Changelog

v0.1.38

✨ Features

• Custom Provider Model Fallback

  • When a provider is explicitly requested (via CLI, Gateway, or Hermes) but no model ID is specified, the factory now automatically falls back to the provider's first available model instead of using settings.DefaultModel (which belongs to the default provider).
  • This prevents configuration mismatches and "model not found" errors when using non-default providers without a specified model.

• Hermes Configuration Default Resolution

  • Updated Hermes default model resolution so that when DefaultProvider is specified in hermes.json but DefaultModel is left blank, the system correctly falls back to the custom provider's first available model instead of propagating the global DefaultModel from settings.json.

• Refined Exposed Agent SDK Package & Examples

  • Completed the mapping for all missing events and fields inside the top-level agent bridge (including Messages, TurnMessage, TurnToolResults, Message, ToolCall, ToolDiff, ToolError, PartialResult, Plan, Usage, and ContextUsage).
  • Fixed a critical enum misalignment on StreamEventType caused by internal-only types (like StreamThinkSignature), implementing explicit, robust mapping helpers.
  • Implemented PublicProviderAdapter to seamlessly bridge internal providers back to the public agent.Provider interface, and wired them up automatically to avoid package import cycles.
  • Added two rich top-level examples in the example/ directory (simple_agent and custom_provider) with dual-language READMEs, showing custom provider and tool loop execution.

🧪 Tests

• Added TestCreateFallbackToFirstModel in internal/provider/factory_test.go to cover fallback behavior for both custom and built-in providers when the model ID is blank.
• Added test coverage in internal/hermes/config_test.go for GetDefaultModel when DefaultProvider is specified in Hermes config but DefaultModel is empty.

Changelog

v0.1.37

✨ Features

• Vertex AI API Key Authentication
  • Added support for authenticating directly with Google Vertex AI using API keys (x-goog-api-key) instead of requiring gcloud OAuth tokens (ya29.).
  • When an API key is used, the default base URL automatically routes to https://aiplatform.googleapis.com/v1/publishers/google/models (which doesn't require project/location parameters).
  • Keeps backward compatibility with existing OAuth bearer tokens.

🐛 Bug Fixes

• Google Tool Thought Signatures

  • Correctly extract and forward Gemini reasoning/thought signatures in tool calls, preventing any misalignment or signature mismatches.

• TUI Raw Bash Output Preservation

  • Preserved ANSI escape codes and raw spacing/newlines in Bubble Tea TUI rendering for bash tool results, avoiding accidental italic style inheritance from the TUI framework.

Changelog

v0.1.36

✨ Features

• Doctor Subcommand (vibecoding doctor)
  • New diagnostic command that checks environment, configuration, providers, sandbox, MCP servers, sessions, skills, and context files
  • Reports OS/arch, Go version, shell, home/working directory
  • Validates settings, gateway, and MCP config files with parse checks
  • Lists configured providers with masked API keys, models with context window/max tokens/reasoning flags
  • Checks bwrap sandbox availability and version
  • Shows MCP servers, session counts, skills directories, and discovered context files
  • Unconfigured providers (no API key) are silently skipped

🐛 Bug Fixes

• TUI Session State

  • Fixed /clear to reset transcript rendering state, tool results, assistant markdown caches, active stream indices, plan panel, and tool modal state consistently with session switching
  • Extracted shared transcript/input reset helpers to reduce divergent cleanup paths

• TUI Mode Switching

  • Pressing Tab to cycle mode now aborts an active request before changing mode, matching /mode behavior and preventing approval/question responses from targeting a stale agent

• TUI Question Tool

  • Numbered question selections now resolve to the selected option text instead of sending raw numbers back to the model
  • Clearing question state now also clears the current question metadata

• TUI Warnings and Details Modal

  • Context-pressure and budget-pressure agent events are now displayed in the TUI
  • Ctrl+O now reports when there is no conversation detail to show instead of opening an empty modal

• Context Pressure Threshold Comparison

  • Fixed Context Pressure threshold unit mismatch: Percent (0-100) was compared directly against threshold (0-1), causing the warning to fire at ~0.5% usage instead of the intended 55%
  • Fixed InitHermesConfig project template to include explicit context_pressure_threshold and budget_pressure_threshold defaults, preventing them from being serialized as 0 (disabled)

