75869f7e22
* auto-claude: subtask-0a-1 - Install Vercel AI SDK v6 core + all provider packages Added dependencies: ai@^6, @ai-sdk/anthropic, @ai-sdk/openai, @ai-sdk/google, @ai-sdk/amazon-bedrock, @ai-sdk/azure, @ai-sdk/mistral, @ai-sdk/groq, @ai-sdk/xai, @ai-sdk/openai-compatible, @ai-sdk/mcp, @modelcontextprotocol/sdk. Verified zod/v3 compat works with existing zod v4. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-0b-1 - Create provider types and config interfaces Define SupportedProvider enum, ProviderConfig, ModelResolution, and ProviderCapabilities types. Port MODEL_ID_MAP, THINKING_BUDGET_MAP, MODEL_BETAS_MAP, and phase config types from phase_config.py. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-0b-2 - Create provider factory: createProvider(config) → LanguageModel Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-0b-3 - Create provider registry using createProviderRegistry Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-0b-4 - Create per-provider transforms layer Port thinking token normalization, tool ID format transforms, prompt caching thresholds, and adaptive thinking support from phase_config.py. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-0c-1 - Port command-parser.ts from Python security/parser Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-0c-2 - Port bash-validator.ts from Python security/hooks. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-0c-3 - Create path-containment.ts for filesystem boundary Add path-containment.ts with assertPathContained() for filesystem boundary enforcement including symlink resolution, traversal prevention, and cross-platform normalization. Add security-profile.ts for loading and caching project security profiles from .auto-claude config files. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-0c-4 - Write comprehensive Vitest tests for the security layer Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-0d-1 - Create tool types and Tool.define() wrapper Define ToolContext interface (cwd, projectDir, specDir, securityProfile), ToolPermission types, ToolExecutionOptions, and ToolDefinitionConfig. Create Tool.define() that wraps AI SDK v6 tool() with Zod v3 inputSchema and security hooks integration (bash validator pre-execution check). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-0d-2 - Create 4 filesystem tools (Read, Write, Edit, Glob) Implements Read (line offset/limit, image base64, PDF support), Write (content validation, mkdir -p), Edit (exact string replacement, replace_all), and Glob (fs.globSync, mtime sort) with Zod schemas and path-containment security integration. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-0d-3 - Create Bash, Grep, WebFetch, WebSearch tools Add the 4 remaining built-in tools following the existing Tool.define() pattern: - Bash: command execution with bashSecurityHook() integration, timeout, background support - Grep: ripgrep-based search with output modes, file type/glob filtering - WebFetch: URL fetching with timeout and content truncation - WebSearch: web search with domain allow/block list filtering Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-0d-4 - Create ToolRegistry class with agent config registry Port tool constants (BASE_READ_TOOLS, BASE_WRITE_TOOLS, WEB_TOOLS), MCP tool lists, and AGENT_CONFIGS from Python models.py. Implement ToolRegistry with registerTool(), getToolsForAgent(), and helper functions getAgentConfig(), getDefaultThinkingLevel(), getRequiredMcpServers(). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-0e-1 - Port AGENT_CONFIGS from models.py to agent-configs.ts Port all 27 agent type configurations from Python backend to TypeScript. Includes tool lists, MCP server mappings, auto-claude tools, thinking defaults, and helper functions (getAgentConfig, getRequiredMcpServers, getDefaultThinkingLevel, mapMcpServerName). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-0e-2 - Port phase-config.ts from phase_config.py Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-0e-3 - Create auth resolver with multi-stage fallback chain Add auth types and resolver that reuses existing claude-profile/credential-utils.ts. Implements 4-stage fallback: profile OAuth token → profile API key → environment variable → default provider credentials. Supports all providers with provider-specific env var mappings. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-0e-4 - Create MCP client and registry Add MCP integration layer using @ai-sdk/mcp with @modelcontextprotocol/sdk for stdio/StreamableHTTP transports. Define server configs for context7, linear, graphiti, electron, puppeteer, auto-claude. Implement getMcpServersForAgent() via createMcpClientsForAgent() with dynamic server resolution and graceful fallback on connection failures. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-0f-1 - Unit tests for provider factory, registry, and transforms Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-0f-2 - Unit tests for agent configs, phase config, and tool registry Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-1-1 - Create session types and client factory Add SessionConfig, SessionResult, StreamEvent, ProgressState types for the agent session runtime. Add AgentClientConfig/Result and SimpleClientConfig/Result types for the client layer. Implement createAgentClient() with full tool/MCP setup and createSimpleClient() for utility runners with minimal tools. