Skip to content

ChatGPT CLI v1.10.10

Choose a tag to compare

View all tags
@kardolus kardolus released this 04 Feb 13:59
· 12 commits to main since this release
v1.10.10
a2fd664

This release focuses on safer persistence and file permissions, more reliable config writes, and bounded agent transcript/prompt logging to prevent unbounded memory/log growth while improving debuggability.

New Features

  • Capped in-memory transcript and prompt history (with truncation banner)

    • Introduced a new TranscriptBuffer utility to store agent transcripts and prompt history with a strict maximum size and a visible …(truncated) banner when older content is dropped.
    • Integrated into BaseAgent as Transcript and PromptHistory, enabled by default with conservative limits and configurable via:
      • core.WithTranscriptMaxBytes(n)
      • core.WithPromptHistoryMaxBytes(n)
    • Code references:
      • agent/core/transcript_buffer.go (new)
      • agent/core/base_agent.go

  • Cross-platform config write locking

    • Added an OS-specific file lock implementation to prevent concurrent config writes from corrupting the config file.
    • Code references:
      • config/file_lock_unix.go (new)
      • config/file_lock_windows.go (new)
      • config/store.go

  • Secure API key file reader

    • Centralized API key file loading with validation:
      • must be a regular file
      • must not be empty
      • size capped at 10KB
      • path is cleaned
    • Code references:
      • config/read_api_key_file.go (new)
      • cmd/chatgpt/main.go

Improvements

  • Agent runs now capture structured transcripts for easier debugging

    • Both Plan-and-Execute and ReAct agents now:
      • reset transcript/history at the start of each run
      • record key lifecycle events (goal, plan steps, prompts, raw LLM output, actions, outcomes, final result)
    • This provides consistent, machine-readable traces while keeping memory usage bounded.
    • Code references:
      • agent/planexec/plan_execute_agent.go
      • agent/react/react_agent.go

  • HTTP client now uses a default timeout

    • Adds a 60-second timeout to avoid indefinite hangs on network calls.
    • Maintains SkipTLSVerify support while reusing a cloned default transport.
    • Code reference: api/http/http.go

  • Safer “workdir escape” detection

    • Workdir and resolved target paths now evaluate symlinks before containment checks, improving correctness when symlinks are involved.
    • Code reference: agent/core/policy.go

Bug Fixes

  • Prevent transcript/prompt history accumulation across agent runs

    • Agents explicitly reset buffers at the start of RunAgentGoal, eliminating “leftover” content leaking into subsequent runs.
    • Tests added to prevent regressions.
    • Code references:
      • agent/planexec/plan_execute_agent.go, agent/planexec/plan_execute_agent_test.go
      • agent/react/react_agent.go, agent/react/react_agent_test.go

  • Hardened config persistence to reduce risk of partial/corrupted writes

    • Config writes are now:
      • protected by a lock
      • written via an atomic temp-file + rename strategy
      • synced to disk (best-effort)
      • permissions preserved when possible
    • Code reference: config/store.go

Other Changes

  • Tighter default filesystem permissions for sensitive data

    • Log dir permissions: 0700 (was 0755)
      • agent/core/log.go
    • Config file writes: 0600 (was 0644)
      • cmd/chatgpt/main.go (config save)
      • config/store.go (atomic write defaults/preserve)
    • CLI interactive history file: 0600 (was 0644)
      • cmd/chatgpt/utils/utils.go
    • Stored conversation history directory and files:
      • directory 0700 and files 0600
      • history/store.go

  • Reduced plan logging output

    • Removed writing the raw plan JSON artifact (keeps normalized plan logging).
    • Code reference: agent/planexec/plan.go

  • Dependency updates

    • Updated testing/dependency versions (e.g., gomega, ginkgo, and related golang.org/x/* tooling updates reflected in go.sum).
    • Code references: go.mod, go.sum

Upgrade Notes

  • Homebrew (recommended):

    • Run: 
      brew upgrade chatgpt-cli

  • Direct download:

    • Download the prebuilt binary for your specific OS/architecture from the project’s release artifacts, then replace your existing chatgpt-cli binary with the new one (ensure it is executable and on your PATH).
Assets 10
Loading