• Live Message Rendering

  • Live assistant messages render fenced code blocks as Markdown while keeping normal prose on the plain-text wrapping path to avoid awkward word splitting

• Model Validation and Compaction

  • Pass ModelID in ChatParams so providers know the active model
  • Forward model to compaction/summary generation, preventing silent fallback to default model
  • Return errors with available model list when model is not found instead of silently falling back
  • Consistent model error messages across factory, gateway, and TUI

• Google/OpenAI Tool Result Text Extraction

  • Fixed Google and OpenAI providers sending empty content when tool results use rich Contents blocks instead of plain Content string
  • Added googleToolResultText() to extract text from Contents blocks in Google provider
  • Fixed responseToolOutput() usage in OpenAI rich tool result branch

🧪 Tests

• Added regression coverage for /clear transcript cleanup, question state tracking, empty details modal handling, pressure warnings, live code-block rendering, and prose wrapping
• Added agent-level integration test (TestToolResultIsIncludedInNextProviderTurn) verifying tool results with rich Contents blocks reach the next provider turn
• Added provider-level unit tests for Google and OpenAI tool result text extraction from Contents blocks

Changelog

v0.1.35

🐛 Bug Fixes

• TUI Print Ordering

  • Replaced ad-hoc go program.Println(...) goroutines with a single drain goroutine (printCh) to prevent message interleaving on Bubble Tea's unbuffered channel
  • flushPendingPrints now uses tea.Sequence instead of tea.Batch to preserve print order

• Display Width Accuracy

  • truncate() now uses lipgloss.Width instead of byte length, so CJK characters (2 cells) and ANSI escape sequences (0 cells) align correctly in the TUI grid
  • Tool modal title separator uses lipgloss.Width for correct line width

• Tool Output Improvements

  • ls tool result now shows a compact summary (blank-line removal) in collapsed view, matching bash output behavior
  • Tool result rendering handles multiline summaries with a newline separator instead of forcing everything onto one line

🧪 Tests

• Added formatters_test.go with display-width-aware truncation tests for ASCII, CJK, and mixed content

v0.1.34

✨ Features

• Hermes Remote TUI Client

  • Replaced the plain-text WebSocket client with a full Bubble Tea TUI (hermes client)
  • Markdown rendering with syntax highlighting via Glamour
  • Scrollable tool details modal (Ctrl+O), approval prompts (Enter/Esc), and question tool support
  • Plan update display, context pressure/budget warnings, and request timers
  • Native terminal scrollback for completed messages
  • Slash command support (/clear, /mode, /model, /compact, /help, etc.)
  • New internal/hermes/remotetui package: app.go, render.go, input.go, remote.go, agent_events.go, approval.go, commands.go, formatters.go, tool_modal.go, events.go

• WebSocket Protocol Enhancements

  • Added question_request / question_response events for plan-mode question tool over WebSocket
  • Added plan_update events with structured plan step data
  • Added compaction_start / compaction_end events for context compaction progress
  • connected event now includes model and work_dir metadata
  • approval_request event now carries approval_tool and approval_args for richer client-side display

• Dispatcher Refactor

  • Extracted buildAgent() from runAgent() for agent creation and cleanup, improving reuse between messaging and WebSocket paths

• Provider Custom Headers

  • Added providers.<name>.headers for custom HTTP headers on provider requests
  • Header values support the same ${ENV} and opt-in !cmd resolution as apiKey

🧪 Tests

• Added WebSocket gateway server tests for connection, auth, chat, approval, question, and command flows

Changelog

v0.1.32

✨ Features

• Tool System Completeness

  • Added full documentation for all registered tools: jobs, kill, question, memory, cron, and MCP dynamic tools
  • jobs tool: list and inspect background jobs started with bash async=true, with optional cleanup
  • kill tool: terminate a running background job by ID
  • question tool: AI can ask users multiple-choice questions during plan mode to clarify requirements
  • memory tool (Hermes): persistent memory via memory.md with read/add/update/delete actions across sessions
  • cron tool (Hermes/multi-agent): scheduled background tasks via sub-agents with @daily, @weekly, @every N schedules and one-shot support
  • MCP dynamic tools: tools/resources/prompts from MCP servers are auto-discovered and registered per session

