@tencent-ai/codebuddy-code 2.109.0 → 2.109.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +12 -0
- package/dist/codebuddy-headless.js +8 -8
- package/dist/codebuddy.js +9 -9
- package/dist/web-ui/docs/cn/cli/cli-reference.md +8 -3
- package/dist/web-ui/docs/cn/cli/env-vars.md +2 -1
- package/dist/web-ui/docs/cn/cli/iam.md +9 -5
- package/dist/web-ui/docs/cn/cli/interactive-mode.md +2 -2
- package/dist/web-ui/docs/cn/cli/permission-modes.md +373 -101
- package/dist/web-ui/docs/cn/cli/permissions.md +36 -14
- package/dist/web-ui/docs/cn/cli/prewarm.md +135 -0
- package/dist/web-ui/docs/cn/cli/release-notes/README.md +14 -0
- package/dist/web-ui/docs/cn/cli/release-notes/v2.106.0.md +48 -0
- package/dist/web-ui/docs/cn/cli/release-notes/v2.106.1.md +13 -0
- package/dist/web-ui/docs/cn/cli/release-notes/v2.106.2.md +24 -0
- package/dist/web-ui/docs/cn/cli/release-notes/v2.106.3.md +14 -0
- package/dist/web-ui/docs/cn/cli/release-notes/v2.106.4.md +24 -0
- package/dist/web-ui/docs/cn/cli/release-notes/v2.106.5.md +18 -0
- package/dist/web-ui/docs/cn/cli/release-notes/v2.106.6.md +15 -0
- package/dist/web-ui/docs/cn/cli/release-notes/v2.106.7.md +13 -0
- package/dist/web-ui/docs/cn/cli/release-notes/v2.107.0.md +30 -0
- package/dist/web-ui/docs/cn/cli/release-notes/v2.108.0.md +20 -0
- package/dist/web-ui/docs/cn/cli/release-notes/v2.108.1.md +15 -0
- package/dist/web-ui/docs/cn/cli/release-notes/v2.108.2.md +13 -0
- package/dist/web-ui/docs/cn/cli/release-notes/v2.109.0.md +24 -0
- package/dist/web-ui/docs/cn/cli/settings.md +166 -2
- package/dist/web-ui/docs/en/cli/cli-reference.md +15 -10
- package/dist/web-ui/docs/en/cli/env-vars.md +6 -5
- package/dist/web-ui/docs/en/cli/iam.md +9 -5
- package/dist/web-ui/docs/en/cli/interactive-mode.md +3 -3
- package/dist/web-ui/docs/en/cli/permission-modes.md +373 -101
- package/dist/web-ui/docs/en/cli/permissions.md +46 -24
- package/dist/web-ui/docs/en/cli/prewarm.md +125 -0
- package/dist/web-ui/docs/en/cli/release-notes/README.md +14 -0
- package/dist/web-ui/docs/en/cli/release-notes/v2.106.0.md +48 -0
- package/dist/web-ui/docs/en/cli/release-notes/v2.106.1.md +13 -0
- package/dist/web-ui/docs/en/cli/release-notes/v2.106.2.md +24 -0
- package/dist/web-ui/docs/en/cli/release-notes/v2.106.3.md +14 -0
- package/dist/web-ui/docs/en/cli/release-notes/v2.106.4.md +24 -0
- package/dist/web-ui/docs/en/cli/release-notes/v2.106.5.md +18 -0
- package/dist/web-ui/docs/en/cli/release-notes/v2.106.6.md +15 -0
- package/dist/web-ui/docs/en/cli/release-notes/v2.106.7.md +13 -0
- package/dist/web-ui/docs/en/cli/release-notes/v2.107.0.md +30 -0
- package/dist/web-ui/docs/en/cli/release-notes/v2.108.0.md +20 -0
- package/dist/web-ui/docs/en/cli/release-notes/v2.108.1.md +15 -0
- package/dist/web-ui/docs/en/cli/release-notes/v2.108.2.md +13 -0
- package/dist/web-ui/docs/en/cli/release-notes/v2.109.0.md +24 -0
- package/dist/web-ui/docs/en/cli/settings.md +166 -2
- package/dist/web-ui/docs/search-index-en.json +1 -1
- package/dist/web-ui/docs/search-index-zh.json +1 -1
- package/dist/web-ui/docs/sidebar-en.json +1 -1
- package/dist/web-ui/docs/sidebar-zh.json +1 -1
- package/package.json +1 -1
- package/product.cloudhosted.json +2 -2
- package/product.internal.json +2 -2
- package/product.ioa.json +2 -2
- package/product.json +2 -2
- package/product.selfhosted.json +2 -2
|
@@ -4,22 +4,43 @@
|
|
|
4
4
|
|
|
5
5
|
## Permission System Overview
|
|
6
6
|
|
|
7
|
-
CodeBuddy Code
|
|
7
|
+
CodeBuddy Code's permission system is not just "look at the current mode" — it is a layered evaluation chain. For each tool call, the determination roughly follows this order:
|
|
8
8
|
|
|
9
9
|
| Phase | Check | Behavior on match |
|
|
10
|
-
|
|
|
11
|
-
|
|
|
12
|
-
|
|
|
13
|
-
|
|
|
14
|
-
|
|
|
15
|
-
|
|
|
16
|
-
|
|
|
17
|
-
|
|
|
18
|
-
|
|
|
10
|
+
| :--- | :--- | :--- |
|
|
11
|
+
| 0 | **Hooks / interactive tool exceptions** | `PreToolUse` can directly allow / deny / ask; tools like `AskUserQuestion` inherently require interaction |
|
|
12
|
+
| 1 | **Deny rules** | Reject immediately, highest priority |
|
|
13
|
+
| 2 | **Trusted Allow rules** (user / CLI / session / policy / trusted project rules / `--allowedTools`) | Allow immediately, and **can bypass command safety checks** |
|
|
14
|
+
| 3 | **Command safety check** (interactive only) | Force confirmation for high-risk Bash commands |
|
|
15
|
+
| 4 | **Ask rules** | Force ask |
|
|
16
|
+
| 5 | **Bypass mode short-circuit** | `bypassPermissions` allows most actions here; if disabled, it degrades |
|
|
17
|
+
| 6 | **Untrusted Allow rules** (untrusted project rules, command / sandbox sources) | Can allow, but **cannot** bypass command safety checks from the previous step |
|
|
18
|
+
| 7 | **Permission Mode baseline strategy** | The current [Permission Mode](permission-modes.md) decides whether the default is allow or ask |
|
|
19
|
+
| 8 | **Non-interactive fallback** | When no approval dialog can be shown, converts unresolved `ask` to `deny` |
|
|
20
|
+
| 9 | **`dontAsk` / `auto` final catch** | `dontAsk` rewrites ask to deny; `auto` only handles ask and delegates to the classifier |
|
|
19
21
|
|
|
20
|
-
> **Key point**: deny always takes precedence
|
|
22
|
+
> **Key point 1**: `deny` always takes precedence.
