chore(deps): update mise-tools

[renovate]

Note: This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence	Update
npm:@anthropic-ai/claude-code	2.0.71 → 2.1.2			minor
ubi:sst/opencode	1.0.164 → 1.1.8			minor

---

Release Notes

anthropics/claude-code (npm:@​anthropic-ai/claude-code)

v2.1.2

Compare Source

• Added source path metadata to images dragged onto the terminal, helping Claude understand where images originated
• Added clickable hyperlinks for file paths in tool output in terminals that support OSC 8 (like iTerm)
• Added support for Windows Package Manager (winget) installations with automatic detection and update instructions
• Added Shift+Tab keyboard shortcut in plan mode to quickly select "auto-accept edits" option
• Added FORCE_AUTOUPDATE_PLUGINS environment variable to allow plugin autoupdate even when the main auto-updater is disabled
• Added agent_type to SessionStart hook input, populated if --agent is specified
• Fixed a command injection vulnerability in bash command processing where malformed input could execute arbitrary commands
• Fixed a memory leak where tree-sitter parse trees were not being freed, causing WASM memory to grow unbounded over long sessions
• Fixed binary files (images, PDFs, etc.) being accidentally included in memory when using @include directives in CLAUDE.md files
• Fixed updates incorrectly claiming another installation is in progress
• Fixed crash when socket files exist in watched directories (defense-in-depth for EOPNOTSUPP errors)
• Fixed remote session URL and teleport being broken when using /tasks command
• Fixed MCP tool names being exposed in analytics events by sanitizing user-specific server configurations
• Improved Option-as-Meta hint on macOS to show terminal-specific instructions for native CSIu terminals like iTerm2, Kitty, and WezTerm
• Improved error message when pasting images over SSH to suggest using scp instead of the unhelpful clipboard shortcut hint
• Improved permission explainer to not flag routine dev workflows (git fetch/rebase, npm install, tests, PRs) as medium risk
• Changed large bash command outputs to be saved to disk instead of truncated, allowing Claude to read the full content
• Changed large tool outputs to be persisted to disk instead of truncated, providing full output access via file references
• Changed /plugins installed tab to unify plugins and MCPs with scope-based grouping
• Deprecated Windows managed settings path C:\ProgramData\ClaudeCode\managed-settings.json - administrators should migrate to C:\Program Files\ClaudeCode\managed-settings.json
• [SDK] Changed minimum zod peer dependency to ^4.0.0
• [VSCode] Fixed usage display not updating after manual compact

