Source of truth: CHANGELOG.md on GitHub

Changelog

All notable changes to OwlCoda are documented here.

Runtime version truth comes from [package.json](package.json) and is

exposed at runtime through [src/version.ts](src/version.ts) and

owlcoda --version.

[0.1.19] — 2026-05-10

Public router release for renderer robustness and bounded LLM-summary

auto-compact, sourced from private 0.13.98 / commits b31964b, f45f14c,

773e181, and 789631e.

Renderer Robustness

  • Add fixture coverage for CJK spaceless numbered lists, underscore

    • identifiers in prose, ASCII pipe-frame diagrams, and HR/prose glue.

  • Disable accidental underscore italics in prose and split glued horizontal

    • rules without disturbing code or table boundaries.

  • Keep streaming timeout errors normalized through the renderer path.

Bounded Compaction

  • Add bounded LLM-summary auto-compact helpers and tests so long headless runs

    • can compact within an explicit context budget.

  • Wire headless context-window and compaction-model settings through the

    • conversation loop.

Release Routing

  • Preserve the public package line at 0.1.19; private-only website,

    • internal, QA, handoff, design-decision, and scratch paths are not included in

    this release.

[0.1.18] — 2026-05-09

Public router release for stream lifecycle timeout handling, sourced from

private 0.13.97 / commits 735494c and 4740fd9.

Stream Lifecycle

  • Split request-start, pre-first-token, and mid-stream timeout handling so

    • diagnostics point to the actual failing phase.

  • Ensure active streams are killed on lifecycle timeout instead of leaving the

    • runtime in a stuck in-flight state.

  • Update provider-error and messages integration coverage for the new timeout

    • taxonomy.

Configuration

  • Add config validation and defaults for stream lifecycle timeout controls.

Release Routing

  • Preserve the public package line at 0.1.18; private-only website,

    • internal, QA, handoff, design-decision, and scratch paths are not included in

    this release.

[0.1.17] — 2026-05-09

Public router release for markdown rendering unification and stale-build

visibility, sourced from private 0.13.88-0.13.96 / commits 22f29b1,

4ba7917, a43bb2e, d709dd4, be38428, 42b335c, 405cfff,

f56c056, eb3a8dc, 800a0fa, b0b6e6e, 4c06453, 80dc335,

9e36f87, e47794e, 90ace85, and c48464b.

Markdown Renderer

  • Route streaming and non-streaming markdown through a shared normalizer and

    • token renderer.

  • Add a fixture suite for glued headings, fences, tables, ordered lists, CJK

    • prose, inline code, and mixed bullet/numbered-list cases.

  • Fix blank-token handling in streaming markdown and keep failure-recovery

    • matching exact.

Build Visibility

  • Add build metadata after npm run build so --version and runtime banners

    • can surface the actual git build tag and dirty state.

  • Warn when a daemon version differs from the current CLI binary instead of

    • hiding stale-dist mismatches.

Release Routing

  • Preserve the public package line at 0.1.17; private-only website,

    • internal, QA, handoff, design-decision, and scratch paths are not included in

    this release.

[0.1.16] — 2026-05-09

Public router release for O(1) transcript-window computation and task-contract

classification, sourced from private 0.13.85-0.13.87 / commits dbf8e25,

0949bb8, 672a1c8, ec01019, and 544d419.

Transcript Runtime

  • Cache transcript offsets so visible-window selection no longer recounts the

    • whole transcript on each spinner tick.

  • Cap non-virtual visible items and separate the scroll indicator leaf from

    • transcript row rendering.

  • Add regression coverage that keeps stable transcript rows from recomputing

    • during spinner-only updates.

Task Contract

  • Replace broad write-intent regexes with a classifier-oriented task contract

    • so analysis/meta-prompt/negation cases do not trip write-required behavior.

  • Add focused tests for write-required, analysis-only, and negated-intent

    • prompts.

Release Routing

  • Preserve the public package line at 0.1.16; private-only website,

    • internal, QA, handoff, design-decision, and scratch paths are not included in

    this release.

[0.1.15] — 2026-05-08

Public router release for retry and failure-recovery behavior, sourced from

private 0.13.78-0.13.84 / commits 3c0fbbc, 2c4feab, b2abba9,

59122e5, c477053, 54526b3, feb805d, bde27d5, c14fb88,

dc9cca2, 111c083, 275b1bb, d800fc8, cd437e2, 76230e7,

29ff918, ef03da6, 1c303ff, and c2a485c.

Failure Recovery

  • Add structured /retry side effects so forced resubmits go through the

    • regular submit path and clear stale runtime-failure state first.