|
|
23
|
+
>
|
|
24
|
+
> **Key point 2**: CodeBuddy splits `allow` into "trusted allow" and "untrusted allow" layers. Before you explicitly trust a project directory, `allow` rules in the repository's `.codebuddy/settings.json` / `.codebuddy/settings.local.json` **cannot bypass command safety checks**. This prevents malicious repositories from silently widening local security boundaries by committing their own settings.
|
|
25
|
+
>
|
|
26
|
+
> **Key point 3**: `auto` is not a replacement for the entire chain — it only handles "actions that would still result in ask at the end"; explicit `ask` rules do not enter the classifier.
|
|
21
27
|
|
|
22
|
-
Read-only tools (Read / Grep / Glob, etc.) do not prompt for approval by default inside trusted directories.
|
|
28
|
+
Read-only tools (Read / Grep / Glob, etc.) do not prompt for approval by default inside trusted directories. Edit, Bash, and most side-effect tools go through the full evaluation chain.
|
|
29
|
+
|
|
30
|
+
### Which Takes Precedence: Permission Modes or Rules?
|
|
31
|
+
|
|
32
|
+
The permission system can be understood as two layers:
|
|
33
|
+
|
|
34
|
+
- **Rule layer**: `deny` / `ask` / `allow`
|
|
35
|
+
- **Mode layer**: `default` / `acceptEdits` / `auto` / `dontAsk` / ...
|
|
36
|
+
|
|
37
|
+
In CodeBuddy, **rules typically take precedence over modes**. The most important examples:
|
|
38
|
+
|
|
39
|
+
- `deny` takes effect before any mode
|
|
40
|
+
- Explicit `ask` rules take effect before `auto`, so manual confirmation is still required
|
|
41
|
+
- `dontAsk` does not bypass rules; it only rewrites the final `ask` result to `deny`
|
|
42
|
+
- `bypassPermissions` does not erase preceding rules; `deny` / `ask` can still block it
|
|
43
|
+
- In interactive sessions, dangerous Bash commands may still enter ask due to safety checks, even under `bypassPermissions`
|
|
23
44
|
|
|
24
45
|
## Three Rule Behaviors
|
|
25
46
|
|
|
@@ -50,7 +71,7 @@ When **"Yes, don't ask again"** is selected in the dialog, CodeBuddy writes the
|
|
|
50
71
|
### CLI Startup Arguments
|
|
51
72
|
|
|
52
73
|
| Argument | Purpose |
|
|
53
|
-
|
|
|
74
|
+
| :--- | :--- |
|
|
54
75
|
| `--allowedTools <tools...>` | Process-level temporary allow rules. Separated by spaces or commas. Example: `--allowedTools "Bash(git:*) Edit"` |
|
|
55
76
|
| `--disallowedTools <tools...>` | Process-level temporary deny rules. Same as above |
|
|
56
77
|
| `--add-dir <path>` | Add an extra directory to the trusted directory scope (affects whether Read requires confirmation) |
|
|
@@ -58,10 +79,10 @@ When **"Yes, don't ask again"** is selected in the dialog, CodeBuddy writes the
|
|
|
58
79
|
|
|
59
80
|
### Configuration Files
|
|
60
81
|
|
|
61
|
-
See [Settings Configuration](settings.md) for details. CodeBuddy merges these
|
|
82
|
+
See [Settings Configuration](settings.md) for details. CodeBuddy merges these 4 scopes:
|
|
62
83
|
|
|
63
84
|
| Scope | Path |
|
|
64
|
-
|
|
|
85
|
+
| :----- | :--- |
|
|
65
86
|
| user | `~/.codebuddy/settings.json` |
|
|
66
87
|
| project | `<repo>/.codebuddy/settings.json` (committed to git) |
|
|
67
88
|
| project-local | `<repo>/.codebuddy/settings.local.json` (not committed to git, local override) |
|
|
@@ -76,7 +97,7 @@ Rule form: `Tool` or `Tool(specifier)`.
|
|
|
76
97
|
Remove the parentheses to match all calls to a tool:
|
|
77
98
|
|
|
78
99
|
| Rule | Meaning |
|
|
79
|
-
| :--- |
|
|
100
|
+
| :--- | :--- |
|
|
80
101
|
| `Bash` | All Bash commands |
|
|
81
102
|
| `WebFetch` | All web fetches |
|
|
82
103
|
| `Read` | All file reads |
|
|
@@ -89,7 +110,7 @@ Remove the parentheses to match all calls to a tool:
|
|
|
89
110
|
Write arguments inside the parentheses:
|
|
90
111
|
|
|
91
112
|
| Rule | Matches |
|
|
92
|
-
| :--- |
|
|
113
|
+
| :--- | :--- |
|
|
93
114
|
| `Bash(npm run build)` | Exact match for `npm run build` |
|
|
94
115
|
| `Bash(npm:*)` or `Bash(npm *)` | All commands starting with `npm` |
|
|
95
116
|
| `Read(./.env)` | `.env` in the current directory |
|
|
@@ -107,7 +128,7 @@ Write arguments inside the parentheses:
|
|
|
107
128
|
Bash rules support three syntax forms:
|
|
108
129
|
|
|
109
130
|
| Syntax | Meaning | Example |
|
|
110
|
-
|
|
|
131
|
+
| :--- | :--- | :--- |
|
|
111
132
|
| Exact match | The pattern is exactly equal to the command | `Bash(npm run build)` only matches `npm run build` |
|
|
112
133
|
| `:*` prefix | The pattern ends with `:*` → matches the first word / multi-word prefix of the command | `Bash(git:*)` matches `git status` / `git push origin main` |
|
|
113
134
|
| Wildcard | When the pattern contains `*`, matches as a bash glob pattern (**`*` can cross `/`**) | `Bash(npm run *)` matches `npm run build`; `Bash(ls *)` matches `ls -al /tmp/x` |
|
|
@@ -140,7 +161,7 @@ Commands containing `>` / `<` / `>>` / `<<` / `&>` require an **exact match** un
|
|
|
140
161
|
File rules use glob matching and perform three layers of path normalization:
|
|
141
162
|
|
|
142
163
|
| pattern | Explanation | Example |
|
|
143
|
-
| :------ |
|
|
164
|
+
| :------ | :--- | :--- |
|
|
144
165
|
| `//path` | Absolute filesystem path | `Read(//etc/hosts)` |
|
|
145
166
|
| `~/path` | Starting from the user's home directory | `Read(~/.zshrc)` |
|
|
146
167
|
| `/path` | Starting from the project root | `Edit(/src/**/*.ts)` |
|
|
@@ -167,7 +188,7 @@ Supports the `domain:` prefix for hostname matching (including subdomains).