v2.1.1

Compare Source

v2.1.0

Compare Source

• Added automatic skill hot-reload - skills created or modified in ~/.claude/skills or .claude/skills are now immediately available without restarting the session
• Added support for running skills and slash commands in a forked sub-agent context using context: fork in skill frontmatter
• Added support for agent field in skills to specify agent type for execution
• Added language setting to configure Claude's response language (e.g., language: "japanese")
• Changed Shift+Enter to work out of the box in iTerm2, WezTerm, Ghostty, and Kitty without modifying terminal configs
• Added respectGitignore support in settings.json for per-project control over @​-mention file picker behavior
• Added IS_DEMO environment variable to hide email and organization from the UI, useful for streaming or recording sessions
• Fixed security issue where sensitive data (OAuth tokens, API keys, passwords) could be exposed in debug logs
• Fixed files and skills not being properly discovered when resuming sessions with -c or --resume
• Fixed pasted content being lost when replaying prompts from history using up arrow or Ctrl+R search
• Fixed Esc key with queued prompts to only move them to input without canceling the running task
• Reduced permission prompts for complex bash commands
• Fixed command search to prioritize exact and prefix matches on command names over fuzzy matches in descriptions
• Fixed PreToolUse hooks to allow updatedInput when returning ask permission decision, enabling hooks to act as middleware while still requesting user consent
• Fixed plugin path resolution for file-based marketplace sources
• Fixed LSP tool being incorrectly enabled when no LSP servers were configured
• Fixed background tasks failing with "git repository not found" error for repositories with dots in their names
• Fixed Claude in Chrome support for WSL environments
• Fixed Windows native installer silently failing when executable creation fails
• Improved CLI help output to display options and subcommands in alphabetical order for easier navigation
• Added wildcard pattern matching for Bash tool permissions using * at any position in rules (e.g., Bash(npm *), Bash(* install), Bash(git * main))
• Added unified Ctrl+B backgrounding for both bash commands and agents - pressing Ctrl+B now backgrounds all running foreground tasks simultaneously
• Added support for MCP list_changed notifications, allowing MCP servers to dynamically update their available tools, prompts, and resources without requiring reconnection
• Added /teleport and /remote-env slash commands for claude.ai subscribers, allowing them to resume and configure remote sessions
• Added support for disabling specific agents using Task(AgentName) syntax in settings.json permissions or the --disallowedTools CLI flag
• Added hooks support to agent frontmatter, allowing agents to define PreToolUse, PostToolUse, and Stop hooks scoped to the agent's lifecycle
• Added hooks support for skill and slash command frontmatter
• Added new Vim motions: ; and , to repeat f/F/t/T motions, y operator for yank with yy/Y, p/P for paste, text objects (iw, aw, iW, aW, i", a", i', a', i(, a(, i[, a[, i{, a{), >> and << for indent/dedent, and J to join lines
• Added /plan command shortcut to enable plan mode directly from the prompt
• Added slash command autocomplete support when / appears anywhere in input, not just at the beginning
• Added --tools flag support in interactive mode to restrict which built-in tools Claude can use during interactive sessions
• Added CLAUDE_CODE_FILE_READ_MAX_OUTPUT_TOKENS environment variable to override the default file read token limit
• Added support for once: true config for hooks
• Added support for YAML-style lists in frontmatter allowed-tools field for cleaner skill declarations
• Added support for prompt and agent hook types from plugins (previously only command hooks were supported)
• Added Cmd+V support for image paste in iTerm2 (maps to Ctrl+V)
• Added left/right arrow key navigation for cycling through tabs in dialogs
• Added real-time thinking block display in Ctrl+O transcript mode
• Added filepath to full output in background bash task details dialog
• Added Skills as a separate category in the context visualization
• Fixed OAuth token refresh not triggering when server reports token expired but local expiration check disagrees
• Fixed session persistence getting stuck after transient server errors by recovering from 409 conflicts when the entry was actually stored
• Fixed session resume failures caused by orphaned tool results during concurrent tool execution
• Fixed a race condition where stale OAuth tokens could be read from the keychain cache during concurrent token refresh attempts
• Fixed AWS Bedrock subagents not inheriting EU/APAC cross-region inference model configuration, causing 403 errors when IAM permissions are scoped to specific regions
• Fixed API context overflow when background tasks produce large output by truncating to 30K chars with file path reference
• Fixed a hang when reading FIFO files by skipping symlink resolution for special file types
• Fixed terminal keyboard mode not being reset on exit in Ghostty, iTerm2, Kitty, and WezTerm
• Fixed Alt+B and Alt+F (word navigation) not working in iTerm2, Ghostty, Kitty, and WezTerm
• Fixed ${CLAUDE_PLUGIN_ROOT} not being substituted in plugin allowed-tools frontmatter, which caused tools to incorrectly require approval
• Fixed files created by the Write tool using hardcoded 0o600 permissions instead of respecting the system umask
• Fixed commands with $() command substitution failing with parse errors
• Fixed multi-line bash commands with backslash continuations being incorrectly split and flagged for permissions
• Fixed bash command prefix extraction to correctly identify subcommands after global options (e.g., git -C /path log now correctly matches Bash(git log:*) rules)
• Fixed slash commands passed as CLI arguments (e.g., claude /context) not being executed properly
• Fixed pressing Enter after Tab-completing a slash command selecting a different command instead of submitting the completed one
• Fixed slash command argument hint flickering and inconsistent display when typing commands with arguments
• Fixed Claude sometimes redundantly invoking the Skill tool when running slash commands directly
• Fixed skill token estimates in /context to accurately reflect frontmatter-only loading
• Fixed subagents sometimes not inheriting the parent's model by default
• Fixed model picker showing incorrect selection for Bedrock/Vertex users using --model haiku
• Fixed duplicate Bash commands appearing in permission request option labels
• Fixed noisy output when background tasks complete - now shows clean completion message instead of raw output
• Fixed background task completion notifications to appear proactively with bullet point
• Fixed forked slash commands showing "AbortError" instead of "Interrupted" message when cancelled
• Fixed cursor disappearing after dismissing permission dialogs
• Fixed /hooks menu selecting wrong hook type when scrolling to a different option
• Fixed images in queued prompts showing as "[object Object]" when pressing Esc to cancel
• Fixed images being silently dropped when queueing messages while backgrounding a task
• Fixed large pasted images failing with "Image was too large" error
• Fixed extra blank lines in multiline prompts containing CJK characters (Japanese, Chinese, Korean)
• Fixed ultrathink keyword highlighting being applied to wrong characters when user prompt text wraps to multiple lines
• Fixed collapsed "Reading X files…" indicator incorrectly switching to past tense when thinking blocks appear mid-stream
• Fixed Bash read commands (like ls and cat) not being counted in collapsed read/search groups, causing groups to incorrectly show "Read 0 files"
• Fixed spinner token counter to properly accumulate tokens from subagents during execution
• Fixed memory leak in git diff parsing where sliced strings retained large parent strings
• Fixed race condition where LSP tool could return "no server available" during startup
• Fixed feedback submission hanging indefinitely when network requests timeout
• Fixed search mode in plugin discovery and log selector views exiting when pressing up arrow
• Fixed hook success message showing trailing colon when hook has no output
• Multiple optimizations to improve startup performance
• Improved terminal rendering performance when using native installer or Bun, especially for text with emoji, ANSI codes, and Unicode characters
• Improved performance when reading Jupyter notebooks with many cells
• Improved reliability for piped input like cat refactor.md | claude
• Improved reliability for AskQuestion tool
• Improved sed in-place edit commands to render as file edits with diff preview
• Improved Claude to automatically continue when response is cut off due to output token limit, instead of showing an error message
• Improved compaction reliability
• Improved subagents (Task tool) to continue working after permission denial, allowing them to try alternative approaches
• Improved skills to show progress while executing, displaying tool uses as they happen
• Improved skills from /skills/ directories to be visible in the slash command menu by default (opt-out with user-invocable: false in frontmatter)
• Improved skill suggestions to prioritize recently and frequently used skills
• Improved spinner feedback when waiting for the first response token
• Improved token count display in spinner to include tokens from background agents
• Improved incremental output for async agents to give the main thread more control and visibility
• Improved permission prompt UX with Tab hint moved to footer, cleaner Yes/No input labels with contextual placeholders
• Improved the Claude in Chrome notification with shortened help text and persistent display until dismissed
• Improved macOS screenshot paste reliability with TIFF format support
• Improved /stats output
• Updated Atlassian MCP integration to use a more reliable default configuration (streamable HTTP)
• Changed "Interrupted" message color from red to grey for a less alarming appearance
• Removed permission prompt when entering plan mode - users can now enter plan mode without approval
• Removed underline styling from image reference links
• [SDK] Changed minimum zod peer dependency to ^4.0.0
• [VSCode] Added currently selected model name to the context menu
• [VSCode] Added descriptive labels on auto-accept permission button (e.g., "Yes, allow npm for this project" instead of "Yes, and don't ask again")
• [VSCode] Fixed paragraph breaks not rendering in markdown content
• [VSCode] Fixed scrolling in the extension inadvertently scrolling the parent iframe
• [Windows] Fixed issue with improper rendering