  • Preserve queued input after non-drainable failures instead of silently

    • dropping user text, with an explicit transcript warning and /clear reset.

  • Close orphaned tool_use turns on loop-guard hard exits so the conversation

    • protocol remains valid after a blocked run.

Runtime Guidance

  • Add classifier-driven failed-continuation handling and expensive-failure

    • guidance for requests that should be batched or narrowed instead of retried

    indefinitely.

  • Reduce automatic runtime retry defaults so stuck upstreams surface a clear

    • recovery path faster.

Release Routing

  • Preserve the public package line at 0.1.15; private-only website,

    • internal, QA, handoff, design-decision, and scratch paths are not included in

    this release.

[0.1.14] — 2026-05-08

Public router release for paste handling and transcript rendering

performance, sourced from private 0.13.72-0.13.77 / commits 20cb22a,

b269195, 0cb6548, 43af282, and 84d149a.

Terminal Performance

  • Collapse large paste bursts before they inflate the visible composer and

    • transcript.

  • Lower the wrap-bypass threshold and cache transcript render work so long

    • pasted payloads do not churn the terminal on every spinner tick.

  • Memoize transcript rows and virtualize the transcript window so long runs

    • keep current output responsive.

Paste / Width Handling

  • Add stale placeholder pruning for paste stores after input edits.
  • Preserve accurate cursor movement for wide characters and terminal-width

    • calculations.

Release Routing

  • Preserve the public package line at 0.1.14; private-only website,

    • internal, QA, handoff, design-decision, and scratch paths are not included in

    this release.

[0.1.13] — 2026-05-08

Public router release for loop-guard and execution-economics hardening,

sourced from private 0.13.66-0.13.71 / commits 1f9cbac, 4398e5d,

5362db4, 91db803, f96c103, and 447f8b0.

Runtime Guardrails

  • Detect narration loops where the model promises to write or patch but never

    • takes the corresponding action.

  • Add a task-no-progress hard ceiling that uses lifetime iteration state rather

    • than only a short rolling window.

  • Add repeated-read nudges so agents reuse prior evidence instead of re-reading

    • the same files indefinitely.

Execution Economics

  • Add the first production gate for execution-economics tracking.
  • Add evidence-ledger nudges for repeated Glob and Grep calls.
  • Add failure-ladder prompt guidance so long runs move toward concrete evidence

    • and user-facing blockers instead of cost-burn loops.

Release Routing

  • Preserve the public package line at 0.1.13; private-only website,

    • internal, QA, handoff, design-decision, and scratch paths are not included in

    this release.

[0.1.12] — 2026-05-07

Public router release for runtime budget and loop-safety hardening, sourced

from private 0.13.62-0.13.65 / commits f44a1bf, 8154165, c3e10a5,

and 03118ca.

Agent Runtime

  • Add heap-pressure compact handling and a dispatcher short-circuit for

    • repeated schema-failure loops.

  • Treat repeated same-kind failures as a cost-burn signal before retry chains

    • grow unbounded.

  • Handle stop_reason=max_tokens with runtime continuation guidance instead

    • of leaving truncated replies as dead ends.

  • Raise the default max output budget to 32,768 tokens, with an environment

    • override for operators.

Release Routing

  • Preserve the public package line at 0.1.12; private-only website,

    • internal, QA, handoff, design-decision, and scratch paths are not included in

    this release.

[0.1.11] — 2026-05-07

Public router release for sub-agent watchdogs, engineering prompt discipline,

self-recoverable tool diagnostics, structured tool output clarity, and the

read-path fs-policy export fix, sourced from private 0.13.57-0.13.61 /

commits ac49e0a, 9a9193a, 1ec0f14, b21333d, and d0e623b.

Agent Runtime

  • Add a two-axis Agent watchdog: an idle timeout that resets on real progress

    • signals and an absolute max-runtime ceiling for wedged sub-agent runs.

  • Surface structured timeout metadata, elapsed time, and last-progress evidence

    • instead of leaving long sub-agent silence ambiguous.

  • Keep both watchdog axes env-tunable for operators that need longer trusted

    • runs.

Prompt / Task Discipline

  • Tighten engineering prompt guidance around long-context work, explicit

    • assumptions, and focused execution.

  • Carry the runtime task-state checks forward so analysis-only user intent does

    • not silently become file mutation.

Tools

  • Add self-recoverable tool-schema error messages so models get actionable

    • repair guidance for malformed tool calls.

  • Improve line-ending awareness and replace-all behavior in edit/write flows.
  • Make Bash, Grep, and Read output clearer and more structured, including read

    • path headers and grep context diagnostics.