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-1-1 - Fix unused imports in client factory Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-1-2 - Create stream handler and error classifier Add stream-handler.ts to process AI SDK v6 fullStream events (text-delta, reasoning, tool-call, tool-result, step-finish, error) and emit structured StreamEvents. Add error-classifier.ts ported from Python core/error_utils.py with classification for rate limit (429), auth failure (401), concurrency (400), tool execution, and abort errors. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-1-3 - Create progress-tracker.ts for phase detection from tool calls + text patterns Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-1-4 - Create the core session runner: runAgentSession(). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-1-5 - Write unit tests for session runtime Add 78 tests across 4 test files covering: - stream-handler: text-delta, reasoning, tool-call/result, step-finish, error, multi-step conversations - error-classifier: 429/401/400 detection, abort errors, classification priority, sanitization - progress-tracker: phase detection from tools/text, regression prevention, terminal locking - runner: completion, max_steps, auth retry, cancellation, event forwarding, tool tracking Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-2-1 - Create AgentExecutor, worker thread, and worker bridge Add the worker thread infrastructure for running AI agent sessions off the main Electron thread: - executor.ts: AgentExecutor class wrapping WorkerBridge with start/stop/retry - worker.ts: Worker thread entry point receiving config via workerData, running runAgentSession(), posting structured messages back via parentPort - worker-bridge.ts: Main-thread bridge spawning Worker, relaying postMessage events to EventEmitter matching AgentManagerEvents interface - types.ts: WorkerConfig, SerializableSessionConfig, WorkerMessage protocol Handles dev/production Electron paths, SecurityProfile serialization across worker boundaries, and abort signal propagation. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-2-2 - Add worker thread execution to AgentProcessManager Replace Python subprocess spawn with Worker thread creation for AI SDK agents. Add spawnWorkerProcess() using WorkerBridge for postMessage event handling. Update killProcess/killAllProcesses to handle Worker thread termination. Add optional worker field to AgentProcess interface. Keep spawnProcess() and getPythonPath()/ensurePythonEnvReady() for backward compatibility. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-2-3 - Add structured progress event handling to AgentEvents Add handleStructuredProgress() and buildProgressData() methods that accept typed progress events from worker threads via postMessage, bypassing text matching. Includes phase regression prevention. Existing parseExecutionPhase() preserved as fallback for backward compatibility during transition. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-2-4 - Write tests for worker thread integration Tests cover: worker spawning, message relay (log/error/progress/stream-event), result handling with exit code mapping, crash handling (worker error/exit events), termination with abort signal, executor lifecycle (start/stop/retry), config management, and AgentManagerEvents compatibility. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-3-1 - Create build-orchestrator.ts and subtask-iterator.ts Replaces Python run.py main build loop and agents/coder.py subtask iteration with TypeScript equivalents for the Vercel AI SDK migration. - BuildOrchestrator: drives planning → coding → qa_review → qa_fixing → complete - SubtaskIterator: reads implementation_plan.json, iterates pending subtasks - Phase transitions validated via phase-protocol.ts - Retry tracking, stuck detection, abort signal support Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-3-2 - Create spec-orchestrator.ts and qa-loop.ts Add TypeScript replacements for spec_runner.py and qa/loop.py: - spec-orchestrator.ts: Drives spec creation pipeline with dynamic complexity-based phase selection (simple/standard/complex workflows) - qa-loop.ts: QA review/fix iteration loop with recurring issue detection, consecutive error tracking, and human feedback processing Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-3-3 - Create parallel-executor.ts and recovery-manager.ts Add concurrent subtask execution with Promise.allSettled() and failure isolation, plus checkpoint/recovery logic for build resume. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-4-1 - Port utility runners (insights, ideation, commit-message) Port insights runner, ideation generator, and commit message generator from Python to TypeScript using Vercel AI SDK v6. Uses createSimpleClient() with streamText/generateText and appropriate tool bindings. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-4-2 - Port roadmap, merge-resolver, insight-extractor, and changelog runners Port four utility runners from Python backend to TypeScript using Vercel AI SDK: - roadmap.ts: Multi-phase roadmap generation (discovery + features) with retry logic and feature preservation - merge-resolver.ts: Single-turn merge conflict resolution with factory function - insight-extractor.ts: Session insight extraction with JSON parsing and generic fallback - changelog.ts: Changelog generation supporting tasks, git-history, and branch-diff modes Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-4-3 - Replace Python subprocess spawning with TS runners in agent-queue Replace spawnIdeationProcess() and spawnRoadmapProcess() with direct calls to the new TypeScript runners (runIdeation, runRoadmapGeneration). Uses AbortController for cancellation instead of process.kill(). Removes Python environment setup, subprocess spawning, and stdout parsing in favor of structured streaming callbacks from the TS runners. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-5-1 - Port GitHub PR review engine and triage engine Port pr_review_engine.py and triage_engine.py to TypeScript using Vercel AI SDK. Implements multi-pass review workflow (quick scan → parallel security/quality/structural/deep analysis) and issue triage with duplicate detection, spam detection, and feature creep analysis. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-5-2 - Port parallel PR orchestrator, followup reviewer, and GitLab MR review engine Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-6-1 - Add provider settings translation keys to en/settings.json and fr/settings.json Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-6-2 - Create Provider Settings UI component Add ProviderSettings.tsx with provider selection (Anthropic, OpenAI, Ollama, OpenRouter), per-provider API key input with masked fields, Ollama endpoint URL configuration, test connection button, and per-phase model preferences (spec, planning, coding, QA). All text uses useTranslation('settings') with provider.* namespace keys. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-7-1 - Remove claude-agent-sdk pip dependency Remove claude-agent-sdk from requirements.txt and pyproject.toml. Add a local stub package (apps/backend/claude_agent_sdk/) so existing Python imports resolve to deprecation stubs instead of crashing. Clean up SDK references in worktree.py, auth.py, conftest.py, and EXAMPLES.md. Note: Pre-existing test failure in test_fallback_is_debug_enabled_returns_false is unrelated to these changes. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-7-2 - Update CLAUDE.md to reflect the new TypeScript agent layer Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * auto-claude: subtask-7-3 - Run full verification suite All checks pass: - typecheck: 0 errors - tests: 3548 passed (142 files), 6 skipped - lint: 0 errors (683 pre-existing warnings) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: use inputSchema instead of parameters, fix platform/worker patterns (qa-requested) - Changed `parameters` to `inputSchema` in Tool.define() wrapper (AI SDK v6) - Replaced `process.platform === 'win32'` with `isWindows()` from platform utils - Removed `process.exit(1)` from worker thread (terminates naturally) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * TS logic working on kanban tasks * fix: log phase formatting and task completion state transition - Add TaskLogWriter that writes task_logs.json for structured phase sections in the Logs tab (Planning/Coding/Validation) - Emit QA_PASSED/BUILD_COMPLETE task events from worker via postTaskEvent() so XState transitions to human_review instead of stuck - Fix processType in startSpecCreation() from 'task-execution' to 'spec-creation' so exit handler correctly chains into startTaskExecution() - Skip handleProcessExited for successful spec-creation exits to prevent state poisoning before spec→build transition - Add task-event relay in WorkerBridge for worker→main thread task events - Wire orchestrator phase changes to emit kickoff messages per agent type Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * feat: add TypeScript worktree manager for task isolation Port Python WorktreeManager.create_worktree() to TypeScript. Tasks now run in isolated git worktrees at .auto-claude/worktrees/tasks/{specId}/ on branch auto-claude/{specId}, matching the Python backend behavior. - Create worktree-manager.ts with idempotent 7-step creation logic - Wire into agent-manager startTaskExecution() and startQAProcess() - Agent cwd set to worktree path so file changes are isolated - Spec files copied to worktree (gitignored, not in checkout) - Falls back to project root if worktree creation fails Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: normalize plan schema fields for subtask tracking LLM planner outputs subtask_id/phase_id instead of id, omits status field, and uses file_paths instead of files_to_modify. The subtask iterator requires status === 'pending' to find work — without it, no subtasks are found and no coding happens. - normalizeSubtaskIds() now adds status: 'pending' default, normalizes phase_id → id, file_paths → files_to_modify, and adds name fallback - ensureSubtaskMarkedCompleted() safety net after each coder session - E2E validated: task 251 shows 2/2 subtasks, no 'Task Incomplete' Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: wire TypeScript runners to IPC handlers, resolve all tsc errors - Replace InsightsExecutor Python subprocess with runInsightsQuery() TS runner (AbortController-based cancellation, streaming events via callback) - Fix pr-handlers.ts type mismatches: phase union cast via Set.has(), findings cast - Fix insights-executor.ts metadata type cast (TaskCategory, TaskComplexity) - Confirm autofix-handlers.ts and mr-review-handlers.ts already have correct imports/TypeScript implementations; tsc now passes with zero errors Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: wire TypeScript Vercel AI SDK changelog runner to IPC handler Replace Python subprocess-based changelogService.generateChangelog() with the TypeScript generateChangelog() runner from ai/runners/changelog.ts, which uses generateText() from the Vercel AI SDK. Emits proper CHANGELOG_GENERATION_PROGRESS and CHANGELOG_GENERATION_COMPLETE events directly from the handler. E2E verified: changelog generation for 24 tasks completes successfully via TypeScript path, producing structured markdown with ### Added, ### Changed, ### Fixed sections. