hazakura editor 0.8.0 Warning-expected DMG Preview
Pre-release
hazakura editor 0.8.0 Warning-expected DMG Preview
Assist Surface Separation And Daily Editor Polish
v0.8.0 ships the detached Agent Window as the primary Agent route, adds daily-editor navigation polish, and keeps the Safe Editor boundary explicit.
This release does not turn hazakura editor into an IDE, Git client, general terminal, agent platform, or automatic edit-apply system. Safe Editor Mode remains primary. Agent Workbench remains opt-in, consent-gated, allowlisted, one-session, no-restore, and no-auto-apply.
This is a warning-expected macOS DMG preview. The app is ad-hoc signed and not notarized, so Gatekeeper warnings are expected.
Only use this preview if you are comfortable evaluating unsigned and not-notarized macOS preview binaries.
What Changed Since 0.7.0
Detached Agent Window
- Makes the detached Agent Window the primary Agent Workbench surface, with the old right-pane Agent route removed from the main Safe Editor layout.
- Keeps Agent launch behind the existing Agent Workbench mode gate, restart-required enablement, responsibility consent, selected workspace root, provider allowlist, and one-session runtime.
- Adds
claude/ Claude Code CLI as an allowlisted local CLI provider alongsidecodex,opencode, andpi, using the same provider-not-found and launch-gate path. - Improves Agent Window layout, theme handoff, xterm sizing, Start / Stop behavior, and terminal resize handling.
- Keeps Agent Workbench out of Safe Editor Mode by default and does not add Claude-specific permission UI, MCP UI, arbitrary arguments, provider-add UI, Git integration, auto-apply, or auto-commit.
Daily Editor Polish
- Adds Command Palette (
Cmd+Shift+P) as a thin launcher over existing safe app actions. - Adds bounded Global Search (
Cmd+Shift+F) as a workspace grep: no background indexing, no Git awareness, no project analyzer, and server-side caps on visited files, matches per file, total matches, line text, binary-looking files, excluded directories, and symlinks. - Adds pinned files on the start panel, with pinned entries separated from recents and preserved through the existing recent-file storage.
- Adds print-ready HTML export polish for both Print to PDF handoff and standalone HTML export: serif print body, page margins, page-break hints, code/table/image handling, and link URL annotations.
- Keeps Review Desk low-prominence and explicit: shortcut / View menu / slash entry points remain, but Review Desk is not elevated into a main top-chrome workbench.
Language, Tests, And Structure
- Fixes IME composition handling in Command Palette and Quick Open so Enter / Escape / Arrow keys are not intercepted during Japanese / kana conversion.
- Extends
かなふみcopy coverage across diff/review, slash commands, Agent status, document status, close dialogs, workspace context menus, and related editor chrome. - Adds a minimal Vitest + jsdom TypeScript hook test layer and focused tests for Agent preferences/output cursor, find state/matches, compare state, and document outline.
- Splits major frontend and Rust surfaces by feature area:
src/App.tsxis a small composition file, Tauri and locale helpers are feature-barreled, Rust tests are per-module, Agent session state is separate from command shims, and shared CodeMirror highlight / format / file-preflight helpers are deduplicated.
Boundary
v0.8.0 does not add:
- Git integration, merge editing, staging, commit, push, pull, or repository status.
- LSP, debugger, plugin system, package-manager UI, or project-wide indexing.
- General shell prompt, arbitrary command input UI, arbitrary path input UI, provider-add UI, or arbitrary provider configuration.
- Agent auto-apply, auto-commit, auto-push, session restore, multiple sessions, background agent execution, or persistent terminal history.
- Foundation Models-backed behavior, Apple Local Assist behavior, generic chat, automatic candidate generation, or automatic file application.
- Developer ID signing, notarization, installer packaging, updater, or distribution-grade Gatekeeper approval.
Agent Workbench can directly launch only the allowlisted local CLI provider names codex, opencode, pi, and claude. What happens inside the provider process is outside hazakura's safety boundary and depends on the provider and the user's choices.
Artifact
hazakura-editor_0.8.0_aarch64-warning-expected.dmgPlatform:
macOS Apple Silicon / aarch64SHA-256:
c6e128b7519c5a3ffc16bd27cb32d804c1daff0b2f2530c5976925b18046659dChecksum file:
hazakura-editor_0.8.0_aarch64-warning-expected.dmg.sha256Verify The Download
Download both the .dmg and .dmg.sha256 assets into the same directory, then run:
shasum -c hazakura-editor_0.8.0_aarch64-warning-expected.dmg.sha256Known Limitations
- This release does not add Git integration, LSP, project-wide indexing, arbitrary command execution, auto-apply, or auto-commit behavior.
- Agent Workbench provider behavior remains outside hazakura's safety boundary.
- Claude Code CLI is only another allowlisted local CLI provider in the existing Agent Workbench boundary; there is no Claude-specific permission, MCP, argument, or provider configuration UI.