v2.0.77

Compare Source

v2.0.76

Compare Source

v2.0.75

Compare Source

v2.0.74

Compare Source

• Added LSP (Language Server Protocol) tool for code intelligence features like go-to-definition, find references, and hover documentation
• Added /terminal-setup support for Kitty, Alacritty, Zed, and Warp terminals
• Added ctrl+t shortcut in /theme to toggle syntax highlighting on/off
• Added syntax highlighting info to theme picker
• Added guidance for macOS users when Alt shortcuts fail due to terminal configuration
• Fixed skill allowed-tools not being applied to tools invoked by the skill
• Fixed Opus 4.5 tip incorrectly showing when user was already using Opus
• Fixed a potential crash when syntax highlighting isn't initialized correctly
• Fixed visual bug in /plugins discover where list selection indicator showed while search box was focused
• Fixed macOS keyboard shortcuts to display 'opt' instead of 'alt'
• Improved /context command visualization with grouped skills and agents by source, slash commands, and sorted token count
• [Windows] Fixed issue with improper rendering
• [VSCode] Added gift tag pictogram for year-end promotion message

v2.0.73

Compare Source

• Added clickable [Image #N] links that open attached images in the default viewer
• Added alt-y yank-pop to cycle through kill ring history after ctrl-y yank
• Added search filtering to the plugin discover screen (type to filter by name, description, or marketplace)
• Added support for custom session IDs when forking sessions with --session-id combined with --resume or --continue and --fork-session
• Fixed slow input history cycling and race condition that could overwrite text after message submission
• Improved /theme command to open theme picker directly
• Improved theme picker UI
• Improved search UX across resume session, permissions, and plugins screens with a unified SearchBox component
• [VSCode] Added tab icon badges showing pending permissions (blue) and unread completions (orange)

v2.0.72

Compare Source

• Added Claude in Chrome (Beta) feature that works with the Chrome extension (https://claude.ai/chrome) to let you control your browser directly from Claude Code
• Reduced terminal flickering
• Added scannable QR code to mobile app tip for quick app downloads
• Added loading indicator when resuming conversations for better feedback
• Fixed /context command not respecting custom system prompts in non-interactive mode
• Fixed order of consecutive Ctrl+K lines when pasting with Ctrl+Y
• Improved @​ mention file suggestion speed (~3x faster in git repositories)
• Improved file suggestion performance in repos with .ignore or .rgignore files
• Improved settings validation errors to be more prominent
• Changed thinking toggle from Tab to Alt+T to avoid accidental triggers

sst/opencode (ubi:sst/opencode)

v1.1.8

Compare Source

Core

• Upgrade OpenTUI to v0.1.70
• Support multi-select questions
• Document cargofmt in docs (@​marc2332)