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * all python logic over to TS * temp_memory_docs * feat: implement Memory System core engine (Steps 1-7) Complete TypeScript memory system with libSQL/Turso storage, covering: - Foundation: types, schema (DDL + FTS5), db client factory - MemoryService: store, search, pattern matching, user-taught memories - EmbeddingService: 5-tier fallback (Ollama 8b/4b/0.6b → OpenAI → ONNX) - Knowledge Graph: tree-sitter AST extraction, chunking, closure tables, incremental indexer with chokidar, impact analysis - Retrieval Pipeline: BM25 + dense vector + graph search, weighted RRF fusion, graph neighborhood boost, cross-encoder reranking (Ollama/Cohere), phase-aware context packing, HyDE fallback - Observer: 17-signal behavioral taxonomy, scratchpad with O(1) analytics, dead-end detection, trust gate (anti-injection), promotion pipeline, parallel scratchpad merger - Active Injection: step injection decider (3 triggers), planner/QA context builders, prefetch plan builder, calibrated stop conditions, prepareStep callback integration in session runner - Agent tools: search_memory, record_memory - IPC: worker-observer proxy, memory IPC handlers 331 tests across 23 test files, 0 TypeScript errors. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * feat: wire Memory System UI to libSQL backend (Step 8) Update the existing Memory Panel UX to work with the new libSQL-backed MemoryService. Adds singleton factory, rewires IPC handlers, updates shared types with backward-compatible aliases, enhances MemoryCard with confidence bars and trust badges, and adds i18n keys for all 16 memory types. Removes all internal "V5" draft references from production code. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: resolve __dirname ESM error in memory db.ts, clean up V5 naming - Fix ReferenceError: __dirname is not defined in ESM bundles by using dirname(fileURLToPath(import.meta.url)) for sqlite-vec extension path - Rename ParsedV5Memory → ParsedMemoryContent in MemoryCard.tsx - Remove "V5" from comments across constants.ts and MemoriesTab.tsx - Update memory system design doc with reranking and implementation details E2E verified: memory status connected, 6 test memories rendered correctly with category filtering, confidence bars, tags, and related files. 0 TypeScript errors, 3869 tests passing. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * refactor: remove Python backend, rename apps/frontend → apps/desktop - Delete entire Python backend (agents, analysis, CLI, security, QA, runners) except graphiti MCP sidecar and prompts (kept temporarily) - Rename apps/frontend → apps/desktop to reflect Electron desktop app - Update all CI/CD workflows to remove Python jobs and references - Update .husky/pre-commit: remove Python checks, reference apps/desktop - Update .pre-commit-config.yaml: remove Python hooks, reference apps/desktop - Clean 43+ config files referencing apps/frontend → apps/desktop - Remove Python packaging scripts (download-python, verify-linux-packages) - Delete python-env-manager.ts and python-detector.ts from frontend - Add OAuth beta headers for Claude subscription auth - Clean up investigation and migration planning documents Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * refactor: delete entire apps/backend, clean all references - Delete apps/backend/ entirely (graphiti, linear integration, Python packaging) - Move prompts from apps/frontend/prompts → apps/desktop/prompts - Remove stale apps/frontend directory - Clean 85+ TypeScript files of apps/backend references (JSDoc, paths, code) - Clean 12+ config files (CI/CD, docs, scripts, .gitignore, dependabot) - Update 3 prompt files with correct TypeScript paths - Delete deprecated scripts (install-backend, test-backend, check_encoding, etc.) - Delete setup-python-backend GitHub Action - Remove Python test files (package-with-python.test.ts, insights-config PYTHONPATH tests) - Fix agent-process.test.ts for deprecated spawnProcess behavior - Update CLAUDE.md, README.md, CONTRIBUTING.md for TypeScript-only architecture Build: 0 tsc errors, 169 test files pass (4031 tests), electron-vite build clean Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * memory system * new provider ui * new provider auth and ui * feat: global priority queue with cross-provider fallback and multi-provider header UI Replace per-provider isActive flags with a single global priority queue where all accounts compete in one ordered list. Only one account is "In Use" at any time, and cross-provider fallback happens automatically on 429/401 errors. Key changes: - Data model: remove isActive/priority from ProviderAccount, add billingModel (subscription