• Plan Mode Question Tool

  • Added question tool, registered only in TUI + plan mode
  • AI can ask users multiple-choice questions; users select a preset option or type a custom answer
  • Helps clarify requirements before forming a plan, producing higher-quality proposals
  • Exposed via QuestionHandler optional interface (type assertion); does not pollute the public Agent interface

🐛 Bug Fixes

• Bash Tool Output Safety

  • Synchronous bash mode now enforces a 1 GB output limit using limitedBuffer, preventing OOM from unbounded bytes.Buffer growth

• Hermes /compact Command

  • Implemented the /compact slash command for Hermes messaging mode (previously a TODO stub)
  • Sets a ForceCompact flag on the session, consumed by the next agent run to trigger context compaction

• Session Durability

  • writeEntry now calls f.Sync() after writing, guaranteeing data survives crash or power loss
  • Corrupt session lines are now logged as warnings and skipped instead of blocking session load

• Hermes Approval Race Condition

  • ResolveApproval now uses select to avoid writing to an already-consumed channel when timeout and approval race

• Agent Sub-agent Panic Logging

  • sendParentEvent now logs the panic value before recovering, aiding diagnosis of closed-channel races

• Atomic File Write Cleanup

  • writeFileAtomic no longer uses defer os.Remove(tmpPath) which would attempt to delete an already-renamed file; cleanup is now explicit on each error path

• Agent Loop Detection Configurability

  • MaxConsecutiveNoText (stuck-detection threshold) is now configurable via AgentLoopConfig (default 95)
  • Fixed incorrect error message that added pre- and post-warning counters together

• Job Manager Auto-cleanup

  • AddJob now garbage-collects finished jobs older than 30 minutes (checked every 5 minutes)

• Cron Scheduler Error Logging

  • checkAndRun now logs store errors instead of silently swallowing them

• TUI Bash Output Display

  • Compressed bash tool output summary by removing blank lines to prevent excessive vertical height in the TUI collapsed view

• Vendored Search Tools

  • Added fallback to system grep / find when embedded rg / fd are unavailable for the current architecture

📦 Distribution

• Added Linux LoongArch64 (loong64) build and packaging targets, including tarball, Debian, and npm package metadata

✅ Tests

• Added unit tests for limitedBuffer truncation, JobManager GC, writeFileAtomic cleanup, sendParentEvent panic recovery, MaxConsecutiveNoText configurability, session fsync durability, corrupt-line tolerance, and QuestionTool metadata/mode-filtering/execution/error-handling

Changelog

v0.1.31

🐛 Bug Fixes

• Terminal Input

  • Added Home/End cursor movement support in the TUI input box
  • Fixed the first submitted input being swallowed after canceling an approval prompt with Esc
  • Added command history navigation with Up/Down, including repeated selection through previous inputs

• A2A Security and Reliability

  • Changed the default A2A host from 0.0.0.0 to 127.0.0.1
  • Added Bearer token authentication for /a2a, REST A2A routes, and SSE events while keeping the Agent Card public
  • Replaced timestamp-based A2A task IDs with collision-resistant random IDs
  • Made A2A task store reads and writes use cloned task snapshots to avoid accidental shared mutation

• Path and Session Safety

  • Fixed path containment checks to use path-aware boundaries instead of string prefix checks
  • Prevented context extraFiles from escaping the working directory
  • Encoded unsafe Hermes session path components and enforced allowed_work_dirs during session creation
  • Restricted session deletion to .jsonl files under the configured session directory

• Auth, Approval, and Resource Limits

  • Switched Hermes HTTP/WebSocket token checks to constant-time comparison
  • Changed the Hermes WebSocket client to send auth via Authorization: Bearer ... instead of query strings
  • Cleaned up pending ACP permission requests on timeout and propagated ACP write errors
  • Added request/body size limits for ACP, read-tool image files, WeChat responses, and cron A2A responses
  • Added timeouts to cron A2A HTTP calls