TUI

• Stop escape key propagation from dialogs
• Use full file path for fuzzy matching in autocomplete (@​bagatka)

Desktop

• Revert fix for opening external links in default browser
• Cache session-scoped stores and add optional context gating
• Incrementally render turns with markdown caching and lazy diff rendering
• Gate hydration side-effects and handoff while stores load
• Prefetch adjacent sessions in the app
• Implement chunked message loading and lazy diff loading for improved performance
• Fix project sidebar folder name display issue (@​0xajka)

Thank you to 4 community contributors:

• @​marc2332:
  • fix(docs): Document cargofmt (#​7383)
• @​bagatka:
  • fix(ui): use full file path for fuzzy matching in autocomplete (#​6705)
• @​0xajka:
  • Fix for #​7229 Fix/project sidebar folder name (#​7232)
• @​Anthuang:
  • feat(desktop): add Vesper theme (#​7331)

v1.1.7

Compare Source

Core

• Add kind, title, and rawInput fields to ACP tool_call_update events (@​noamzbr)
• Add help text to debug command and subcommands (@​assagman)
• Allow disabling .claude prompt and skills loading (@​freespace8)
• Add interactive question tool for gathering user preferences and clarifying instructions
• Fix issue with normal transform options conflicting with small model options when generating title
• Write truncated tool outputs to files
• Simplify task tool subagent filtering (@​malhashemi)
• Improved title generation to avoid repetitive "Analyzing..." prefixes
• Use correct authorization server URL for OAuth discovery in MCP (@​rscarvalho)
• Config precedence now correctly allows local config to override remote (@​elithrar)
• Update Homebrew formula for anomalyco tap

TUI

• Restore showDetails check removed in Permission rework (@​ryanwyler)
• Cleanly restore terminal state on fatal error exit (@​itsrainingmani)
• Improve responsive layout by hiding header and footer when sidebar is visible
• Simplified session settings management (@​maxstevens-nl)
• Remove unused imports and variables from header component
• Add overlay sidebar for narrow screens to improve mobile experience
• Add expandable bash output for long commands to improve readability
• Remove username visibility toggle and simplify user message metadata display in TUI
• Improve indentation and label clarity for TUI answer options
• Ensure forked message text is inserted in prompt when forking conversations (@​ariane-emory)
• Use selected foreground color for permission selection text (@​ariane-emory)
• Constrain autocomplete height to available screen space in TUI (@​Raviguntakala)
• Add selectedListItemText to orange themes for button text visibility (@​ThanhNguyxn)

Desktop

• Show custom models without valid release_date in web UI model selector (@​zerone0x)
• Open external links in default browser on desktop (@​athal7)

Thank you to 15 community contributors:

• @​elithrar:
  • fix: config precedence now correctly allows local config to override remote (#​7141)
• @​ThanhNguyxn:
  • fix(theme): add selectedListItemText to orng themes for button text visibility (#​7169)
• @​rscarvalho:
  • fix(mcp): use correct authorization server URL for OAuth discovery (#​7234)
• @​Raviguntakala:
  • fix(tui): constrain autocomplete height to available screen space (#​7181)
• @​malhashemi:
  • refactor: simplify task tool subagent filtering (#​7165)
• @​ariane-emory:
  • fix: use selectedForeground's computer colour (or theme's selectedForeground value) for the colour of text in permission selection (resolves #​7246) (#​7251)
  • fix(tui): ensure forked message text is inserted in prompt (resolves #​7257) (#​7259)
• @​athal7:
  • fix(desktop): open external links in default browser (#​7221)
• @​freespace8:
  • feat(flags): allow disabling .claude prompt and skills loading (#​7205)
• @​aaroniker:
  • feat: Polish dialog, popover shadows & borders, add missing provider logos (#​7326)
• @​assagman:
  • fix(cli): add help text to debug command and subcommands (#​7328)
• @​maxstevens-nl:
  • refactor: session settings simplification (#​7342)
• @​noamzbr:
  • fix: Add kind, title, rawInput to ACP tool_call_update events (#​7368)
• @​zerone0x:
  • fix(app): show custom models without valid release_date in web UI mod… (#​7349)
• @​itsrainingmani:
  • fix: cleanly restore terminal state on fatal error exit (#​7359)
• @​ryanwyler:
  • fix(tui): restore showDetails check removed in Permission rework (#​7285)

v1.1.6

Compare Source

Core

• Encode non-ASCII directory paths in HTTP headers (@​jwaterwater)
• Add truncation for all tools
• Make General SubAgent visible in agent list (@​dbpolito)
• Improve handling of unserializable errors
• Added ability to hide subagents from primary agent's system prompt (@​Sewer56)
• Add --use-system-ca flag in execArgv to support system certificate authorities
• Ensure commands listing subagent work