- Review Desk remains a manual candidate receiver and does not persist review logs, save candidate documents automatically, auto-apply Agent output, or replace Git/merge workflows.
- Global Search is bounded workspace grep, not background indexing or a project analyzer; results may truncate on large workspaces and should be narrowed by query.
- The JavaScript bundle remains large; code splitting is planned for a future product-preview hardening lane.
- The bundled macOS binary is ad-hoc signed only and is not Developer ID signed or notarized.
Local Verification Before Publication
Required gates to rerun before publishing this preview:
npm ci
npm run typecheck
npm test
cargo fmt --manifest-path src-tauri/Cargo.toml -- --check
cargo test --manifest-path src-tauri/Cargo.toml
npm run build:vite
npm run build
git diff --check
npm audit
cargo audit --file src-tauri/Cargo.lock
npm run build:dmg-preview
cd src-tauri/target/release/bundle/dmg
shasum -c hazakura-editor_0.8.0_aarch64-warning-expected.dmg.sha256The built and mounted apps must report version 0.8.0, bundle identifier lab.hazakura.note, product name hazakura editor, and executable hazakura-editor.
The built app must still pass:
codesign --verify --deep --strict --verbose=2 "src-tauri/target/release/bundle/macos/hazakura editor.app"Expected warning:
spctl -a -vv -t open "src-tauri/target/release/bundle/macos/hazakura editor.app"The app is expected to be rejected by Gatekeeper with source=Insufficient Context, because this preview is ad-hoc signed and not notarized.
Remote Verification After Publication
After publishing the GitHub Release:
gh release download v0.8.0 -R lero003/hazakura-editor --dir .release-verify/v0.8.0
cd .release-verify/v0.8.0
shasum -c hazakura-editor_0.8.0_aarch64-warning-expected.dmg.sha256
hdiutil verify hazakura-editor_0.8.0_aarch64-warning-expected.dmgThe downloaded assets must pass checksum verification and DMG verification, and the mounted app must report version 0.8.0, bundle identifier lab.hazakura.note, product name hazakura editor, and executable hazakura-editor, with codesign --verify --deep --strict --verbose=2 passing.
Built-app Smoke Focus For v0.8.0
Beyond the v0.7.0 smoke surface, v0.8.0 should confirm:
Cmd+Shift+Popens / dismisses Command Palette, fuzzy filtering works, and Enter / click runs existing safe commands only.Cmd+Shift+Fopens / dismisses Global Search, returns file-grouped line results, and Enter / click opens the matched file at the matched line.- Global Search reports truncation on large result sets and does not scan through excluded directories, binary-looking files, or symlinks.
- Pinned file stars persist through restart and separate pinned entries from recent entries.
- Print to PDF / exported HTML uses the print-ready stylesheet and local workspace asset inlining still works.
- Agent Workbench opens through the detached Agent Window, respects mode / consent / workspace gates, and can start / stop one allowlisted provider session.
claudeappears as an allowlisted provider but does not gain Claude-specific settings, arbitrary arguments, provider-add UI, or auto-apply behavior.- Command Palette, Quick Open, and Global Search do not intercept IME composition Enter / Escape / Arrow keys.
かなふみstill renders kana copy across diff/review, slash menu, Agent status, document status, close dialogs, and workspace context menus.
Built-app Smoke Result
Local release verification passed on 2026-06-03:
npm cinpm run typechecknpm testcargo fmt --manifest-path src-tauri/Cargo.toml -- --checkcargo test --manifest-path src-tauri/Cargo.tomlnpm run build:vitenpm run buildgit diff --checknpm audit --audit-level=moderatecargo audit --file src-tauri/Cargo.lockexited 0 with the known allowed warnings.npm run build:dmg-preview- Local
shasum -c - Local
hdiutil verify - Built-app metadata check: version
0.8.0, bundle identifierlab.hazakura.note, executablehazakura-editor - Built-app
codesign --verify --deep --strict --verbose=2 - Mounted-DMG metadata check: version
0.8.0, bundle identifierlab.hazakura.note, executablehazakura-editor - Mounted-DMG
codesign --verify --deep --strict --verbose=2 - Expected Gatekeeper result:
spctl -a -vv -t openrejected the ad-hoc signed app withsource=Insufficient Context.
Interactive UI smoke is not re-claimed by this automation pass; the v0.8 UI direction had already been reviewed manually before publication.
Remote Verification Result
Remote release verification passed on 2026-06-03 after publishing v0.8.0:
gh release download v0.8.0 -R lero003/hazakura-editor --dir .release-verify/v0.8.0- Downloaded asset
shasum -c - Downloaded asset
hdiutil verify - Mounted downloaded DMG metadata check: version
0.8.0, bundle identifierlab.hazakura.note, executablehazakura-editor - Mounted downloaded DMG
codesign --verify --deep --strict --verbose=2
Boundary Reminder
Do not treat this as a signed, notarized, trusted, installer-grade, stable, or production-ready distribution.
Older public tags and releases remain immutable.