how it behaves when a connected Hermes runtime does not expose every optional browser-facing route. The initial release added capability-aware UI, safer context receipts, voice/gateway fallbacks, and public security docs. Follow-up channel updates tightened the DOM context chip and added contributor-friendly static checks without changing the extension permission model.

✨ Highlights

• Hermes compatibility panel — Added a capability panel backed by /v1/capabilities, with legacy fallback for older gateways that do not expose the newer capability route.
• Cleaner first-run Connect flow — If browser pairing is not advertised by the connected runtime, Connect now skips dead pairing routes and guides users directly to Manual setup.
• Capability-gated voice dictation — Voice features now prefer Hermes STT when available and fall back to Browser speech when audio transcription is not exposed by the connected runtime.
• Token hygiene UI — Added masked token state, connection mode, last-tested timestamp, and one-click token clearing so users can see security state without exposing secrets.
• “What Hermes saw” receipts — Sent turns now include a collapsible receipt showing the active tab/context/attachment/redaction payload that was sent.
• Safer optional API behavior — Image upload and profile APIs are now capability-gated, so missing routes become clear fallback warnings instead of confusing failures.
• Clearer Remote gateway behavior — With an API key, Remote means a remote API server and same-LAN http://host:8642 is supported. With a blank key, Remote means HTTPS dashboard WebSocket mode.
• Public permissions, data-flow, and privacy docs — Documented the shipped permission model and browser-context data flow for users and contributors.
• Update troubleshooting — Added guidance for stale unpacked extension cards that still show 0.1.4 after an update, plus native Hermes computer-use troubleshooting pointers.

🧭 v0.1.5 channel updates after the initial tag

These updates landed on main after the first v0.1.5 tag so this release page can act as the public changelog for the v0.1.5 line.

DOM context chip states

Contributed by @iruzen-dono in #19.

• Replaced the misleading initial 📎 DOM · 0 chars · ~0 tok state with explicit chip states:
  • 📎 Loading...
  • 📎 Restricted · N/A
  • 📎 Error · N/A
  • 📎 DOM · X chars · ~Y tok
• Distinguished page-loading, browser-restricted pages, context-capture failures, and normal captured DOM context.
• Added follow-up regression coverage for loading, restricted, error, and captured context states.

Contributor linting + fresh-clone tooling

Contributed by @iruzen-dono in #18, finalized by maintainer follow-up.

• Added ESLint flat config and npm run lint / npm run lint:fix scripts for JavaScript static checks.
• Added the browser/extension globals needed for the current extension runtime.
• Added package-lock.json so npm ci works for fresh clones and future automation.
• Updated contributor docs to call out linting for JavaScript changes.
• Cleaned redaction-helper regex escapes surfaced by lint while preserving token redaction behavior.

🙌 Contributors

• @iruzen-dono / Zhou Jules — DOM chip state fix in #19 and ESLint/static-checking foundation in #18.
• @abundantbeing — v0.1.5 compatibility/trust release, regression coverage, release packaging, and final tooling hardening.

✅ Verification

Initial v0.1.5 package verification:

• npm run verify passed.
• npm run build passed.
• Built unpacked extension at dist/.
• Packaged release archive: artifacts/hermes-browser-extension.tar.gz
• Archive SHA256: cf4451ba8c02f78651f9fc798067bf15a6e7475b178aa02ef47a7508b5f711e3

Current v0.1.5 channel verification on main after follow-up updates:

• npm ci passed.
• npm run test passed: 78/78 tests.
• npm run lint passed with 0 errors. There are 4 existing unused-helper warnings in extension/sidepanel.js.
• npm run verify passed.
• npm run build passed.

Install / update

Download the archive below, extract it, then load the extracted extension folder in chrome://extensions / edge://extensions with Developer Mode enabled.

If Chrome still shows 0.1.4, remove the old unpacked extension card and load the fresh extracted v0.1.5 folder again.

Source users can pull main for the follow-up v0.1.5 channel updates listed above.

v0.1.4

Hermes Browser Extension v0.1.4

This release focuses on reliability and extension-side polish for unpacked alpha installs.

What's new

• Editable Hermes session titles, plus first-message auto-naming for new Browser sessions.
• Live connection state: the side panel now checks gateway reachability instead of treating a saved API key as connected.
• Commit-aware update checks for unpacked builds, including same-version "unpulled commits" guidance.
• Trusted-host agent discovery for private remote gateways, with bearer tokens held back until a probed endpoint identifies itself as Hermes.
• Refined default Nous palette toward the Hermes Desktop ink-blue / soft-white look.

Verification

• npm run verify — pass
• npm run package — pass
• Built archive SHA256: 7ac72c8efb5f22d0b4560129b59f9b74e0c3e56c134e3b1c17c0ba1e5697fc26

v0.1.3

What's new in Hermes Browser Extension v0.1.3

Hermes Browser Extension now connects beyond localhost: remote API servers, dashboard WebSocket gateways, local agent ports, and Hermes-powered repo review are in the alpha loop.

Changed

• Remote gateway modes — Choose local API, remote API, or remote dashboard/WebSocket setup from the side-panel settings.
• Dashboard WebSocket bridge — Remote dashboard mode mints browser tickets from an authenticated dashboard tab and talks over wss://.
• Real model fallback discovery — If an older gateway only advertises the synthetic hermes-agent alias, Browser can recover real model choices from /api/sessions history without keeping the alias as the primary picker entry.
• Connected local agent picker — Scan trusted localhost Hermes API gateways on ports like 8642-8646 and switch the Browser side panel between local agents that share the same browser token.
• Clearer connect fallback — Pairing 404s now explain when an install does not expose Desktop pairing and point users to manual setup instead of a raw error.
• Stronger browser-context redaction — Added coverage for provider-shaped tokens and compound secret keys before page context reaches the agent prompt.
• Hermes PR/issue reviews — Added a local gh poller and event runner so Hermes can review changed PRs/issues without comment spam.
• Review watchdog hardening — Stuck local review requests now timeout per target instead of hanging the whole poller.

Install

git clone https://github.com/abundantbeing/hermes-browser-extension.git
cd hermes-browser-extension
npm install
npm run package

Then load dist/ as an unpacked extension in Chrome/Edge/Comet.

Public alpha. Load unpacked. Local or remote Hermes runtime. Read-only browser context.

v0.1.2

What's new in Hermes Browser Extension v0.1.2

This update makes the extension feel more like a real Hermes surface. Connect it to your local Hermes runtime and it syncs the important stuff automatically.

Changed

• Connected runtime sync — Models/providers, sessions, profiles, skills, and capabilities refresh from the local Hermes gateway after connect/save and on side-panel startup.
• Windows setup helper — Builds dist/, opens extension tools, and starts the local pairing/manual setup path.
• Model + session reliability — Tightened refresh behavior so the picker does not silently look empty or fallback-only when the local API comes back online.
• Composer polish — Added more Desktop-style composer controls, including inline send/stop/mic handling and cleaner side-panel structure.
• Safer browser context — Hardened page-context redaction so obvious API keys, bearer tokens, JWTs, private keys, and provider tokens get masked before hitting the agent prompt.
• Voice dictation groundwork — Local transcription route wiring and a visible extension voice page fallback for Chromium side-panel mic permission weirdness.

Install

git clone https://github.com/abundantbeing/hermes-browser-extension.git
cd hermes-browser-extension
npm install
npm run package

Then load dist/ as an unpacked extension in Chrome/Edge/Comet.

Public alpha. Load unpacked. Local-first. Read-only browser context.