TUI

• Add theme functionality
• Reload theme when configuration changes
• Clear palette cache
• Add agent color to inline task tool ASCII character and highlight agent name (@​spoons-and-mirrors)
• Escape backticks when passing commands to PowerShell (@​NSPC911)
• Restore attach session lookup behavior in TUI (@​rmk40)

Desktop

• Fix pasting images when input is empty in desktop app (@​dbpolito)
• Bundle media framework in desktop application (@​Brendonovich)
• Fixed macOS application entitlements configuration (@​Brendonovich)
• Add audio input and camera permissions to entitlements (@​saeedvaziry)
• Bundle media framework in AppImage for desktop application (@​Brendonovich)
• Use Show instead of Suspense in desktop application (@​Brendonovich)
• Add UI package to desktop application (@​Brendonovich)
• Show window immediately during desktop startup (@​usvimal)
• Rework storage approach in app
• Fix session navigation with keyboard shortcuts
• Permission auto-accept should hide when not needed
• Improve terminal text selection visibility with better color contrast

Thank you to 11 community contributors:

• @​rmk40:
  • fix(tui): restore attach session lookup behavior (#​7150)
• @​NSPC911:
  • fix: escape backticks when passing to powershell (#​7157)
• @​Sewer56:
  • Added: Ability to hide subagents from primary agents system prompt. (#​4773)
• @​Brendonovich:
  • use custom tauri-cli on linux
  • desktop: use regular tauri cli again
  • desktop: use correct tauri-cli branch
  • try using forked tauri-cli again
  • add ui package to desktop
  • desktop: use Show instead of Suspense
  • desktop: appimage bundleMediaFramework
  • fix entitlements
  • desktop: go back to regular tauri cli
  • desktop: bundleMediaFramework
• @​spoons-and-mirrors:
  • add agent color to inline task tool ascii char and highlight agent name (#​7142)
• @​usvimal:
  • perf: show window immediately during desktop startup (#​6734)
• @​dbpolito:
  • Make General SubAgent not hidden (#​6752)
  • Desktop: Fix Paste image on empty input (#​7130)
• @​saeedvaziry:
  • Add audio input and camera permissions to entitlements (#​7117)
• @​shuv1337:
  • feat: add Night Owl theme (desktop) (#​7151)
• @​jwaterwater:
  • fix: encode non-ASCII directory paths in HTTP headers (#​7145)
• @​athal7:
  • fix(ui): prevent iOS Safari auto-zoom on input focus (#​7214)

v1.1.4

Compare Source

Core

• Add timeout to prevent hanging operations (@​spoons-and-mirrors)
• Add support for URL-based instructions (@​spoons-and-mirrors)
• Load OPENCODE_CONFIG_DIR AGENTS.md into the system prompt (@​ThomasGormley)
• Fix title generation for subtask-only messages to extract actual user prompts instead of generic tool execution descriptions
• Ensure 'name' isn't being sent in request body for custom agent
• Restore skill filtering by agent permissions (@​malhashemi)
• Add missing await for available skills in skill tool (@​mwolting)
• Prevent Java Language Server path checks from throwing errors (@​T1mn)
• Add automatic jp. prefix assignment for Tokyo region (ap-northeast-1) (@​ikeda-tomoya-swx)
• Polish documentation markdown wording and capitalization (@​T1mn)
• Filter dead worktrees in core functionality
• Handle cases where git is not available or initialized
• Upgrade OpenTUI to v0.1.69 with text rendering performance improvements

TUI

• Add frecency-based file autocomplete to CLI (@​galkatz373)
• Add keyboard shortcut 'c' to copy device code in OAuth flow (@​akinfelami)
• Fix sidebar title padding to prevent scrollbar edge case (@​ryanwyler)

Desktop

• Copy and paste in terminal was broken
• Fix desktop documentation
• Increase contrast in terminal text for better readability
• Add view button to open files from review sidebar (@​justrau)
• Open review sidebar when selecting file from picker (@​justrau)
• Add middle-click to close tabs in review sidebar (@​justrau)
• Improved web load performance through code splitting
• Improve scroll store performance in app
• Update Cargo.lock (@​Brendonovich)
• Add single-instance plugin to prevent multiple desktop windows (@​Junseo5)
• Make subtasks clickable in the task list (@​OpeOginni)