|
|
|
167
188
|
MCP tools are named in the format `mcp__<server>__<tool>`. Rules support three granularities:
|
|
168
189
|
|
|
169
190
|
| Rule | Matches |
|
|
170
|
-
| :--- |
|
|
191
|
+
| :--- | :--- |
|
|
171
192
|
| `mcp__puppeteer` | All tools of the entire puppeteer server |
|
|
172
193
|
| `mcp__puppeteer__*` | Same as above (wildcard form) |
|
|
173
194
|
| `mcp__puppeteer__navigate` | Only the navigate tool |
|
|
@@ -211,7 +232,7 @@ By default, CodeBuddy only considers the **current working directory** trusted.
|
|
|
211
232
|
Several ways to expand the trusted scope:
|
|
212
233
|
|
|
213
234
|
| Method | Persistence |
|
|
214
|
-
|
|
|
235
|
+
| :--- | :--- |
|
|
215
236
|
| `--add-dir <path>` startup argument | Process-level |
|
|
216
237
|
| `/add-dir` command within a session | Session-level |
|
|
217
238
|
| `permissions.additionalDirectories` setting | Persistent |
|
|
@@ -263,15 +284,16 @@ The `PreToolUse` hook in the [Hooks system](hooks-guide.md) runs before permissi
|
|
|
263
284
|
Hook exit code semantics:
|
|
264
285
|
|
|
265
286
|
| Exit code | Behavior |
|
|
266
|
-
|
|
|
287
|
+
| :----- | :--- |
|
|
267
288
|
| `0` + JSON decision | Execute according to `permissionDecision` (allow / ask / deny) in the JSON |
|
|
268
289
|
| `2` | Block (stderr content is passed back to the model) |
|
|
269
290
|
| Other non-0 | Non-blocking error (shown but allowed) |
|
|
270
291
|
|
|
271
292
|
Notes:
|
|
272
293
|
|
|
273
|
-
-
|
|
274
|
-
-
|
|
294
|
+
- The structured `permissionDecision` from `PreToolUse` takes effect before regular permission rules: `allow` / `deny` / `ask` directly allows, rejects, or forces confirmation respectively
|
|
295
|
+
- Blocking hooks (exit code 2) can also short-circuit before regular allow rules, so you can "allow all Bash first, but use hooks to separately block a few specific commands"
|
|
296
|
+
- If you need unconditional hard boundaries, it is still recommended to prioritize `permissions.deny` for unified auditing in `/permissions` and settings
|
|
275
297
|
|
|
276
298
|
## Working with Sandboxing
|
|
277
299
|
|
|
@@ -0,0 +1,125 @@
|
|
|
1
|
+
# Prewarm Process Usage Guide
|
|
2
|
+
|
|
3
|
+
> Applicable to: `@tencent-ai/codebuddy-code` (`cbc` / `codebuddy`)
|
|
4
|
+
|
|
5
|
+
The prewarm process lets `cbc` **complete cold startup and suspend** (load bundle → container initialization → authentication → product configuration → MCP discovery), so that when awakened via local IPC it only needs to bind a working directory and can immediately serve. This is ideal for scenarios requiring "sub-second session startup" (e.g., serve/acp gateways, session pools, scheduler pre-launch).
|
|
6
|
+
|
|
7
|
+
**Benefit**: Local benchmarks show single-session startup wait reduced from approximately **3.7s** to **~1ms**.
|
|
8
|
+
|
|
9
|
+
> Disabled by default. Only enabled when `--prewarm` is explicitly passed; does not affect any existing usage.
|
|
10
|
+
|
|
11
|
+
## Quick Start
|
|
12
|
+
|
|
13
|
+
### 1. Start a Prewarmed Process (Standby)
|
|
14
|
+
|
|
15
|
+
```bash
|
|
16
|
+
cbc --prewarm --prewarm-id pool1
|
|
17
|
+
```
|
|
18
|
+
|
|
19
|
+
The process will complete cold startup, then suspend at a local IPC endpoint in standby (without binding a working directory):
|
|
20
|
+
- macOS / Linux: unix socket `/tmp/codebuddy-prewarm-pool1.sock` (permission `0600`, current user only)
|
|
21
|
+
- Windows: named pipe `\\.\pipe\codebuddy-prewarm-pool1`
|
|
22
|
+
|
|
23
|
+
`--prewarm-id` can be omitted; defaults to using the process PID as the identifier.
|
|
24
|
+
|
|
25
|
+
### 2. List / Activate (Lightweight Management Command `cbc-prewarm`)
|
|
26
|
+
|
|
27
|
+
`cbc-prewarm` is a pure Node zero-dependency lightweight command that does not load the main program bundle and returns in milliseconds.