vs pay-per-use), globalPriorityOrder in AppSettings - Model equivalence system: DEFAULT_MODEL_EQUIVALENCES maps model shorthands across providers with reasoning config (thinking_tokens, reasoning_effort, etc.) - Auth resolver: new resolveAuthFromQueue() walks queue, scores accounts, finds model equivalent, resolves credentials - Session runner: onAccountSwitch callback retries on 429/401 with next account - Client factory: dual-path resolution (queue-based or legacy) - Profile scorer: new scoreProviderAccount() for queue-based availability - AuthStatusIndicator: shows actual active provider name (OpenAI, Google AI, etc.) with provider-specific badge colors instead of hardcoded "Claude Code" - UsageIndicator: Anthropic OAuth shows usage bars, pay-per-use/other providers show "Unlimited" badge; swap reorders global queue - i18n: provider names and billing labels for all 10 providers (en + fr) - IPC: replace PROVIDER_ACCOUNTS_SET_ACTIVE with SET_QUEUE_ORDER, add MODEL_OVERRIDES_SAVE - Settings UI: remove "Set Active" button, derive active from queue position - Tests updated for new provider accounts model (4035 passing) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * feat: enhance provider account management with Codex support - Updated settings handlers to manage provider accounts within a global priority queue, allowing for Codex-specific handling. - Modified UI components to display Codex-related information and subscription options. - Added internationalization support for Codex terminology in English and French. - Improved account addition and deletion logic to reflect changes in global priority order. This update enhances the user experience for managing accounts, particularly for OpenAI's Codex, ensuring a more intuitive interface and better account handling. * provider settings changes * multi-provider ui * feat: concrete per-provider presets and cross-provider tab Replace abstract shorthand-driven presets with concrete per-provider preset definitions so what users see is what actually runs. Move cross-provider configuration from a profile card to its own tab. - Add PROVIDER_PRESET_DEFINITIONS with concrete models for 6 providers (Anthropic, OpenAI, Google, xAI, Mistral, Groq) - Remove "Custom" profile card; 4 presets remain (Auto, Complex, Balanced, Quick) with provider-specific model names on badges - Add Cross-Provider tab in ProviderTabBar (shown when 2+ providers connected) with MixedPhaseEditor and new MixedFeatureEditor - Widen PhaseModelConfig/FeatureModelConfig/ModelType from narrow unions to string to accept any provider's model IDs - Task creation writes phaseProviders to metadata in cross-provider mode - Agent manager prefers specified provider per phase via queue reordering - Provider-aware useResolvedAgentSettings hook with 4-step resolution - i18n keys for cross-provider tab (en + fr) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: pre-PR validation fixes — xhigh thinking level, state management, tests - Add 'xhigh' to VALID_THINKING_LEVELS in phase-config.ts (runtime bug) - Reset customMixedProfileActive when switching away from cross-provider tab - Clean up dead custom profile branch in AgentProfileSelector - Add 14 tests for getProviderPreset/getProviderPresetOrFallback - Add xhigh assertions to phase-config tests - Update stale JSDoc in insights.ts Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * refactor: move Claude Code badge from sidebar to terminal toolbar Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: Codex API integration — instructions, store, model routing, XState race Three Codex API issues fixed: 1. Pass system prompt via providerOptions.openai.instructions (not system msg) 2. Set store: false (Codex requires it) 3. Use .responses() instead of .chat() for Codex models Worker model routing fix: - runSingleSession now uses baseSession.modelId (queue-resolved) instead of re-resolving via getPhaseModel() which maps opus → claude-opus-4-6 even when the queue selected an OpenAI Codex account XState race condition fix: - Skip fallback timer for successful spec-creation exits (spec → build transition starts a new process immediately, timer would incorrectly force USER_STOPPED on the new process) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: pipeline validation fixes + denylist security model Fix planning log routing, subtask execution, worktree diff tracking, and task completion status. Replace allowlist security model with a denylist that blocks only dangerous system commands while allowing all standard development tools. - Route spec_orchestrator logs to planning phase (not coding) - Merge planning logs from both main and worktree directories - Normalize subtask IDs before coding phase (fixes 0/N completed) - Emit execution-progress events from worker for file watcher re-pointing - Show uncommitted worktree changes in Build for Review (git diff baseBranch) - Fix task showing "Incomplete/Needs Resume" when reviewReason is set - Replace allowlist with 25-command denylist + 15 per-command validators - Fix QA phase transition ordering (markCompleted before transitionPhase) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: Codex pipeline halt + UI model display for non-Anthropic providers - Reset all subtask statuses to "pending" after initial planning phase. Some LLMs (particularly OpenAI Codex) create implementation plans with subtasks pre-set to "completed", causing isBuildComplete() to skip coding and QA phases entirely. - Build MODEL_SHORT_LABELS dynamically from ALL_AVAILABLE_MODELS catalog instead of hardcoding only Anthropic shorthands. Now properly displays model names for all providers (OpenAI, Google, Mistral, Groq, xAI). - Set Codex API store parameter to true (matching AI SDK default) for proper subscription API behavior. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * task logs * structured output for all providers with zod validation * codex usage monitoring * fix: pre-PR validation fixes for Vercel AI SDK migration Security: fix worker.ts unsafe cast, sanitize Bearer tokens in error classifier, block --no-preserve-root in rm validator, deny unparseable shell -c commands, redact OAuth tokens in debug logs. Cross-platform: resolve shell dynamically in bash tool (Git Bash/cmd.exe), use findExecutable for ripgrep in grep tool, handle CRLF in read/write/ worktree-manager/auto-merger, use killProcessGracefully for process cleanup. Build: remove stale Python/Graphiti extraResources from package.json, update spec_runner.py marker to session/runner.ts, deduplicate AGENT_CONFIGS in tools/registry.ts, remove hollow test assertion. i18n: add 11 missing FR translation keys in onboarding.json (Ollama config, Voyage embedding model), add memory.info section to en/fr common.json, replace 4 hardcoded strings in MemoriesTab.tsx with t() calls. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * provider and auth improvements * harness changes * updates to provider features * pr update * websearch/browser * z-ai and account settings * upgrading model usage with cross provider * usageindication * Optimize usage monitoring: reduce API calls, fix false needs-reauth - Increase polling interval from 30s to 60s for active profile - Increase inactive profile cache TTL from 60s to 5 minutes - Add adaptive cache: drops to 60s when active usage >80% session or >90% weekly - Add request coalescing for getAllProfilesUsage() to prevent duplicate fetches - Stagger same-provider fetches with 15s delay (prevents burst-hitting same API) - Add 10-minute backoff for 429 rate limits (vs 2min general failure cooldown) - Stop force-refreshing on AccountSettings open (use cached data + push updates) - Fix false "needs re-auth" flag: clear needsReauthProfiles when valid token obtained - Remove noisy ProjectStore subtask completion diagnostic logging Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * usage+worktree+harness * oauth+structuredoutput * husky fixes * onboarding and memorycleanup * memorycleanup * new spec system * fixes * fix: resolve CodeQL high and medium security alerts Address 60+ CodeQL security findings blocking PR merge: - Insecure temp files: use mkdtempSync + atomic write-rename (26 alerts) - TOCTOU race conditions: replace existsSync→act with try/catch (8 alerts) - Shell injection: replace execSync with execFileSync + args array (1 alert) - Network data validation: add type checks before disk writes (10 alerts) - File data in requests: validate tokens/credentials before use (6 alerts) - Log injection: sanitize control characters before logging (3 alerts) - Incomplete string escaping: eliminate shell interpolation (1 alert) - Dead code: remove useless conditionals and assignments (5 alerts) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: resolve remaining 7 CodeQL high-severity TOCTOU race conditions - read.ts: use fstat via fd for PDF size, avoid stat→readFile gap - spec-number-lock.ts: remove existsSync pre-checks, rely on atomic wx flag and direct readFileSync with ENOENT handling - settings-utils.ts: remove access() pre-check, readFile directly with catch - log-service.ts: derive sizeBytes from Buffer.byteLength of read content instead of separate statSync - roadmap.ts: serialize from in-memory data to avoid re-read gap - subtask-iterator-restamp.test.ts: use fd.stat() + fd.readFile() on same fd Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * chore: trigger CodeQL re-evaluation Force GitHub code scanning PR check to re-evaluate after security fixes. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: eliminate TOCTOU by using fd-based file operations throughout - read.ts: open fd once, use fstatSync + readFileSync(fd) for all paths (directory check, image, PDF, text) through a single file descriptor - roadmap.ts: read via openSync/readFileSync(fd) instead of path-based read to decouple the "check" from the subsequent writeFileSync - subtask-iterator-restamp.test.ts: use fd.stat() instead of path-based stat for mtime recording Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: resolve remaining TOCTOU alerts in roadmap, test, and bump-version - roadmap.ts: atomic write via temp file + rename to break path flow - subtask-iterator-restamp.test.ts: compare content snapshots instead of stat+read (eliminates multi-operation path reuse) - bump-version.js: replace existsSync pre-checks with try/catch on read Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
254 lines
10 KiB
Markdown
254 lines
10 KiB
Markdown
# Release Process
|
|
|
|
This document describes how releases are created for Auto Claude.
|
|
|
|
## Overview
|
|
|
|
Auto Claude uses an automated release pipeline that ensures releases are only published after all builds succeed. This prevents version mismatches between documentation and actual releases.