  • Include the checkReadPathAllowed export and focused fs-policy tests needed

    • by the 0.13.60 read-path behavior.

Release Routing

  • Preserve the public package line at 0.1.11; private-only website,

    • internal, QA, handoff, design-decision, and scratch paths are not included in

    this release.

[0.1.10] — 2026-05-06

Public router release for runtime safety, loop-intercept behavior, and

negative-probe guard handling, sourced from private 0.13.55-0.13.56 /

commits 1689efb and 1d237a0.

Runtime Safety

  • Default repeated tool-loop handling now returns a soft

    • [Runtime loop intercept] tool result on the first same-intent hit,

    asking the model to explain the root cause, propose 1-3 concrete patch

    options, and ask the user before retrying.

  • OWLCODA_LOOP_INTERCEPT=hard preserves the previous immediate

    • hard-terminate behavior for operators and regression tests.

  • A second loop trigger for the same intent still terminates as a hard

    • tool-loop violation, so the soft path does not re-open unbounded retry

    cost burn.

Probe Guarding

  • Register ProbePlan in the public native dispatcher and REPL path so

    • runtime probe coverage can be tracked in public builds.

  • Negative probes with expectedOutcome=intentGuardBlocked no longer use

    • the positive-probe consent override; they must actually emit the tool

    call and be refused by the structured intent guard.

  • metadata.intentGuardBlocked === true is now the required signal for

    • satisfying an intent-guard-blocked probe, letting runtime notices report

    Probe coverage: A:A_LEAK satisfied instead of falling through to

    operator approval or generic denial paths.

Release Routing

  • Preserve the public package line at 0.1.10; private-only website,

    • internal, QA, handoff, design-decision, and scratch paths are not

    included in this release.

[0.1.9] — 2026-05-05

Public router release for terminal rendering stability, streaming transcript

growth, markdown boundary handling, and Admin explicit default-model behavior,

sourced from private commits e4a5a54, 60709f9, f0ca2b7, e4e0abf,

bb589ac, and ab309b2.

Runtime / TUI

  • Prefer safe repaint for native output and unify main-screen repaint ownership

    • so static transcript commits own scrollback while full repaint stays

    viewport-bounded.

  • Preserve readable copied terminal output by writing literal spaces during

    • safe repaint inter-cell advances instead of cursor-forward escape sequences.

  • Commit streamed assistant chunks directly into the scrollable transcript so

    • long answers grow live instead of appearing only in a clipped preview window.

Markdown

  • Protect streaming markdown header and table boundaries so partial table

    • separators and pipe-bearing headers do not render as stray artifacts.

Admin / Models

  • Verify explicit Admin default-model choices are honored at launch and in

    • config display.

Release Routing

  • Preserve the public package line at 0.1.9; no private-only website,

    • internal, or execution-prompt paths are included in this release.

[0.1.8] — 2026-04-30

Public router hotfix for Xiaomi MiMo token-plan onboarding, sourced from

private commit 4399013.

Admin

  • Add Xiaomi MiMo token-plan provider presets for the Anthropic-compatible

    • https://token-plan-sgp.xiaomimimo.com/anthropic route and the

    OpenAI-compatible https://token-plan-sgp.xiaomimimo.com/v1 route.

Runtime

  • Default the MiMo preset to the provider-supported lowercase backend model id

    • mimo-v2.5-pro, normalize older display-style MiMo-V2.5-Pro configs at

    runtime, and route OpenAI-compatible /v1 base URLs to /chat/completions.

Release Routing

  • Preserve the public package line at 0.1.8; no private-only website,

    • internal, or execution-prompt paths are included in this release.

[0.1.7] — 2026-04-30

Public router hotfix for Ubuntu first-run Node compatibility, sourced from private commit 7df4243.

Runtime

  • Raise the public runtime floor to Node.js 20.19+ to match the current Ink, Vite, string-width, undici, and related dependency graph.
  • Add an early CLI preflight so Node 18 exits with a clear upgrade message instead of falling through to Invalid regular expression flags during REPL dependency import.

Release Routing

  • Preserve the public package line at 0.1.7; no private-only website, internal, or execution-prompt paths are included in this release.

[0.1.6] — 2026-04-29

Public router release for Windows cloud-first MiniMax onboarding, sourced from private commit 143474c.

Admin

  • Add provider catalog density for first-run model setup, including MiniMax global and China presets.
  • Add router presets on the Start page so Windows users can pick a local runtime shape without memorizing default ports.

