06/13/2026

Fixed

• Disabled CloudCLI's npm self-update path inside HolyClaude so it no longer replaces patched CloudCLI files with the moved upstream package that can fail with @/shared.
• Documented recovery for containers that already ran the in-container CloudCLI update: recreate from the HolyClaude image and update with docker compose pull && docker compose up -d.

Added

• Configurable near-parity permission modes for CloudCLI Codex chat through HOLYCLAUDE_CODEX_CHAT_PERMISSION_MODE.
• First-boot raw codex CLI permission-mode seeding through HOLYCLAUDE_CODEX_CLI_PERMISSION_MODE.

Changed

• Documented Codex permission behavior, compose examples, security notes, and CloudCLI modification notices.

Safety

bypassPermissions gives Codex full access with no approval. Docker still limits access to the container and mounted volumes, but mounted workspace and config files can be read or changed. Use bypass only for trusted local workspaces, and don't expose CloudCLI directly to the public internet.

Upgrade

docker compose pull
docker compose up -d

Fixed

• Codex chat runs now send Apprise completion/failure notifications from HolyClaude's CloudCLI provider lifecycle, using the existing ~/.claude/notify-on flag and NOTIFY_* destinations

Fixed

• Codex apply_patch keeps working on Synology and other restricted-user-namespace hosts after docker compose pull && docker compose up -d by self-healing bubblewrap permissions at startup

Changed

• Refreshed the Docker and release dependency stack, including Node.js 26.2.0, s6-overlay 3.2.3.0, pinned package versions, pinned GitHub Actions, and pinned CloudCLI plugin SHAs
• Kept CloudCLI on 1.26.3 because the 2.0.0 artifact could not carry the required HolyClaude patches safely

Fixed

• CloudCLI patch misses now fail the image build instead of continuing after warnings
• Compose examples now bind CloudCLI to localhost by default to avoid accidental public exposure

Fixed

• /model in Chat tab now actually switches the active model — it persists to localStorage and survives page reload

thanks @miikasyvanen for the report.

Contributors

• @miikasyvanen

Fixed

• Shell tab no longer resets scroll position to the top on periodic refresh

thanks @JaredT6694 for the report.

Contributors

• @JaredT6694

Added

• Remote access security guidance recommending Tailscale or Cloudflare Tunnel instead of exposing HolyClaude directly to the public internet
• Optional CloudCLI account persistence documentation using a named Docker volume for local storage users

Fixed

• Corrected persistence docs to reflect that Claude Code OAuth session (~/.claude.json) already survives container rebuilds
• Synced translated READMEs and troubleshooting docs with the current persistence behavior

Fixed

• Vendored a patched CloudCLI build into the HolyClaude image so this release can ship the approved UI/runtime fixes without waiting on upstream merges.
• Fixed Codex session completion bouncing back to new session after the first prompt.
• Refreshed Claude auth status after login and surfaced clearer auth failures instead of leaving stale or silent UI state.
• Deduped realtime chat events so duplicate user and thinking rows do not render twice.
• Stopped the auth shell from stealing plain lowercase c; the auth URL copy shortcut now requires Shift+C.
• Persisted the selected thinking mode in the main chat flow.
• Documented Codex callback port 1455 in the full compose/config docs.
• Simplified the supported Ollama path to ANTHROPIC_AUTH_TOKEN=ollama plus ANTHROPIC_BASE_URL=<endpoint> and tightened troubleshooting guidance.
• Corrected remaining public docs links that still referenced blob/main/docs/configuration.md.

Fixed

• Corrected public documentation links that still referenced the non-existent main branch, including the Docker Hub description and translated README links to docs/configuration.md.