|
|
|
|
```
|
|
┌─────────────────────────────────────────────────────────────────────────────┐
|
|
│ RELEASE FLOW │
|
|
├─────────────────────────────────────────────────────────────────────────────┤
|
|
│ │
|
|
│ develop branch main branch │
|
|
│ ────────────── ─────────── │
|
|
│ │ │ │
|
|
│ │ 1. bump-version.js │ │
|
|
│ │ (creates commit) │ │
|
|
│ │ │ │
|
|
│ ▼ │ │
|
|
│ ┌─────────┐ │ │
|
|
│ │ v2.8.0 │ 2. Create PR │ │
|
|
│ │ commit │ ────────────────────► │ │
|
|
│ └─────────┘ │ │
|
|
│ │ │
|
|
│ 3. Merge PR ▼ │
|
|
│ ┌──────────┐ │
|
|
│ │ v2.8.0 │ │
|
|
│ │ on main │ │
|
|
│ └────┬─────┘ │
|
|
│ │ │
|
|
│ ┌───────────────────┴───────────────────┐ │
|
|
│ │ GitHub Actions (automatic) │ │
|
|
│ ├───────────────────────────────────────┤ │
|
|
│ │ 4. prepare-release.yml │ │
|
|
│ │ - Detects version > latest tag │ │
|
|
│ │ - Creates tag v2.8.0 │ │
|
|
│ │ │ │
|
|
│ │ 5. release.yml (triggered by tag) │ │
|
|
│ │ - Builds macOS (Intel + ARM) │ │
|
|
│ │ - Builds Windows │ │
|
|
│ │ - Builds Linux │ │
|
|
│ │ - Generates changelog │ │
|
|
│ │ - Creates GitHub release │ │
|
|
│ │ - Updates README │ │
|
|
│ └───────────────────────────────────────┘ │
|
|
│ │
|
|
└─────────────────────────────────────────────────────────────────────────────┘
|
|
```
|
|
|
|
## For Maintainers: Creating a Release
|
|
|
|
### Step 1: Bump the Version
|
|
|
|
On your development branch (typically `develop` or a feature branch):
|
|
|
|
```bash
|
|
# Navigate to project root
|
|
cd /path/to/auto-claude
|
|
|
|
# Bump version (choose one)
|
|
node scripts/bump-version.js patch # 2.7.1 -> 2.7.2 (bug fixes)
|
|
node scripts/bump-version.js minor # 2.7.1 -> 2.8.0 (new features)
|
|
node scripts/bump-version.js major # 2.7.1 -> 3.0.0 (breaking changes)
|
|
node scripts/bump-version.js 2.8.0 # Set specific version
|
|
```
|
|
|
|
This will:
|
|
- Update `apps/desktop/package.json`
|
|
- Update `package.json` (root)
|
|
- Check if `CHANGELOG.md` has an entry for the new version (warns if missing)
|
|
- Create a commit with message `chore: bump version to X.Y.Z`
|
|
|
|
### Step 2: Update CHANGELOG.md (REQUIRED)
|
|
|
|
**IMPORTANT: The release will fail if CHANGELOG.md doesn't have an entry for the new version.**
|
|
|
|
Add release notes to `CHANGELOG.md` at the top of the file:
|
|
|
|
```markdown
|
|
## 2.8.0 - Your Release Title
|
|
|
|
### ✨ New Features
|
|
- Feature description
|
|
|
|
### 🛠️ Improvements
|
|
- Improvement description
|
|
|
|
### 🐛 Bug Fixes
|
|
- Fix description
|
|
|
|
---
|
|
```
|
|
|
|
Then amend the version bump commit:
|
|
|
|
```bash
|
|
git add CHANGELOG.md
|
|
git commit --amend --no-edit
|
|
```
|
|
|
|
### Step 3: Push and Create PR
|
|
|
|
```bash
|
|
# Push your branch
|
|
git push origin your-branch
|
|
|
|
# Create PR to main (via GitHub UI or gh CLI)
|
|
gh pr create --base main --title "Release v2.8.0"
|
|
```
|
|
|
|
### Step 4: Merge to Main
|
|
|
|
Once the PR is approved and merged to `main`, GitHub Actions will automatically:
|
|
|
|
1. **Detect the version bump** (`prepare-release.yml`)
|
|
2. **Validate CHANGELOG.md** has an entry for the new version (FAILS if missing)
|
|
3. **Extract release notes** from CHANGELOG.md
|
|
4. **Create a git tag** (e.g., `v2.8.0`)
|
|
5. **Trigger the release workflow** (`release.yml`)
|
|
6. **Build binaries** for all platforms:
|
|
- macOS Intel (x64) - code signed & notarized
|
|
- macOS Apple Silicon (arm64) - code signed & notarized
|
|
- Windows (NSIS installer) - code signed
|
|
- Linux (AppImage + .deb)
|
|
7. **Scan binaries** with VirusTotal
|
|
8. **Create GitHub release** with release notes from CHANGELOG.md
|
|
9. **Update README** with new version badge and download links
|
|
|
|
### Step 5: Verify
|
|
|
|
After merging, check:
|
|
- [GitHub Actions](https://github.com/AndyMik90/Auto-Claude/actions) - ensure all workflows pass
|
|
- [Releases](https://github.com/AndyMik90/Auto-Claude/releases) - verify release was created
|
|
- [README](https://github.com/AndyMik90/Auto-Claude#download) - confirm version updated
|
|
|
|
## Version Numbering
|
|
|
|
We follow [Semantic Versioning](https://semver.org/):
|
|
|
|
- **MAJOR** (X.0.0): Breaking changes, incompatible API changes
|
|
- **MINOR** (0.X.0): New features, backwards compatible
|
|
- **PATCH** (0.0.X): Bug fixes, backwards compatible
|
|
|
|
## Changelog Management
|
|
|
|
Release notes are managed in `CHANGELOG.md` and used for GitHub releases.