• Memory, Context, and Concurrency

  • Added locking to memory store operations
  • Fixed memory.WriteAll() path handling and kept memory update/delete scoped to the requested section
  • Cloned gateway model settings before per-request temperature/top_p overrides
  • Passed agent callback context/message snapshots instead of shared references
  • Serialized cron job state transitions through the job store

• Configuration and Gateway Hardening

  • Gated !command API key resolution behind VIBECODING_ALLOW_SHELL_CONFIG=1
  • Fixed Gateway CORS to echo only the allowed request origin
  • Added a startup warning when Gateway listens beyond loopback in yolo mode without authentication
  • Hardened platform home/shell fallback behavior

🧪 Tests

• Added regression coverage for A2A auth, task ID uniqueness, task snapshot isolation, and persisted working task messages
• Added coverage for path traversal, unsafe session IDs, memory section operations, ACP cleanup, CORS behavior, UTF-8 truncation, and shell-config opt-in
• Ran focused package tests plus race tests for A2A, agent, gateway, and cron

📝 Docs

• Updated A2A, Hermes, Gateway, configuration, and security docs for the new authentication and hardening behavior

Changelog

v0.1.29

🐛 Bug Fixes

• NPM Package Wrapper
  • Fixed npm/bin/vibecoding entry script to ensure installer packages ship the correct executable wrapper
  • Adjusted build-npm.sh and build-npm-packages.sh to include the wrapper consistently

v0.1.28

✨ Features

• Per-Model Temperature/Top-P Configuration

  • Added temperature and top_p fields to ModelConfig and Model for per-model parameter tuning
  • Wired through OpenAI and Anthropic providers with omitempty — nil means use API default
  • Wired through provider factory, agent loop, and ACP mode
  • Gateway supports per-request temperature/top_p override via ChatParams
  • When not configured, parameters are omitted entirely (no zero-value sent to API)

• OpenAI Responses API Support

  • Added a dedicated OpenAI Responses provider path under api: "openai-responses"
  • Supports Responses streaming, tool calls, reasoning summaries, and prompt cache parameters
  • Responses configuration is exposed under provider responses settings with default prompt cache enabled
  • Added model compat flags for supportsPromptCacheKey and supportsReasoningSummary

🧪 Tests

• Improved provider test coverage for OpenAI Responses API and Anthropic request parsing
• Reworked Anthropic tests to use in-memory HTTP mocks instead of port-binding test servers

📝 Docs

• Updated AGENTS.md version to v0.1.28

v0.1.27

✨ Features

• Hermes Mode (vibecoding hermes)

  • New messaging gateway mode for WeChat, Feishu, and WebSocket
  • Persistent per-user sessions with auto-archiving on /new
  • Default yolo mode for unattended operation
  • Smart approvals with tiered risk classification (low/medium/high)
  • User whitelist for platform access control
  • WebSocket streaming: real-time text_delta/think_delta/tool_call/tool_result/tool_diff/usage/done events

• A2A Protocol (vibecoding a2a)

  • New Agent-to-Agent protocol server (JSON-RPC 2.0 over HTTP + SSE streaming)
  • Standalone mode: vibecoding a2a start (port 8093)
  • Integration mode: hermes.json a2a.enabled: true shares hermes HTTP port
  • Agent Card at /.well-known/agent.json
  • Task lifecycle: submitted → working → completed/failed/canceled
  • REST endpoints: /a2a/send, /a2a/task, /a2a/task/cancel, /a2a/events
  • A2A Client: vibecoding a2a send <message> to send tasks to other A2A servers
  • A2A Discovery: vibecoding a2a discover <url> to fetch remote Agent Cards
  • A2A Scheduling: Cron jobs support --a2a-target to schedule tasks to A2A servers

• A2A Master Mode (--enable-a2a-master)

  • Configure multiple remote A2A agents via a2a-list.json
  • Registers a2a_dispatch tool for the LLM to automatically dispatch tasks to remote agents
  • Supports global (~/.vibecoding/a2a-list.json) and project-level (.vibe/a2a-list.json) config
  • --init-a2a-master-config generates a sample config file
  • Disabled by default, requires explicit opt-in