Thank you to 21 community contributors:

• @​OpeOginni:
  • Feat/clickable subtask (#​6846)
• @​T1mn:
  • docs: polish markdown wording and capitalization (#​7019)
  • docs: add Simplified Chinese README (#​7055)
  • fix: prevent jdtls path checks from throwing (#​7052)
• @​shanebishop1:
  • docs: fix order of permissions in agents docs (permissions subsection) (#​7041)
• @​xiliumz:
  • fix: use actual version in install script (#​7044)
• @​Junseo5:
  • fix(desktop): add single-instance plugin to prevent multiple windows (#​6966)
• @​Brendonovich:
  • update Cargo.lock
• @​Eric-Guo:
  • Fix(app): @​pierre/diffs will crash when a diff has undefined text (#​7059)
• @​justrau:
  • feat(app): add middle-click to close tabs in review sidebar (#​7094)
  • fix(app): open review sidebar when selecting file from picker (#​7096)
  • feat(app): add view button to open files from review sidebar (#​7095)
  • fix(app): open links in new tab or browser (#​7127)
• @​athal7:
  • docs(ecosystem): add opencode-devcontainers plugin (#​7100)
• @​ryanwyler:
  • fix: sidebar title padding to prevent scrollbar edge case (#​7089)
• @​ikeda-tomoya-swx:
  • fix(provider): add jp. prefix auto-assignment for Tokyo region (ap-northeast-1) (#​7053)
• @​akinfelami:
  • feat(tui): add 'c' shortcut to copy device code in OAuth flow (#​7020)
• @​mwolting:
  • fix: add missing await for available skills in skill tool (#​7072)
• @​malhashemi:
  • fix: restore skill filtering by agent permissions (#​7042)
• @​jerome-benoit:
  • fix(desktop): use current_binary() to support symlinked executables (#​7102)
• @​DamianB-BitFlipper:
  • docs: Expand keybinds documentation (#​7108)
• @​ThomasGormley:
  • load OPENCODE_CONFIG_DIR AGENTS.md into the system prompt (#​7115)
• @​galkatz373:
  • feat(cli): frecency file autocomplete (#​6603)
• @​spoons-and-mirrors:
  • feat: url based instructions (#​7125)
  • adding timeout (#​7128)
• @​mtymek:
  • docs: add OpenCode-Obsidian plugin (#​7129)
• @​dbpolito:
  • Desktop: Fix Big Messages (#​7133)

v1.1.3

Compare Source

Core

• Fixed terminal long-running processes in app
• Preserve permission config key order to maintain user-defined permission precedence
• Pass image parts to custom commands (@​melihmucuk)
• Add support for jp. prefix in Amazon Bedrock cross-region inference profiles (@​ikeda-tomoya-swx)
• Add configuration options and authentication precedence for Bedrock (@​wnkz)
• Transform agent improvements and optimizations
• Filter out empty messages and reasoning for Anthropic API compatibility

TUI

• Expand directory on Tab, select on Enter in TUI autocomplete (@​yuguorui)
• Update GitHub Actions examples to use actions/checkout@​v6 (@​joshuadavidthomas)
• Fix Lucent Orange background transparency for slash commands (@​roerohan)
• Add description for MCP command in documentation (@​cravenceiling)
• Add system theme resolution and event handling to TUI
• Improve experience when operations are interrupted

Desktop

• Store image attachments in the app
• Fix bottom padding in app interface
• Fixed terminal flakiness issues in the app
• Performance improvements through event batching in app
• Fix prompt input covering content in app
• Worktree selection now correctly navigates to the selected worktree
• Avoid unintended submits during IME composition (@​MogamiTsuchikawa)
• Highlight collapsed active project in sidebar (@​albingroen)
• Fix flicker and navigation issues when collapsing or expanding projects in the app (@​albingroen)
• Add CLI installation to desktop application (@​dbpolito)
• Fix image dragging in project edit dialog (@​albingroen)

Thank you to 10 community contributors:

