altimate-code 0.5.4 → 0.5.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +38 -0
- package/package.json +13 -13
package/CHANGELOG.md
CHANGED
|
@@ -5,6 +5,44 @@ All notable changes to this project will be documented in this file.
|
|
|
5
5
|
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
|
|
6
6
|
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
|
7
7
|
|
|
8
|
+
## [0.5.6] - 2026-03-22
|
|
9
|
+
|
|
10
|
+
### Added
|
|
11
|
+
|
|
12
|
+
- **Skill CLI command** — new top-level `altimate-code skill` with `list`, `create`, `test`, `show`, `install`, `remove` subcommands for managing AI agent skills and paired CLI tools (#342)
|
|
13
|
+
- **`.opencode/tools/` auto-discovery** — executables in `.opencode/tools/` (project) and `~/.config/altimate-code/tools/` (global) are automatically prepended to PATH in BashTool and PTY sessions (#342)
|
|
14
|
+
- **TUI skill management** — `/skills` dialog with domain-grouped skill browser, `ctrl+a` action picker (show, edit, test, remove), `ctrl+n` create, `ctrl+i` install from GitHub (#342)
|
|
15
|
+
- **Skill install from GitHub** — `altimate-code skill install owner/repo` clones and installs skills; supports GitHub web URLs, shorthand, local paths, and `--global` flag (#342)
|
|
16
|
+
- **Skill cache invalidation** — `State.invalidate()` and `Skill.invalidate()` with `GET /skill?reload=true` endpoint for cross-thread cache clearing (#342)
|
|
17
|
+
- **Snowflake Cortex AI provider** — use Snowflake Cortex as an AI provider for LLM completions (#349)
|
|
18
|
+
- **Telemetry for skill operations** — `skill_created`, `skill_installed`, `skill_removed` events (#342)
|
|
19
|
+
- **E2E smoke tests** — committed tests for skill lifecycle, git-tracked protection, symlink safety, GitHub URL normalization (#363)
|
|
20
|
+
|
|
21
|
+
### Fixed
|
|
22
|
+
|
|
23
|
+
- Symlink traversal protection during skill install — uses `fs.lstat` to skip symlinks and prevent file disclosure from malicious repos (#342)
|
|
24
|
+
- Git-tracked skills cannot be removed via `skill remove` or TUI — prevents accidental deletion of repo-managed skills (#342)
|
|
25
|
+
- GitHub web URLs (e.g., `https://github.com/owner/repo/tree/main/path`) correctly normalized to clonable repo URLs (#342)
|
|
26
|
+
- `.git` suffix stripped from install source to prevent double-append (#342)
|
|
27
|
+
- TUI skill operations use `sdk.directory` + `gitRoot()` instead of `Instance`/`Global` which only exist in the worker thread (#342)
|
|
28
|
+
- TUI install uses async `Bun.spawn` instead of blocking `Bun.spawnSync` to keep UI responsive (#342)
|
|
29
|
+
- Missing `altimate_change` markers in `dialog-skill.tsx` and `skill.ts` (#341, #344)
|
|
30
|
+
|
|
31
|
+
## [0.5.5] - 2026-03-20
|
|
32
|
+
|
|
33
|
+
### Added
|
|
34
|
+
|
|
35
|
+
- Auto-discover MCP servers from external AI tool configs (VS Code, Cursor, GitHub Copilot, Claude Code, Gemini CLI, Claude Desktop) — discovered project-scoped servers are disabled by default and require explicit approval; home-directory configs are auto-enabled (#311)
|
|
36
|
+
- Security FAQ documentation for MCP auto-discovery — covers trust model, security hardening, and how to disable (#346)
|
|
37
|
+
|
|
38
|
+
### Changed
|
|
39
|
+
|
|
40
|
+
- `auto_mcp_discovery` now defaults to `true` in config schema via `z.boolean().default(true)` — matches existing runtime behavior (#345)
|
|
41
|
+
|
|
42
|
+
### Fixed
|
|
43
|
+
|
|
44
|
+
- Add missing `altimate_change` markers for `experimental` block in `opencode.jsonc` — fixes Marker Guard CI failure on main (#344)
|
|
45
|
+
|
|
8
46
|
## [0.5.4] - 2026-03-20
|
|
9
47
|
|
|
10
48
|
### Added
|
package/package.json
CHANGED
|
@@ -14,24 +14,24 @@
|
|
|
14
14
|
"scripts": {
|
|
15
15
|
"postinstall": "bun ./postinstall.mjs || node ./postinstall.mjs"
|
|
16
16
|
},
|
|
17
|
-
"version": "0.5.
|
|
17
|
+
"version": "0.5.6",
|
|
18
18
|
"license": "MIT",
|
|
19
19
|
"dependencies": {
|
|
20
20
|
"@altimateai/altimate-core": "^0.2.5"
|
|
21
21
|
},
|
|
22
22
|
"optionalDependencies": {
|
|
23
|
-
"@altimateai/altimate-code-linux-x64": "0.5.
|
|
24
|
-
"@altimateai/altimate-code-windows-arm64": "0.5.
|
|
25
|
-
"@altimateai/altimate-code-linux-arm64-musl": "0.5.
|
|
26
|
-
"@altimateai/altimate-code-darwin-x64": "0.5.
|
|
27
|
-
"@altimateai/altimate-code-windows-x64": "0.5.
|
|
28
|
-
"@altimateai/altimate-code-linux-x64-musl": "0.5.
|
|
29
|
-
"@altimateai/altimate-code-darwin-x64-baseline": "0.5.
|
|
30
|
-
"@altimateai/altimate-code-linux-x64-baseline-musl": "0.5.
|
|
31
|
-
"@altimateai/altimate-code-linux-x64-baseline": "0.5.
|
|
32
|
-
"@altimateai/altimate-code-linux-arm64": "0.5.
|
|
33
|
-
"@altimateai/altimate-code-darwin-arm64": "0.5.
|
|
34
|
-
"@altimateai/altimate-code-windows-x64-baseline": "0.5.
|
|
23
|
+
"@altimateai/altimate-code-linux-x64": "0.5.6",
|
|
24
|
+
"@altimateai/altimate-code-windows-arm64": "0.5.6",
|
|
25
|
+
"@altimateai/altimate-code-linux-arm64-musl": "0.5.6",
|
|
26
|
+
"@altimateai/altimate-code-darwin-x64": "0.5.6",
|
|
27
|
+
"@altimateai/altimate-code-windows-x64": "0.5.6",
|
|
28
|
+
"@altimateai/altimate-code-linux-x64-musl": "0.5.6",
|
|
29
|
+
"@altimateai/altimate-code-darwin-x64-baseline": "0.5.6",
|
|
30
|
+
"@altimateai/altimate-code-linux-x64-baseline-musl": "0.5.6",
|
|
31
|
+
"@altimateai/altimate-code-linux-x64-baseline": "0.5.6",
|
|
32
|
+
"@altimateai/altimate-code-linux-arm64": "0.5.6",
|
|
33
|
+
"@altimateai/altimate-code-darwin-arm64": "0.5.6",
|
|
34
|
+
"@altimateai/altimate-code-windows-x64-baseline": "0.5.6"
|
|
35
35
|
},
|
|
36
36
|
"peerDependencies": {
|
|
37
37
|
"pg": ">=8",
|