• A2A Config Initialization

  • vibecoding a2a --init-a2a-config generates a2a.json config template
  • vibecoding --init-gateway generates gateway.json config template (existing)
  • vibecoding --init-a2a-master-config generates a2a-list.json config template
  • All --init-* flags support --force to overwrite existing files

• Scenarios & Walkthroughs Documentation

  • New docs/scenarios.md (zh + en) covering 9 practical usage scenarios
  • Covers: daily coding, CI integration, multi-agent, VS Code ACP, A2A server,
    A2A Master cross-machine dispatch, Gateway HTTP, Hermes messaging, combined modes

• Documentation Overhaul

  • architecture.md: added all missing modules (a2a/acp/gateway/hermes/mcp/memory/messaging/vendored)
  • tools.md: added a2a_dispatch and skill_ref tool docs
  • cli-reference.md: added --enable-a2a-master, --init-a2a-master-config,
    --init-gateway, --force, a2a subcommand docs
  • README.md: updated architecture diagram, added running modes overview

• Pressure System

  • Context Pressure: EventContextPressure fired at 55% context usage (configurable via context_pressure_threshold)
  • Budget Pressure: EventBudgetPressure fired at 20% remaining iterations (configurable via budget_pressure_threshold)
  • One-shot events: fire once per threshold crossing, not every turn
  • Messaging platforms receive pressure warnings via progress callback

• Smart Approvals (Tiered Strategy)

  • Low risk: auto-approve
  • Medium risk: auto-approve + notify user
  • High risk (WebSocket): send approval_request, wait for user approval_response (5min timeout)
  • High risk (messaging): auto-reject + notify user
  • Command risk classification: low/medium/high based on bash command patterns

• Provider/Model Configuration

  • default_provider / default_model in hermes.json (overrides settings.json)
  • CLI flags -p/--provider and -m/--model for hermes start
  • Priority: CLI flags > hermes.json > settings.json

• Multi-Agent Mode (--multi-agent)

  • Enables sub-agent tools (spawn/status/send/destroy) in hermes sessions
  • Configurable via hermes.json multi_agent field or --multi-agent CLI flag

• Sandbox Mode (--sandbox)

  • Optional bwrap sandbox isolation (disabled by default)
  • Configurable via hermes.json sandbox field or --sandbox CLI flag

• MCP Integration

  • Hermes automatically loads MCP servers from global/project mcp.json
  • MCP tools registered per-session, connections auto-closed on session removal

• Progress Events for Messaging Platforms

  • Real-time tool execution progress sent to WeChat/Feishu during agent runs
  • Format: [tool]: args ✅/❌ for tools, 💭 ... for thinking process
  • Final summary sent after agent completes

• Memory Tool

  • memory tool with read/add/update/delete actions
  • Section-level operations (User Profile, Working Memory, Lessons Learned)
  • Defaults to .vibe/memory.md (project directory)
  • Lookup priority: memory.path config → .vibe/memory.md → <GLOBAL_DIR>/memory.md
  • /api/memory HTTP endpoint (GET/PUT) for memory access

• Hermes CLI Commands

  • hermes start — start daemon with all CLI flags
  • hermes stop — stop daemon via PID file + SIGTERM
  • hermes status — check daemon status via PID + HTTP health
  • hermes client — WebSocket client with streaming output and slash commands
  • hermes config init/show — configuration management
  • hermes wechat login/status — WeChat iLink management
  • hermes feishu setup/status — Feishu configuration
  • hermes webhook list — webhook route listing
  • hermes memory show/clear — memory management
  • hermes sessions list — active session listing (queries running instance)
  • hermes cron list/add/remove/enable/disable — cron job management
  • a2a start/stop/status/card — A2A server management

📝 Changes

• WeChat iLink implementation with zero external dependencies (5 files: types/protocol/auth/crypto/wechat)
• Feishu bot with official SDK and WebSocket long-connection
• Shell hooks for pre/post tool call external scripts (JSON stdin/stdout)
• Webhook inbound routing with HMAC-SHA256 signature verification
• WebSocket uses golang.org/x/net/websocket (stdlib compatible)
• PID file-based daemon management for hermes stop/status

🐛 Bug Fixes

• NPM Installer Packaging

  • Fixed release packaging flow so vibecoding-installer always ships executable entry bin/vibecoding.
  • Added scripts/npm-installer-wrapper.js as the single source of wrapper logic, reused by both
    scripts/build-npm.sh and scripts/build-npm-packages.sh to avoid drift.
  • Adjusted npm/.npmignore and npm/bin handling to avoid shipping accidental build artifacts and to keep
    package manifests (files) explicit.