|
|
28
|
+
|
|
29
|
+
```bash
|
|
30
|
+
# List prewarmed processes discovered on the current machine
|
|
31
|
+
cbc-prewarm list
|
|
32
|
+
|
|
33
|
+
# Health check
|
|
34
|
+
cbc-prewarm ping pool1
|
|
35
|
+
|
|
36
|
+
# Query status (idle / activating / active)
|
|
37
|
+
cbc-prewarm status pool1
|
|
38
|
+
|
|
39
|
+
# Activate: bind to target working directory and start serving
|
|
40
|
+
cbc-prewarm activate pool1 --cwd /path/to/project -- --serve
|
|
41
|
+
```
|
|
42
|
+
|
|
43
|
+
Arguments after `--` in `activate` are passed through to the awakened process (equivalent to normal `cbc <args>`).
|
|
44
|
+
After activation, the process `chdir`s to `--cwd`, enters the corresponding mode based on the passed-through arguments (e.g., `--serve` / `--acp`), and proactively closes the IPC socket (one-time activation; afterwards it communicates through its own service port).
|
|
45
|
+
|
|
46
|
+
> **`--cwd` is optional**: When omitted, the prewarmed process retains the working directory from cold startup (no `chdir`, no cwd change broadcast). This is suitable for callers that don't need to switch directories and just want to reuse the prewarmed container. Only pass `--cwd` when you need to bind to a specific project directory.
|
|
47
|
+
|
|
48
|
+
> **Mode is unrestricted**: The passed-through arguments can be any normal `cbc` arguments. Persistent modes like `--serve`, `--acp`, etc. all take effect as-is — the prewarmed process has no restrictions or rewrites on modes. Pass `--serve` / `--acp` for persistent services; without a persistent mode flag, it takes the one-shot command path, exiting after execution (headless with no TTY).
|
|
49
|
+
|
|
50
|
+
## External Program Integration (IPC Protocol)
|
|
51
|
+
|
|
52
|
+
To activate a prewarmed process from your own program, connect to the local socket / pipe and send one line of JSON (NDJSON, one message per line), then read one line of JSON response.
|
|
53
|
+
|
|
54
|
+
### Address Convention
|
|
55
|
+
|
|
56
|
+
```
|
|
57
|
+
macOS/Linux : /tmp/codebuddy-prewarm-<id>.sock
|
|
58
|
+
Windows : \\.\pipe\codebuddy-prewarm-<id>
|
|
59
|
+
```
|
|
60
|
+
|
|
61
|
+
### Messages
|
|
62
|
+
|
|
63
|
+
```jsonc
|
|
64
|
+
// Health check
|
|
65
|
+
{ "cmd": "ping" }
|
|
66
|
+
// → { "ok": true, "cmd": "ping", "status": "idle", "pid": 12345 }
|
|
67
|
+
|
|
68
|
+
// Query status
|
|
69
|
+
{ "cmd": "status" }
|
|
70
|
+
// → { "ok": true, "status": "idle"|"activating"|"active", "cwd": "...", "endpoint": "..." }
|
|
71
|
+
|
|
72
|
+
// Activate (cwd is optional — omit to retain cold-start cwd; args are passed through to cbc)
|
|
73
|
+
{ "cmd": "activate", "cwd": "/path/to/project", "args": ["--serve"], "sessionId": "optional" }
|
|
74
|
+
// → { "ok": true, "cmd": "activate", "status": "activating", "cwd": "..." }
|
|
75
|
+
```
|
|
76
|
+
|
|
77
|
+
`activate` can only succeed once; repeated activations return `{ ok: false, error: "already activated" }`.
|
|
78
|
+
|
|
79
|
+
### Node.js Example
|
|
80
|
+
|
|
81
|
+
```js
|
|
82
|
+
const net = require('net');
|
|
83
|
+
|
|
84
|
+
function prewarmAddr(id) {
|
|
85
|
+
return process.platform === 'win32'
|
|
86
|
+
? `\\\\.\\pipe\\codebuddy-prewarm-${id}`
|
|
87
|
+
: `/tmp/codebuddy-prewarm-${id}.sock`;
|
|
88
|
+
}
|
|
89
|
+
|
|
90
|
+
function activate(id, { cwd, args = [] }) {
|
|
91
|
+
return new Promise((resolve, reject) => {
|
|
92
|
+
const sock = net.connect(prewarmAddr(id), () => {
|
|
93
|
+
sock.write(JSON.stringify({ cmd: 'activate', cwd, args }) + '\n');
|
|
94
|
+
});
|
|
95
|
+
let buf = '';
|
|
96
|
+
sock.on('data', d => {
|
|
97
|
+
buf += d;
|
|
98
|
+
const nl = buf.indexOf('\n');
|
|
99
|
+
if (nl >= 0) { sock.end(); resolve(JSON.parse(buf.slice(0, nl))); }
|
|
100
|
+
});
|
|
101
|
+
sock.on('error', reject);
|
|
102
|
+
});
|
|
103
|
+
}
|
|
104
|
+
|
|
105
|
+
// Activate pool1, bind to target directory and start in serve mode
|
|
106
|
+
const res = await activate('pool1', { cwd: '/Users/me/project-A', args: ['--serve'] });
|
|
107
|
+
console.log(res); // { ok: true, cmd: 'activate', status: 'activating', cwd: '...' }
|
|
108
|
+
```
|
|
109
|
+
|
|
110
|
+
## Behavior and Constraints
|
|
111
|
+
|
|
112
|
+
- **One process, one session**: Each prewarmed process binds to a working directory only once in its lifetime (at the moment of activation), then is discarded. To serve multiple directories, prewarm multiple processes (with different `--prewarm-id` values), each independent and non-interfering.
|
|
113
|
+
- **Working directory isolation**: After activation, the process `chdir`s and broadcasts a cwd change. File watchers automatically rebind, and project-level caches (settings / memory / skills / plugins / product configuration) are automatically invalidated and rescanned, ensuring no stale configuration from the temporary prewarm directory is read.
|
|
114
|
+
- **USER-level configuration sharing**: User-level settings / authentication / MCP under `~/.codebuddy/` are naturally shared across all prewarmed processes.
|
|
115
|
+
- **Security**: Unix socket permissions are tightened to `0600` (owner only), preventing other users on the same machine from connecting and hijacking.