• @​albingroen:
  • fix(app): fix image dragging in project edit dialog (#​6700)
  • fix(app): fix flicker and navigation when collapsing/expanding projects (#​6658)
  • feat(app): highlight collapsed active project in sidebar (#​6958)
• @​dbpolito:
  • Desktop: Install CLI (#​6526)
• @​MogamiTsuchikawa:
  • fix(app): avoid unintended submits during IME composition (#​6952)
• @​wnkz:
  • feat(bedrock): config options and authentication precedence (#​6377)
• @​cravenceiling:
  • docs: add description for MCP command (#​6944)
• @​roerohan:
  • fix: lucent-orng bg transparency for slash commands (#​6938)
• @​joshuadavidthomas:
  • docs: update GHA examples to use actions/checkout@v6 (#​6969)
• @​ikeda-tomoya-swx:
  • fix(provider): add support for jp. prefix in Amazon Bedrock cross-region inference profiles (#​6916)
• @​melihmucuk:
  • fix: pass image parts to custom commands (#​6525)
• @​yuguorui:
  • tui: autocomplete: expand directory on Tab, select on Enter (#​6975)

v1.1.2

Compare Source

Core

• Fix permission rule matching to use permission field instead of pattern field
• Fix permission evaluation to use rule-based matching instead of wildcard patterns
• Handle skill scan failures for .claude files gracefully
• Handle case where big-pickle is unavailable as a fallback
• Prevent main model thinking variant from applying to small model (@​melihmucuk)
• Increase default timeout to 30 seconds based on user feedback
• Add session search functionality with debounced input and server-side filtering
• Improve Rust formatter detection and add cargo fmt support

TUI

• Allow exit when viewing child session in TUI (@​rmk40)
• Fix symmetric padding in TUI input field
• Prevent session list rows from wrapping to two lines (@​rgodha24)
• Fix optional session access to prevent runtime errors in TUI

Desktop

• Implement auto-scroll for active command in slash popover (@​OpeOginni)
• Fix responsive menu in desktop application (@​dbpolito)
• Optimize model dialog visibility lookups (@​shkumbinhasani)
• Add home icon to responsive menu in desktop app (@​dbpolito)
• Add SVG preview support in session viewer (@​shuv1337)
• Add AppStream MetaInfo file for desktop application (@​NN708)
• Fix mobile screen size issues (@​carterworks)
• Fix custom slash commands not showing on initial / (@​Raviguntakala)
• Improved prompt input handling in the application

Thank you to 11 community contributors:

• @​melihmucuk:
  • fix: prevent main model thinking variant from applying to small model (#​6839)
• @​rgodha24:
  • fix: prevent session list rows from wrapping to 2 lines (#​6812)
• @​albingroen:
  • fix(ui): fix select chevron alignment (#​6690)
• @​Raviguntakala:
  • fix(app): fix custom slash commands not showing on initial / (#​6829)
• @​carterworks:
  • Fix a few mobile screen size issues (#​6808)
• @​NN708:
  • feat(desktop): add AppStream MetaInfo file (#​6030)
• @​shuv1337:
  • feat(app): add SVG preview support in session viewer (#​6868)
• @​dbpolito:
  • Desktop: Improve Big Session Navigation - Scrollable (#​6837)
  • Desktop: Adding Home Icon on Responsive Menu (#​6794)
  • Desktop: Fix Responsive Menu (#​6789)
• @​shkumbinhasani:
  • perf: optimize model dialog visibility lookups (#​6791)
• @​OpeOginni:
  • feat(desktop): implement auto-scroll for active command in slash popover (#​6797)
• @​rmk40:
  • fix(tui): allow exit when viewing child session (#​6898)

v1.1.1

Compare Source

This is a major change that overhauls the permissions system in OpenCode.

Tools Merged into Permission

The tools configuration has been deprecated and merged into the permission field. Previously, you could enable/disable tools like this:

{
  "tools": {
    "bash": true,
    "edit": false
  }
}

Now, this should be configured using permission:

{
  "permission": {
    "bash": "allow",
    "edit": "deny"
  }
}

The old tools config is still supported for backwards compatibility and will be automatically migrated to the permission system.

Granular Permissions with Object Syntax

Permissions now support granular control using an object syntax with pattern matching. When you specify a permission as an object, you can set different rules for different patterns:

{
  "permission": {
    "bash": {
      "npm *": "allow",
      "git *": "allow",
      "rm *": "deny",
      "*": "ask"
    },
    "edit": {
      "*.md": "allow",
      "*.ts": "ask",
      "*": "deny"
    }
  }
}

Each key in the object is a glob pattern that matches against the tool's input, and the value is the action to take:

• "allow" - automatically approve
• "deny" - automatically reject
• "ask" - prompt the user for approval

You can also set a blanket permission using a simple string:

{
  "permission": {
    "bash": "allow",
    "edit": "ask"
  }
}

Or set all permissions at once:

{
  "permission": "allow"
}

Breaking Changes for SDK Users

The permission events have changed significantly. The new PermissionNext module (permission/next.ts) has a different event structure compared to the old Permission module (permission/index.ts):

Old Event Structure (Permission.Event):

• Updated: { id, type, pattern, sessionID, messageID, callID, message, metadata, time }
• Replied: { sessionID, permissionID, response }

New Event Structure (PermissionNext.Event):

