v0.2.0
tinycode v0.2.0
Major feature release with ACP protocol, compaction improvements, and security hardening.
Added
- Agent Client Protocol (ACP) —
tinycode acpfor IDE integration (VS Code, Zed, JetBrains) - Reference VS Code extension at
packages/vscode-extension/ - ACP integration guide at
docs/acp-integration.md - Compaction improvements — deterministic file tracking, observation masking, text serialization, circuit breaker, telemetry
- Mock LLM provider for deterministic testing (
ProviderTest.fake({ scenarios })) - Plugin lifecycle hooks —
session.start,session.end,session.switch,session.model.change - Session export to HTML —
tinycode export --format html - Session tree sidebar in TUI (
<leader>b) - CI workflow — lint, typecheck, test on PRs
- Dependency audit CI — daily
bun audit - Build guide —
docs/building.mdcovering all three projects - Why tinycode —
docs/why-tinycode.mdpositioning document - Community files: CONTRIBUTING.md, SECURITY.md, CODE_OF_CONDUCT.md, CHANGELOG.md, CODEOWNERS
Security
- Config API secret redaction (
redactKeys) - Enforce auth on non-loopback network bind
- LLM retry cap (20 attempts), agent step limit (200), RPC timeout (30s)
- Ripgrep result limit (200)
- Timing-safe auth, command injection fixes, security headers
- Qwen3 thinking mode disabled for vLLM (prevents output budget loops)
Fixed
- Provider filter applies to locally-discovered providers
- Compaction file tracking bugs (
part.toolaccess) - Removed dead omt LSP stub tools
- Typecheck switched from tsgo to tsc