Runtime

  • Split MiniMax global api.minimax.io and China api.minimaxi.com Anthropic-compatible endpoints.
  • Demote the legacy your-default-model placeholder so a newly saved cloud provider becomes the usable default.
  • Harden provider probes across /models, /chat/completions, and Messages-shaped endpoints.

Release Routing

  • Preserve the public package line at 0.1.6; the private execution prompt for this fix remains excluded from main.

[0.1.5] — 2026-04-28

Public router release for admin readiness polish and native completion-guard hardening, sourced from private commit a9b9479.

Admin

  • Add the Runs view and first-run readiness polish used by the public admin workflow.
  • Surface snapshot freshness and the public router version in the admin header.

Runtime

  • Treat sustained-work final reports with elapsed time, checkpoints, tests, cleanup, fallback, repo-change status, and remaining-risk evidence as durable task completion.
  • Keep write-intended tasks conservative when explicit path scope has not produced file changes yet.

Release Routing

  • Preserve the public package line at 0.1.5; private-only website source, brand source assets, and execution prompts remain excluded from main.

[0.1.4] — 2026-04-26

Public router security and cmux stress-path hardening release, sourced from the private source line.

Security

  • Deny unsafe headless tools by default unless explicitly auto-approved, and expose approval decisions in headless output.
  • Add write/edit/NotebookEdit filesystem guardrails that reject path escapes, sensitive locations, and symlink escapes before mutation.
  • Centralize bash risk classification and route headless, TUI permission warnings, and legacy runtime bash checks through the same policy.

Reliability

  • Stop parent continuation after terminal sub-agent failures so incomplete agent runs do not invite model improvisation.
  • Make sub-agent iteration budgets explicit: Explore defaults to 80 iterations, general-purpose agents default to 200, and explicit overrides remain honored.
  • Add low-churn terminal detection for cmux-style mediated terminals and document the escape hatch.

[0.1.3] — 2026-04-26

Public trust-surface cleanup for the published router repo.

Changed

  • README.md / README.zh.md and model-workbench tests use

    • neutral "user-configured Messages-shaped provider" wording instead

    of naming one upstream vendor as a built-in public backend.

  • skills/collaboration/writing-plans/SKILL.md now refers to a

    • generic executor instead of a host-app-specific assistant name.

  • scripts/postbuild.mjs removes generated dist/**/*.map files

    • after build so the published package stays focused on runtime

    artifacts.

Added

  • NOTICE.md documents methodology-pack attribution for adapted

    • public skills and names the upstream ecosystems whose patterns

    influenced the curated OwlCoda skill pack.

[0.1.2] — 2026-04-25

User-facing README rewrite + second-pass legal-positioning polish.

Changed

  • README.md / README.zh.md rewritten to put OwlCoda first:

    • installation, supported backend matrix (local: Ollama / LM Studio /

    vLLM; cloud: Kimi / Moonshot / MiniMax / OpenRouter / Bailian /

    OpenAI / user-configured Messages-shaped providers / custom), and concrete config snippets per

    provider. The previous README read as an Ollama tutorial; the new

    one reads as the OwlCoda manual it should be.

  • admin/src/pages/StartPage.tsx — the local-runtime protocol

    • picker option labeled Anthropic messages is now `Messages-shaped

    API`; the help text references "Anthropic-compatible providers

    and similar gateways" rather than naming a single vendor.

  • tests/provider-probe.test.ts — third-party model name fixtures

    • replaced with neutral messages-vendor-* names.

  • `skills/collaboration/{using-git-worktrees, phase-prompting,

    • receiving-code-review}/SKILL.md — generic AGENTS.md` /

    instruction phrasing replaces the host-app-specific filename

    that the original methodology pack used.

Added

  • skills/README.md — explicit positioning of the in-tree pack as

    • an OwlCoda curated methodology pack, with a non-list of

    third-party SaaS skills that intentionally do not ship here.

Removed

  • skills/meta/ — the maintenance / governance scripts under

    • gardening-skills-wiki, pulling-updates-from-skills-repository,

    sharing-skills, testing-skills-with-subagents, and

    writing-skills were tooling for an upstream skill-pack

    ecosystem, not user-facing capability. Several of them carried

    hardcoded host paths that pointed at an external maintainer's

    local checkout.

[0.1.1] — 2026-04-25

Legal-positioning and provenance polish. No runtime behavior change.

Removed

  • skills/collaboration/remembering-conversations/ — depended on a

    • third-party AI agent SDK at runtime and on a host-app hook

    directory for deployment, neither of which fit OwlCoda's

    independent posture. Users who want conversation-recall workflows

    should install a third-party skill pack rather than ship one

    in-tree.