|
|
116
|
+
- **Exit cleanup**: Graceful exit (SIGINT/SIGTERM) or completion of activation automatically cleans up the socket; sockets left behind by SIGKILL are automatically overwritten on the next startup with the same id.
|
|
117
|
+
|
|
118
|
+
## Configuration
|
|
119
|
+
|
|
120
|
+
Prewarm-related parameters can only be configured via CLI flags: `--prewarm` / `--prewarm-id <id>` / `--prewarm-force`.
|
|
121
|
+
|
|
122
|
+
## Related
|
|
123
|
+
|
|
124
|
+
- Benchmark and performance data: [scripts/benchmark/README.md](../../scripts/benchmark/README.md)
|
|
125
|
+
- CLI parameter reference: [cli-reference.md](cli-reference.md)
|
|
@@ -17,6 +17,20 @@ Difference from CHANGELOG.md:
|
|
|
17
17
|
|
|
18
18
|
<!-- New versions are automatically added here -->
|
|
19
19
|
|
|
20
|
+
- [v2.109.0](./v2.109.0.md) - 2026-06-19
|
|
21
|
+
|
|
22
|
+
- [v2.108.2](./v2.108.2.md) - 2026-06-18
|
|
23
|
+
- [v2.108.1](./v2.108.1.md) - 2026-06-18
|
|
24
|
+
- [v2.108.0](./v2.108.0.md) - 2026-06-18
|
|
25
|
+
- [v2.107.0](./v2.107.0.md) - 2026-06-17
|
|
26
|
+
- [v2.106.7](./v2.106.7.md) - 2026-06-16
|
|
27
|
+
- [v2.106.6](./v2.106.6.md) - 2026-06-16
|
|
28
|
+
- [v2.106.5](./v2.106.5.md) - 2026-06-16
|
|
29
|
+
- [v2.106.4](./v2.106.4.md) - 2026-06-15
|
|
30
|
+
- [v2.106.3](./v2.106.3.md) - 2026-06-13
|
|
31
|
+
- [v2.106.2](./v2.106.2.md) - 2026-06-13
|
|
32
|
+
- [v2.106.1](./v2.106.1.md) - 2026-06-12
|
|
33
|
+
- [v2.106.0](./v2.106.0.md) - 2026-06-12
|
|
20
34
|
- [v2.105.2](./v2.105.2.md) - 2026-06-10
|
|
21
35
|
- [v2.105.1](./v2.105.1.md) - 2026-06-10
|
|
22
36
|
|
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
# 🚀 CodeBuddy Code v2.106.0 Release
|
|
2
|
+
|
|
3
|
+
## 📦 Version Information
|
|
4
|
+
|
|
5
|
+
| Component | Version |
|
|
6
|
+
|-----------|---------|
|
|
7
|
+
| CodeBuddy Code CLI | v2.106.0 |
|
|
8
|
+
| Agent SDK JS | v0.3.174 |
|
|
9
|
+
| Agent SDK Python | v0.3.173 |
|
|
10
|
+
|
|
11
|
+
## ✨ New Features
|
|
12
|
+
|
|
13
|
+
### MCP Apps Interactive Interface
|
|
14
|
+
|
|
15
|
+
CodeBuddy Code now supports MCP servers declaring interactive HTML tool interfaces, rendered in the Web UI as secure sandboxed iframes. Tool results are no longer limited to displaying text — this is ideal for forms, charts, visual configuration, and other rich interactive scenarios.
|
|
16
|
+
|
|
17
|
+
### MCP Apps Bidirectional Interaction
|
|
18
|
+
|
|
19
|
+
MCP Apps can now collaborate bidirectionally with CodeBuddy Code:
|
|
20
|
+
|
|
21
|
+
- UI can write content back to the conversation, supporting both direct sending and filling into the input box for further editing
|
|
22
|
+
- UI can inject model context for the next conversation turn
|
|
23
|
+
- UI can request display mode switching, trigger file downloads, and notify resource destruction
|
|
24
|
+
- Reverse tool invocations from within the iframe require user authorization first, ensuring security and control
|
|
25
|
+
|
|
26
|
+
### Tool Defer Loading Override
|
|
27
|
+
|
|
28
|
+
The `--tools` parameter and custom agent frontmatter `tools` field now support `Defer(...)` / `NoDefer(...)` modifiers. Users can temporarily adjust whether tools are lazily loaded at the session or agent level without modifying global configuration.