|
|
|
|
### Changelog Format
|
|
|
|
Each version entry in `CHANGELOG.md` should follow this format:
|
|
|
|
```markdown
|
|
## X.Y.Z - Release Title
|
|
|
|
### ✨ New Features
|
|
- Feature description with context
|
|
|
|
### 🛠️ Improvements
|
|
- Improvement description
|
|
|
|
### 🐛 Bug Fixes
|
|
- Fix description
|
|
|
|
---
|
|
```
|
|
|
|
### Changelog Validation
|
|
|
|
The release workflow **validates** that `CHANGELOG.md` has an entry for the version being released:
|
|
|
|
- If the entry is **missing**, the release is **blocked** with a clear error message
|
|
- If the entry **exists**, its content is used for the GitHub release notes
|
|
|
|
### Writing Good Release Notes
|
|
|
|
- **Be specific**: Instead of "Fixed bug", write "Fixed crash when opening large files"
|
|
- **Group by impact**: Features first, then improvements, then fixes
|
|
- **Credit contributors**: Mention contributors for significant changes
|
|
- **Link issues**: Reference GitHub issues where relevant (e.g., "Fixes #123")
|
|
|
|
## Workflows
|
|
|
|
| Workflow | Trigger | Purpose |
|
|
|----------|---------|---------|
|
|
| `prepare-release.yml` | Push to `main` | Detects version bump, **validates CHANGELOG.md**, creates tag |
|
|
| `release.yml` | Tag `v*` pushed | Builds binaries, extracts changelog, creates release |
|
|
| `update-readme` (in release.yml) | After release | Updates README with new version |
|
|
|
|
## Troubleshooting
|
|
|
|
### Release didn't trigger after merge
|
|
|
|
1. Check if version in `package.json` is greater than latest tag:
|
|
```bash
|
|
git tag -l 'v*' --sort=-version:refname | head -1
|
|
cat apps/desktop/package.json | grep version
|
|
```
|
|
|
|
2. Ensure the merge commit touched `package.json`:
|
|
```bash
|
|
git diff HEAD~1 --name-only | grep package.json
|
|
```
|
|
|
|
### Release blocked: Missing changelog entry
|
|
|
|
If you see "CHANGELOG VALIDATION FAILED" in the workflow:
|
|
|
|
1. The `prepare-release.yml` workflow validated that `CHANGELOG.md` doesn't have an entry for the new version
|
|
2. **Fix**: Add an entry to `CHANGELOG.md` with the format `## X.Y.Z - Title`
|
|
3. Commit and push the changelog update
|
|
4. The workflow will automatically retry when the changes are pushed to `main`
|
|
|
|
```bash
|
|
# Add changelog entry, then:
|
|
git add CHANGELOG.md
|
|
git commit -m "docs: add changelog for vX.Y.Z"
|
|
git push origin main
|
|
```
|
|
|
|
### Build failed after tag was created
|
|
|
|
- The release won't be published if builds fail
|
|
- Fix the issue and create a new patch version
|
|
- Don't reuse failed version numbers
|
|
|
|
### README shows wrong version
|
|
|
|
- README is only updated after successful release
|
|
- If release failed, README keeps the previous version (this is intentional)
|
|
- Once you successfully release, README will update automatically
|
|
|
|
## Manual Release (Emergency Only)
|
|
|
|
In rare cases where you need to bypass the automated flow:
|
|
|
|
```bash
|
|
# Create tag manually (NOT RECOMMENDED)
|
|
git tag -a v2.8.0 -m "Release v2.8.0"
|
|
git push origin v2.8.0
|
|
|
|
# This will trigger release.yml directly
|
|
```
|
|
|
|
**Warning:** Only do this if you're certain the version in package.json matches the tag.
|
|
|
|
## Security
|
|
|
|
- All macOS binaries are code signed with Apple Developer certificate
|
|
- All macOS binaries are notarized by Apple
|
|
- Windows binaries are code signed
|
|
- All binaries are scanned with VirusTotal
|
|
- SHA256 checksums are generated for all artifacts
|