• Hermes Webhook Delivery and Filtering

  • Webhook routes now treat unknown event types as non-matching unless the route explicitly allows *.
  • Added delivery_target to webhook routes so WeChat/Feishu delivery has a concrete recipient.
  • Updated webhook route listing and config templates to show the delivery target when present.

• OpenAI Responses Thinking Mapping

  • Mapped --thinking xhigh to reasoning.effort: "high" for the OpenAI Responses API.

🧪 Tests

• Reworked webhook router tests to wait on handler completion instead of sleeping, removing a race/flakiness source.
• Added coverage for webhook event rejection when the event type cannot be inferred.
• Added coverage for webhook delivery target handling.

Changelog

v0.1.26

✨ Features

• Gateway Mode (vibecoding gateway)

  • New HTTP server exposing a standard OpenAI Chat Completions API (/v1/chat/completions, /v1/models, /health)
  • Any OpenAI-compatible client (Cursor, Continue, Open WebUI, Python SDK, etc.) can connect directly
  • Streaming (SSE) and non-streaming responses fully supported
  • Backend powered by VibeCoding agent loop with tool execution transparent to the caller

• Multi-Session Support

  • Built-in SessionPool for concurrent sessions, each with isolated agent, tools, and message history
  • Session association via x_session_id in request body; auto-created when absent
  • Configurable idle timeout (session.idleTimeoutSeconds) and max session limit (session.maxSessions)

• Sub-Agent Support in Gateway

  • Optional enableSubAgents config to enable multi-agent orchestration in gateway mode
  • Reuses existing AgentFactory / AgentManager / sub-agent tools with no core agent changes

• Bearer Token Authentication

  • Configurable via gateway.json with auth.enabled and auth.tokens list
  • Disabled by default; /health endpoint always unauthenticated

• Slash Commands via API

  • /clear, /mode, /model, /models, /sessions, /compact, /status, /skill, /skills, /help
  • Triggered when the last user message starts with /; processed at gateway layer without invoking LLM
  • Responses use standard OpenAI format with x_command extension field

• Tool Visibility Configuration (toolVisibility.mode)

  • "content" (default): tool status sent as text in content field during streaming
  • "sse_event": tool status sent as extended SSE events for custom clients
  • "none": fully transparent, client sees only final text

• System Prompt Handling (systemPromptMode)

  • "append" (default): client system messages appended to built-in system prompt
  • "ignore": client system messages discarded entirely

• Security: allowedWorkDirs

  • Directory whitelist for x_working_dir request-level overrides with path-separator-aware prefix matching
  • Three-layer security model: L1 auth + L2 directory control + L3 sandbox (bwrap)

• Sandbox Support in Gateway

  • Configurable via gateway.json sandbox.enabled / sandbox.level or --sandbox flag
  • Inherits detailed sandbox settings (allowedRead, deniedPaths, etc.) from settings.json

• Gateway Configuration (gateway.json)

  • Independent config file at ~/.config/vibecoding/gateway.json
  • Covers: listen address, auth, mode, sandbox, workingDir, allowedWorkDirs, session management, CORS, tool visibility, system prompt mode, request timeout, concurrency limit, logging
  • vibecoding --init-gateway to generate template; --force to overwrite

• Request Timeout & Concurrency

  • requestTimeoutSeconds (default 1800s); streaming keeps alive as long as data flows
  • maxConcurrentRequests (default 0 = unlimited)

📝 Docs

• Added docs/gateway-proposal.md with full architecture, API design, security model, and implementation plan
• Updated AGENTS.md version note

v0.1.25

✨ Features

• Multi-Agent Mode

  • Added opt-in --multi-agent support across CLI, TUI, and ACP mode
  • Added AgentManager, EventRouter, and per-agent registries so agents have isolated tools, job managers, sessions, messages, and context
  • Added subagent_spawn, subagent_status, subagent_send, and subagent_destroy tools for delegated background work
  • Added multi-agent prompt guidance and safeguards that prevent nested sub-agent spawning