• Asked: { id, sessionID, permission, patterns, metadata, always, tool: { messageID, callID } }
• Replied: { sessionID, requestID, reply }

Key differences:

• Event name changed from permission.updated to permission.asked
• type renamed to permission
• pattern is now patterns (array of strings)
• message field removed
• response renamed to reply
• permissionID renamed to requestID
• New always field contains patterns that would be approved for future requests if user selects "always"

The reply values are the same: "once", "always", or "reject"

Server Changes

• New endpoint: POST /permission/:requestID/reply for responding to permission requests
• Old endpoint POST /session/:sessionID/permissions/:permissionID is now deprecated
• GET /permission now returns PermissionNext.Request[] instead of Permission.Info[]
• Added CORS whitelist support via server.cors config option
• Added Content-Type headers for proxied static assets
• mDNS service name now includes port for uniqueness

Other Changes

• Agent tools field is deprecated - use permission instead
• Agent maxSteps is deprecated - use steps instead
• Unknown agent properties are now collected into options
• Mode and plugin globs no longer search subdirectories (simplified to top-level only)

Core

• Add development scripts for better debugging workflow in TUI
• Ensure @​opencode-ai/plugin exists only on first run
• Add MCP resources support (@​paoloricciuti)
• Initialize config in worktree
• Prioritize free GPT-5-mini for small model in GitHub Copilot
• Remove hardcoded .env read block and use new permissions model instead
• Prevent duplicate plugin function initialization (@​ShpetimA)
• Update GitHub Copilot model priority list
• Add variant field to chat message input
• Update AGENTS.md documentation (@​aryasaatvik)
• Fixed dependency installation and git worktree branch creation
• Fixed an issue in the codebase
• Add sandbox support for git worktrees to allow working in multiple directories per project
• Add timeout to MCP client connection calls (@​RhysSullivan)
• Add per-project MCP config overrides (@​jknlsn)
• Improve root detection for Gradle multi-project builds in Kotlin language server (@​JBou)
• Improve plugin loading to handle builtin plugin failures gracefully
• Add reject message support to permission dialogs for better user feedback
• Wrap queued user messages with reminder to stay on track
• Add managed git worktrees
• Upgrade OpenTUI to v0.1.68 using GPA
• Add escape key handling to permission dialogs for better keyboard navigation
• Add TUI session selection API endpoint for navigation (@​code-yeongyu)
• Add Kotlin LSP integration (@​tjg184)
• Merge instructions arrays across config files instead of overriding them (@​elithrar)
• Add variant support for minimal mode
• Fix Cloudflare AI Gateway SDK chat undefined error (@​englishm)
• Handle NotFoundError for non-shared sessions in sync (@​Hona)
• Improve plugin loading to handle builtin plugin failures gracefully
• Update CI configuration
• Add reload functionality and improve lazy utility with reset capability
• Remove memory leak fixes documentation after implementation
• Fix memory leaks in session management and improve permission error handling
• Fix TUI permission tests for new evaluate function signature
• Improve permission error handling and evaluation logic in TUI
• Ignore
• Add assistant metadata to session export (@​dmmulroy)
• Ensure new permissions changes work for special case bash commands like rm, cd, etc
• Rework permission system
• Remove outdated Haiku filter for GitHub Copilot (@​alcpereira)
• Make install dependencies non-blocking
• Use --no-cache flag when behind proxy to prevent connection hangs
• Check for context overflow mid-turn in finish-step (@​aryasaatvik)
• Display error if invalid agent is used in a command (@​Leka74)
• Add Content-Type headers for proxied static assets (@​monotykamary)

TUI

• Add missing theme list keybind in TUI (@​aspiers)
• Handle duplicate PR creation when agent creates PR (@​elithrar)
• Fix system theme diff highlighting in TUI
• Add --variant flag to run command (@​shuv1337)
• Remove OpenRouter provider from priority list
• Make LSP status icon muted when no LSPs are active (@​itsrainingmani)
• Make MCP status icon muted when no MCP servers are enabled (@​itsrainingmani)
• Pass attach directory to SDK client in TUI (@​shuv1337)
• Handle actions/checkout v6 credential storage change (@​elithrar)
• Use Bun.sleep instead of Promise with setTimeout (@​edlsh)
• Add Osaka Jade theme (@​st-eez)
• Add heap snapshot option to system menu for debugging memory usage
• Fixed Windows fallback for "less" command in session list (@​itsrainingmani)
• Fix import command regex to properly handle file paths
• Fix stats command day calculation and time filtering

Desktop

• Fix scroll position restoration in app
• Don't override Ctrl+A on W

---

Configuration

📅 Schedule: Branch creation - "before 9am on monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.