  • skills/debugging/systematic-debugging/CREATION-LOG.md — extraction

    • log referencing a third-party developer's home directory; not

    user-facing content.

Changed

  • NOTICE.md adds a "Protocol Interoperability vs Affiliation"

    • section that explicitly disclaims any partnership / endorsement /

    derivative-work claim with respect to third parties whose wire

    formats OwlCoda implements (Messages-shaped API, OpenAI Chat

    Completions). The @anthropic-ai/sdk devDependency is

    documented as an interoperability test artifact, not a runtime

    dependency.

  • README.md / README.zh.md architecture diagram says

    • "Messages-shaped API" instead of naming a single upstream vendor,

    matching the protocol-not-affiliation posture.

  • skills/collaboration/using-git-worktrees/SKILL.md,

    • skills/debugging/root-cause-tracing/SKILL.md, and

    scripts/smoke-presentation.mjs had hardcoded third-party

    developer paths and model names replaced with neutral

    /Users/example/... and generic model identifiers.

[0.1.0] — 2026-04-25

Initial public release. OwlCoda enters the public source tree as a

**Developer Preview** — feature-complete enough for daily use, but

the API surface, slash-command set, and config schema may still

evolve before 1.0.

Native REPL

  • Default interactive path: native REPL with 42+ built-in tools

    • (Bash, Read, Write, Glob, Grep, MCP-served tools, more) and 69+

    slash commands.

  • Selection-first transcript surface: terminal-native drag-select

    • and copy stay available on the primary screen.

  • Multi-client live REPL with a shared daemon, per-client session

    • affinity, and live clients list / clients detach control plane.

  • Session persistence under ~/.owlcoda/sessions/, including

    • --resume id|last, /sessions, /tag, /branch, /history.

  • Headless mode: owlcoda -p "..." and owlcoda run --prompt "..."

    • return end-to-end LLM responses with full tool support.

Protocol & routing

  • Anthropic Messages API ↔ OpenAI Chat Completions translation,

    • including streaming + non-streaming + tool-use protocol.

  • Multi-backend auto-discovery (Ollama 11434, LM Studio 1234, vLLM

    • 8000) and intent-aware routing across local + cloud catalogs.

  • Production middleware: retry, rate-limit, fallback, circuit

    • breaker, response cache (LRU 100 / 5 min TTL), per-model timeout

    override, hot config reload.

Skills (L2)

  • TF-IDF–matched skill injection from ~/.owlcoda/skills/ and

    • the curated skill pack into the system prompt at request time.

  • owlcoda skills CLI: `info / list / show / synth / delete /

    • search / match / stats / cleanup / export / import`.

  • Auto-synthesis pipeline that extracts reusable skills from

    • complex completed sessions.

Training data pipeline (L3, opt-in / off by default)

  • Quality-scored session collection (5 weighted dimensions),

    • PII sanitization before disk write, JSONL / ShareGPT / insights

    export formats. Disabled unless explicitly opted-in via

    trainingCollection: true in config.json or

    OWLCODA_TRAINING_COLLECTION=1.

Browser admin

  • owlcoda ui / owlcoda admin prints a one-shot admin URL.
  • --open-browser to launch directly; --route and --select

    • for focused handoffs to specific admin views.

  • Provider failure diagnostics unified across main agent,

    • subagent, /v1/messages, /v1/chat/completions, admin

    test connection, and /warmup.

Diagnostics & observability

  • owlcoda doctor — environment, runtime, and model health.
  • `owlcoda config / validate / models / health / status / inspect /

    • audit / cache / logs / benchmark / export`.

  • HTTP API: /v1/perf, /v1/latency, /v1/cost, /v1/recommend,

    • /v1/usage, /v1/audit, /v1/cache, /v1/skills,

    /v1/insights/:sessionId, /v1/training/*, /v1/captures,

    /v1/search, /openapi.json, /metrics.

Privacy posture

  • Sessions stay local under ~/.owlcoda/. Training data

    • collection is opt-in. Nothing is uploaded to any external

    service by OwlCoda itself.

Known limitations

  • Mouse-wheel transcript scrollback is not yet routed through the

    • in-tree Ink fork. Use PgUp / PgDn / Ctrl+↓ or /history

    for in-app scrollback.

  • LSP tools require the user to install the corresponding

    • language server (typescript-language-server, pyright,

    rust-analyzer, gopls, etc.) and wire it via a plugin.

  • OAuth-style remote MCP servers are not yet supported; stdio MCP

    • servers are fully functional.