• Cron Task Support

  • Added internal/cron with persistent cron store and scheduler coverage
  • Added /cron command entry points in multi-agent TUI workflows

• Provider Vendor Adapter Layer

  • Added vendor adapter registration in internal/provider/vendor*.go
  • Centralized provider/model creation in internal/provider/factory
  • Added vendor detection for DeepSeek, Xiaomi, Kimi, MiniMax, Seed, Qianfan, Bailian, Gitee, OpenRouter, Together, Groq, Fireworks, OpenAI, and Anthropic
  • Preserved existing provider config format while allowing vendor-specific defaults and generic OpenAI/Anthropic-compatible fallback
  • Added model compat handling for thinking formats, reasoning effort support, max token field selection, adaptive Anthropic thinking, and DeepSeek/Xiaomi assistant reasoning_content

🐛 Bug Fixes

• Auto-initialized sessions on first append so sub-agents can write session entries without requiring explicit prior initialization
• Fixed sub-agent tests to wait for background runs and clean up spawned agents before temporary directory removal
• Preserved ACP Anthropic cache-control behavior while moving provider creation to the shared factory

📝 Docs

• Updated AGENTS.md with provider factory and vendor adapter guidance
• Replaced the multi-agent implementation checklist with a completed architecture/status document
• Removed the obsolete root todo.md

🧪 Testing

• Added coverage for provider vendor resolution, provider factory creation, OpenAI/Anthropic compat behavior, multi-agent manager/router/sub-agent flows, cron storage/scheduler behavior, and session auto-initialization
• Verified with make test (go test -v -race ./...)

v0.1.24

✨ Features

• API Retry with Exponential Backoff
  • Automatic retry for transient errors (5xx, network failures, rate limits) on initial HTTP connection
  • Exponential backoff: baseDelay ×ばつ 2^attempt, capped at 30 seconds
  • Does NOT retry on user abort (context.Canceled), 4xx client errors, or mid-stream failures
  • Configurable via retry settings (maxRetries, baseDelay, maxDelay)
  • Agent forwards retry events as status updates visible in TUI and print mode
  • ACP mode also receives retry configuration

🐛 Bug Fixes

• Anthropic cache_control Now Opt-In

  • Changed default cache_control behavior to off (was auto-enabled for official API base URL)
  • Require explicit cacheControl: true in provider config to enable prompt caching
  • ACP provider creation explicitly enables cache_control for Anthropic

• Anthropic Tool Result Grouping

  • Fixed consecutive toolResult messages to be grouped into a single user message
  • Anthropic API requires all tool_result blocks for preceding tool_use to appear together before other content
  • Image blocks from tool results are now appended after all result blocks in the same message

• Agent Tool-Only Loop Warning Ordering

  • Moved the no-text tool-loop warning to be injected after tool results are appended
  • Keeps assistant -> toolResult -> warning message ordering valid for provider and session transcripts
  • Warning messages are now also persisted to session storage

📝 Docs

• Comprehensive Configuration Documentation Rewrite
  • Added missing settings: cacheControl, idle compression, full sandbox fields (bwrapPath, allowedRead, allowedWrite, deniedPaths, passEnv, tmpSize), shellPath, shellCommandPrefix, sessionDir, skillsDir, theme, retry
  • Documented shell command apiKey format (!cmd) for password manager integration
  • Fixed key resolution order: config apiKey first, then derived env var
  • Fixed macOS config path: ~/Library/Application Support/vibecoding/
  • Added top-level fields reference table with all defaults
  • Added per-platform defaults for sandbox paths and env vars
  • Improved examples with Claude provider cacheControl, idle compression, project-level overrides, and custom sandbox paths

🧪 Testing

• Added retry tests covering IsRetryable, RetryDelay, and FormatRetryMessage
• Added Anthropic provider tests for consecutive tool result grouping
• Added a regression test covering tool-only warning placement after tool results