|
|
29
|
+
|
|
30
|
+
## 🔧 Improvements
|
|
31
|
+
|
|
32
|
+
- **MCP Apps display experience**: Interactive interfaces are now persistently displayed below tool cards, no longer requiring expansion of tool call details to see the main content
|
|
33
|
+
- **Authorization experience optimization**: After selecting "Always Allow" for the same server / tool, no repeated prompts appear within the session; auto-approve mode automatically grants permission
|
|
34
|
+
- **Loading experience optimization**: During history replay, loading states are only shown when resource retrieval exceeds 200ms, reducing flickering
|
|
35
|
+
- **Reverse invocation stability**: Reverse tool calls from the same session / server are queued for sequential execution, preventing concurrent overload from blocking the approval flow
|
|
36
|
+
- **MCP Apps logging**: iframe logs can be synced to the console by level; warning and above levels display deduplicated bottom-right notifications
|
|
37
|
+
- **Prompt suggestion cost optimization**: Next-turn prompt suggestions now use a lightweight model and condensed context for generation, reducing token costs
|
|
38
|
+
|
|
39
|
+
## 🐛 Bug Fixes
|
|
40
|
+
|
|
41
|
+
- **MCP tool description drift**: Fixed an issue where prompts retained filtered tools when MCP server connection state changed, reducing model mis-invocations of non-existent tools
|
|
42
|
+
- **Team credit double counting**: Fixed an issue where multiple usage updates for the same message caused credits to be accumulated repeatedly
|
|
43
|
+
- **Cross-version upgrade configuration anomaly**: Fixed an issue where old version product configuration cache polluted new version configuration, reducing post-upgrade configuration behavior anomalies
|
|
44
|
+
- **Trace ID drift**: Fixed an issue where subagent / team agent inherited incorrect rootRequestId in multi-turn conversations, ensuring consistent end-to-end tracing IDs within a single conversation
|
|
45
|
+
- **Team credit statistics accuracy**: Fixed inaccurate statistics caused by requestId tampering in Team scenarios and usage not being correctly forwarded in detached mode
|
|
46
|
+
- **Request cancellation error display**: Cancelling a request now shows a more user-friendly "cancelled" message instead of exposing underlying JSON-RPC structure
|
|
47
|
+
- **MCP Apps history restoration**: Fixed an issue where interactive interfaces no longer displayed after refreshing the Web UI
|
|
48
|
+
- **MCP Apps authorization race condition**: Fixed an authorization matching error where `No active interruption to resolve` could occur during reverse tool invocations
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
# 🚀 CodeBuddy Code v2.106.1 Release
|
|
2
|
+
|
|
3
|
+
## 📦 Version Information
|
|
4
|
+
|
|
5
|
+
| Component | Version |
|
|
6
|
+
|-----------|---------|
|
|
7
|
+
| CodeBuddy Code CLI | v2.106.1 |
|
|
8
|
+
| Agent SDK JS | v0.3.175 |
|
|
9
|
+
| Agent SDK Python | v0.3.174 |
|
|
10
|
+
|
|
11
|
+
## 🐛 Bug Fixes
|
|
12
|
+
|
|
13
|
+
- **Delete key not working (iTerm2 Natural Text Editing preset)**: Fixed an issue where pressing the Forward Delete key (⌦) on an external keyboard had no effect in the input box when iTerm2 loaded the "Natural Text Editing" preset. This preset remaps the physical Delete key to send the Ctrl-D code point. It is now handled according to common editor conventions: when the input is non-empty and there are characters after the cursor, the character after the cursor is deleted; when the input is empty, the "double-press Ctrl-D to exit" interaction is preserved.
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
# CodeBuddy Code v2.106.2 Release
|
|
2
|
+
|
|
3
|
+
## Version Information
|
|
4
|
+
|
|
5
|
+
| Component | Version |
|
|
6
|
+
|------|------|
|
|
7
|
+
| CodeBuddy Code CLI | v2.106.2 |
|
|
8
|
+
| Agent SDK JS | v0.3.176 |
|
|
9
|
+
| Agent SDK Python | v0.3.175 |
|
|
10
|
+
|
|
11
|
+
## New Features
|
|
12
|
+
|
|
13
|
+
### Stop Hook Prompt Type Support
|
|
14
|
+
|
|
15
|
+
Added E2E test coverage for the prompt-type Stop hook lifecycle and robustness validation, ensuring correct Stop hook behavior when triggered by prompt events.
|
|
16
|
+
|
|
17
|
+
## Improvements
|
|
18
|
+
|
|
19
|
+
- **Prompt Hook Diagnostics Enhancement**: Improved log output when prompt hook execution fails, now including the event name and specific error details to facilitate troubleshooting Stop hook issues
|
|
20
|
+
- **DeferExecuteTool Image Support**: When MCP tools return image content, it is now automatically converted to a structured format for the downstream processing pipeline
|
|
21
|
+
|
|
22
|
+
## Bug Fixes
|
|
23
|
+
|
|
24
|
+
None
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
# 🚀 CodeBuddy Code v2.106.3 Release
|
|
2
|
+
|
|
3
|
+
## 📦 Version Information
|
|
4
|
+
|
|
5
|
+
| Component | Version |
|
|
6
|
+
|------|------|
|
|
7
|
+
| CodeBuddy Code CLI | v2.106.3 |
|
|
8
|
+
| Agent SDK JS | v0.3.177 |
|
|
9
|
+
| Agent SDK Python | v0.3.176 |
|
|
10
|
+
|
|
11
|
+
## 🐛 Bug Fixes
|
|
12
|
+
|
|
13
|
+
- **Duplicate Session Title Generation**: Fixed an issue where session titles were generated repeatedly when user messages were in array form (e.g., containing images or multi-segment content). The title determination logic now correctly handles array message content and only triggers generation when visible text exists and is not a system reminder.
|
|
14
|
+
- **Duplicate Context Injection on Compressed Continuation**: Fixed an issue where user context was repeatedly injected into history when continuing a conversation after history compression, avoiding context redundancy and improving continuation accuracy.
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
# 🚀 CodeBuddy Code v2.106.4 Release
|
|
2
|
+
|
|
3
|
+
## 📦 Version Information
|
|
4
|
+
|
|
5
|
+
| Component | Version |
|
|
6
|
+
|------|------|
|
|
7
|
+
| CodeBuddy Code CLI | v2.106.4 |
|
|
8
|
+
| Agent SDK JS | v0.3.178 |
|
|
9
|
+
| Agent SDK Python | v0.3.177 |
|
|
10
|
+
|
|
11
|
+
## ✨ New Features
|
|
12
|
+
|
|
13
|
+
### WeChat Pay Authorization Card
|
|
14
|
+
|
|
15
|
+
Added client-side payment authorization card capability. When a tool execution requires user payment confirmation, CodeBuddy Code can display a payment card on the client, allowing users to authorize, cancel, or view payment results, with the response sent back to the executing task.
|
|
16
|
+
|
|
17
|
+
## 🔧 Improvements
|
|
18
|
+
|
|
19
|
+
- **Sandbox Runtime Distribution**: Upgraded the built-in sandbox platform package version and improved platform artifact collection during the release packaging phase, enhancing sandbox runtime distribution consistency.
|
|
20
|
+
- **Payment Card Status Display**: Optimized payment final state feedback, providing more accurate display for payment success, incomplete, or timeout scenarios.
|
|
21
|
+
|
|
22
|
+
## 🐛 Bug Fixes
|
|
23
|
+
|
|
24
|
+
- **MCP Dynamic Authorization State**: Fixed an issue where overly broad matching in MCP validation logic caused dynamic authorization states to be incorrectly cleared, preventing abnormal MCP configuration or authorization state issues.
