v0.14.0
Theme: single-Chrome security + a real landing site. Security mode no longer needs a second browser, the marketing site lands, and the widget gains a plugin-mode theming system.
Highlights
π Single-Chrome security model
The MITM proxy is now resident β it starts at service start (transparent passthrough by default), and the one debug Chrome on the normal CDP port is born with --proxy-server + the SPKI pin. Entering Security mode just flips the proxy to intercept: no second Chrome on 9333, no relaunch. Chrome auto-launch moved out of all five bundler shims into the core service via a new hover:service:start plugin hook (only the service knows the resident proxy port). Trade-off: with @hover-dev/security installed, that Chrome is always proxied (transparently) even in normal mode; projects without the plugin are unaffected.
π Landing site (@hover-dev/site)
A static-export Next 16 + React 19 + Tailwind v4 marketing page for gethover.dev, separate from the VitePress docs. Design tokens + the β¨ mark are lifted from the widget; the hero embeds an auto-playing dual-mode live widget demo (Default mint β Security orange) and a click-to-copy install command.
π¨ --mode-accent widget theming
When a plugin mode is engaged, :host(.mode-engaged) re-points --accent at the mode's colour, retinting the Send button, spinner, status dot, and tooltip in one place. Security reads orange. Cleaner β ready status; the mode bar shows the mode's engagedHint ("MITM proxy active").
π Agent output language mirroring
A CJK prompt makes the agent write its prose (verification summary, ## Findings, step narration) in Simplified Chinese β mirroring how Voice mode already picks a Chinese TTS voice. Prose only; selectors and UI text untouched. English prompts unaffected.
π Fixes
- Plugin overlay close (
Γ) threwReferenceErrorβ the security Network panel could never be dismissed. - Security MCP server exited
failedbecause its env was cleared on mode change.
Full per-change detail in CHANGELOG.md.
Full Changelog: v0.13.0...v0.14.0