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
# 🚀 CodeBuddy Code v2.106.5 Release
|
|
2
|
+
|
|
3
|
+
## 📦 Version Information
|
|
4
|
+
|
|
5
|
+
| Component | Version |
|
|
6
|
+
|------|------|
|
|
7
|
+
| CodeBuddy Code CLI | v2.106.5 |
|
|
8
|
+
| Agent SDK JS | v0.3.179 |
|
|
9
|
+
| Agent SDK Python | v0.3.178 |
|
|
10
|
+
|
|
11
|
+
## 🐛 Bug Fixes
|
|
12
|
+
|
|
13
|
+
- **--help mode hanging**: Fixed an issue where the process could not exit when running `--help` due to async initialization blocking. Added timeout protection and interrupt support.
|
|
14
|
+
- **MCP server wait blocking**: Fixed an issue where MCP server startup wait blocked output in `--help` mode.
|
|
15
|
+
- **Outdated error recovery prompts**: Fixed an issue where the tool name list in system prompts was not updated to reflect current actual tool names after a tool call failure.
|
|
16
|
+
- **State stuck after main conversation ends**: Fixed an issue in interactive mode where the bottom loading status occasionally got stuck on "waiting for model" after the main task ended, with ESC unresponsive. Background auxiliary calls no longer incorrectly occupy the main session running state.
|
|
17
|
+
- **Glob search tool hanging**: Fixed an issue where the Glob tool could hang permanently in parallel search scenarios. Refactored the underlying search flow's completion determination and timeout control to ensure normal return even when hitting very large directories.
|
|
18
|
+
- **Multi-expert collaboration stuck**: Fixed an issue in multi-member collaboration scenarios where the lead could get stuck on "thinking" with no output when the last member completed. Ensures completion notifications are reliably delivered.
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
# 🚀 CodeBuddy Code v2.106.6 Release
|
|
2
|
+
|
|
3
|
+
## 📦 Version Information
|
|
4
|
+
|
|
5
|
+
| Component | Version |
|
|
6
|
+
|------|------|
|
|
7
|
+
| CodeBuddy Code CLI | v2.106.6 |
|
|
8
|
+
| Agent SDK JS | v0.3.180 |
|
|
9
|
+
| Agent SDK Python | v0.3.179 |
|
|
10
|
+
|
|
11
|
+
## 🐛 Bug Fixes
|
|
12
|
+
|
|
13
|
+
- **Command execution compatibility**: Fixed an issue where command execution failed in non-POSIX login shells such as fish. Now automatically falls back to a compatible shell for command execution, avoiding direct errors caused by shell syntax incompatibility.
|
|
14
|
+
- **Custom model tool call stability**: Fixed an issue where tool calls failed when some models repeatedly sent tool call IDs in streaming responses, improving tool call pipeline stability.
|
|
15
|
+
- **Background task output reading**: Task output files are now written to temporary directories isolated by user and working directory, avoiding directory permission conflicts in shared environments that affected background task result reading.
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
# 🚀 CodeBuddy Code v2.106.7 Release
|
|
2
|
+
|
|
3
|
+
## 📦 Version Information
|
|
4
|
+
|
|
5
|
+
| Component | Version |
|
|
6
|
+
|------|------|
|
|
7
|
+
| CodeBuddy Code CLI | v2.106.7 |
|
|
8
|
+
| Agent SDK JS | v0.3.181 |
|
|
9
|
+
| Agent SDK Python | v0.3.180 |
|
|
10
|
+
|
|
11
|
+
## 🔧 Improvements
|
|
12
|
+
|
|
13
|
+
- **Telemetry module maintenance**: Cleaned up telemetry-related code formatting to keep release build output stable and reduce irrelevant formatting differences in subsequent releases.
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
# 🚀 CodeBuddy Code v2.107.0 Release
|
|
2
|
+
|
|
3
|
+
## 📦 Version Information
|
|
4
|
+
|
|
5
|
+
| Component | Version |
|
|
6
|
+
|------|------|
|
|
7
|
+
| CodeBuddy Code CLI | v2.107.0 |
|
|
8
|
+
| Agent SDK JS | v0.3.182 |
|
|
9
|
+
| Agent SDK Python | v0.3.181 |
|
|
10
|
+
|
|
11
|
+
## ✨ New Features
|
|
12
|
+
|
|
13
|
+
### Prewarm Process
|
|
14
|
+
|
|
15
|
+
Added `--prewarm` standby mode, allowing CodeBuddy Code to complete startup initialization and suspend, then be awakened via local IPC and bound to a working directory when needed. A companion `cbc-prewarm` management command is provided, supporting listing, health checking, status querying, and activating prewarmed instances. This significantly reduces wait time in scenarios with frequent new session startups.
|
|
16
|
+
|
|
17
|
+
## 🔧 Improvements
|
|
18
|
+
|
|
19
|
+
- **More unified prewarm configuration**: Prewarm capabilities are now uniformly controlled through `--prewarm`, `--prewarm-id`, and `--prewarm-force` CLI parameters, reducing troubleshooting costs caused by mixing environment variables and command-line options.
|
|
20
|
+
- **More reliable working directory switching**: Switching working directories now automatically refreshes file watchers and project-level caches, preventing settings, memories, skills, plugins, and product configurations from continuing to reference the old directory.
|
|
21
|
+
- **Clearer prewarm instance management**: `cbc-prewarm list` can now correctly discover standby instances; instances with the same `prewarmId` no longer compete with each other by default — only when `--prewarm-force` is explicitly passed will the old instance be taken over.
|
|
22
|
+
- **ZIP marketplace leftover cleanup**: After successful installation or update, orphaned temporary zip files and extracted directories older than 1 hour under `~/.codebuddy/plugins/marketplaces/` are automatically cleaned up, reducing disk residuals.
|
|
23
|
+
|
|
24
|
+
## 🐛 Bug Fixes
|
|
25
|
+
|
|
26
|
+
- **False idle notifications**: Fixed an issue where "waiting for input" notifications were repeatedly triggered while the agent was still outputting or executing tools, avoiding notification spam during busy periods.
|
|
27
|
+
- **Sandbox approval timeout experience**: Extended the sandbox command approval wait time to 30 minutes, treating timeouts as "user canceled", and automatically closing residual approval dialogs.
|
|
28
|
+
- **Workspace trust false error message**: Fixed an issue where `apiKeyHelper blocked` error messages persisted after workspace trust was completed, reducing the "already trusted but appears to have failed" confusion.
|
|
29
|
+
- **Task numbering order**: Fixed an issue where task numbers were inconsistent with the planned order when creating multiple tasks concurrently, making the task list better reflect the actual creation order.
|
|
30
|
+
- **fish shell safe-delete compatibility**: Fixed an issue where the safe-delete path restoration logic in fish and other non-POSIX shells would throw syntax errors before execution.
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
# 🚀 CodeBuddy Code v2.108.0 Release
|
|
2
|
+
|
|
3
|
+
## 📦 Version Information
|
|
4
|
+
|
|
5
|
+
| Component | Version |
|
|
6
|
+
|------|------|
|
|
7
|
+
| CodeBuddy Code CLI | v2.108.0 |
|
|
8
|
+
| Agent SDK JS | v0.3.183 |
|
|
9
|
+
| Agent SDK Python | v0.3.182 |
|
|
10
|
+
|
|
11
|
+
## ✨ New Features
|
|
12
|
+
|
|
13
|
+
### Model Switch Prompt
|
|
14
|
+
|
|
15
|
+
When a model is manually pinned in the project configuration, after the user persistently switches models via `/model`, CodeBuddy Code now explicitly notifies that the project configuration will still override the current selection after restart, and suggests removing the model setting from the project configuration to truly persist the new default model.
|
|
16
|
+
|
|
17
|
+
## 🐛 Bug Fixes
|
|
18
|
+
|
|
19
|
+
- **More accurate request tracing**: Fixed an issue where multiple model requests in multi-turn conversations reused the same set of request identifiers. Now each HTTP request generates an independent `X-Request-ID`, making it easier to trace request chains.
|
|
20
|
+
- **More stable custom Agent configuration generation**: Fixed an issue where AI-generated custom Agent configurations could produce unparseable frontmatter in scenarios with multi-line descriptions or inheriting all tools, reducing cases where the configuration fails to load after generation.
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
# 🚀 CodeBuddy Code v2.108.1 Release
|
|
2
|
+
|
|
3
|
+
## 📦 Version Information
|
|
4
|
+
|
|
5
|
+
| Component | Version |
|
|
6
|
+
|------|------|
|
|
7
|
+
| CodeBuddy Code CLI | v2.108.1 |
|
|
8
|
+
| Agent SDK JS | v0.3.184 |
|
|
9
|
+
| Agent SDK Python | v0.3.183 |
|
|
10
|
+
|
|
11
|
+
## 🐛 Bug Fixes
|
|
12
|
+
|
|
13
|
+
- **Expert team content output display anomaly**: Fixed an issue in multi-agent collaboration scenarios where adjacent streaming output fragments had drifting message grouping identifiers, causing "deep thinking" content to be split into multiple messages. Also fixed an issue where the same session was triggered to run concurrently due to race conditions, causing interleaved model streaming fragments.
|
|
14
|
+
- **Context summary sampling parameters aligned with main conversation**: Fixed an issue where summary requests bypassed the model configuration interceptor, resulting in missing sampling parameters such as temperature and reasoning. Summary requests now use the same model configuration as the main conversation.
|
|
15
|
+
- **safe-delete syntax error in fish shell**: Fixed a syntax error caused by empty bootstrap being concatenated into the command chain in fish shell, ensuring both regular shell commands and sandbox commands execute correctly.
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
# 🚀 CodeBuddy Code v2.108.2 Release
|
|
2
|
+
|
|
3
|
+
## 📦 Version Information
|
|
4
|
+
|
|
5
|
+
| Component | Version |
|
|
6
|
+
|------|------|
|
|
7
|
+
| CodeBuddy Code CLI | v2.108.2 |
|
|
8
|
+
| Agent SDK JS | v0.3.185 |
|
|
9
|
+
| Agent SDK Python | v0.3.184 |
|
|
10
|
+
|
|
11
|
+
## 🐛 Bug Fixes
|
|
12
|
+
|
|
13
|
+
- **Conversation credit attribution**: Fixed an issue where request identifiers were reused across multi-turn conversations, which could cause credit consumption to be incorrectly attributed to the previous message turn. Credits are now accurately attributed to each conversation turn.
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
# 🚀 CodeBuddy Code v2.109.0 Release
|
|
2
|
+
|
|
3
|
+
## 📦 Version Information
|
|
4
|
+
|
|
5
|
+
| Component | Version |
|
|
6
|
+
|------|------|
|
|
7
|
+
| CodeBuddy Code CLI | v2.109.0 |
|
|
8
|
+
| Agent SDK JS | v0.3.186 |
|
|
9
|
+
| Agent SDK Python | v0.3.185 |
|
|
10
|
+
|
|
11
|
+
## ✨ New Features
|
|
12
|
+
|
|
13
|
+
### Auto Permission Mode
|
|
14
|
+
|
|
15
|
+
Introducing the `auto` permission mode, which allows CodeBuddy Code to intelligently determine whether each tool invocation requires user approval while maintaining safe boundaries, reducing frequent confirmation prompts that interrupt continuous tasks.
|
|
16
|
+
|
|
17
|
+
- **Smart classification and passthrough**: Dynamically decides whether the current tool invocation can be executed directly based on operation risk, contextual semantics, and historical rejection records.
|
|
18
|
+
- **Secondary verification mechanism**: Adds a critique review step that double-checks classification results to reduce the probability of false approvals.
|
|
19
|
+
- **In-session rejection memory**: Records tool invocations that the user has manually rejected, preventing repeated requests for the same operation within a session.
|
|
20
|
+
- **Automatic permission context injection**: Automatically injects current permission constraints into the model, helping it more accurately understand the executable boundaries.
|
|
21
|
+
|
|
22
|
+
## ⚠️ Upgrade Notes
|
|
23
|
+
|
|
24
|
+
- **Hook permission mode output change**: `HookInput.permission_mode` now outputs the actual runtime permission mode, which may include new values such as `plan`, `auto`, and `bypassPermissions`. If your custom hooks only handle the `default`, `acceptEdits`, and `dontAsk` cases, please update your branch logic accordingly.
|