Release v3.8.0#2111
Open
diegosouzapw wants to merge 224 commits into
Open
Conversation
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Integrated into release/v3.8.0
Add Linux certificate management via update-ca-certificates for Docker support. Skip sudo password validation when running as root, matching the existing cli-tools route behavior.
… identity contamination (#1989)
- Replace || "Unknown" fallbacks with || null in usage.ts (GLM + Claude legacy) - Add plan extraction to Claude OAuth mapTokens (account_tier > plan > subscription_type > billing.plan) - Add unit tests for plan extraction and Provider Limits badge resolution
The original fix replaced || "Unknown" with || null for GLM and Claude legacy (non-OAuth) paths. Per user clarification, "Unknown" is a valid display fallback when no plan data exists — null-based fallbacks caused the Provider Limits dashboard to show no badge rather than a clear "Unknown" indicator. Revert only the usage.ts changes. Claude OAuth mapTokens plan extraction (claude.ts) and the associated tests remain unchanged.
feat(combos): add reset-aware routing strategy
Turbopack resolveAlias (@/mitm/manager → manager.stub.ts) was designed
for build-time safety but Next.js applies aliases to ALL imports —
including dynamic ones. This caused await import("@/mitm/manager") at
runtime to load the stub, which silently returned fake {running: true}
without spawning the MITM proxy. The UI showed "MITM proxy started"
but nothing was actually running.
Fix introduces a two-path design:
- @/mitm/manager → stub (build-time, safe for Turbopack)
- @/mitm/manager.runtime → real manager (runtime, bypasses alias)
Route handlers now dynamic-import from manager.runtime, which
re-exports from ./manager and does NOT match the alias pattern.
Additional fixes:
- Make stub throw explicit errors at runtime so misconfiguration is
immediately visible instead of silently faking success
- Add server.cjs to outputFileTracingIncludes (NFT trace) and Dockerfile
COPY so the MITM server binary exists in standalone/Docker output
…tection (#2198) Integrated into release/v3.8.0 after syncing the contributor branch and validating tests/unit/reasoning-cache.test.ts locally.
…et 4.6 (#2197) Integrated into release/v3.8.0 after syncing the contributor branch and validating tests/unit/thinking-budget.test.ts locally.
…ignature (#2191) Integrated into release/v3.8.0 after syncing the contributor branch and validating tests/unit/translator-claude-helper-thinking.test.ts locally.
Integrated into release/v3.8.0 after syncing the contributor branch and validating tests/unit/stream-utils.test.ts locally.
#2189) Integrated into release/v3.8.0 after syncing the contributor branch and validating tests/unit/cliproxyapi-executor.test.ts locally.
Integrated into release/v3.8.0 after syncing the contributor branch, removing unrelated dependency churn, and validating executor/default URL coverage locally.
Integrated into release/v3.8.0 after syncing the contributor branch, removing unrelated workflow/docker/package-lock changes, and validating provider-scoped models coverage locally.
…2202) Integrated into release/v3.8.0 after syncing the contributor branch, removing unrelated workflow/docker/package-lock changes, tightening ModelScope 429 classification, and validating policy coverage locally.
Integrated into release/v3.8.0 after syncing the contributor branch, removing unrelated workflow/package-lock changes, and validating Command Code provider, auth, validation, and Responses coverage locally.
Merged into release/v3.8.0 — aligned workflow files and lockfile with release branch, fixed trailing space in WhatsApp URL. Thanks @rafacpti23!
Merged into release/v3.8.0. Minor electron-builder bump (26.9→26.10) with pnpm 11 support and AppImage fixes.
Merged into release/v3.8.0. Dev dependency updates: Playwright 1.60, lint-staged 17 (major — Node 22+ compatible), typescript-eslint, vitest, wait-on.
…1.2) Integrated into release/v3.8.0
Integrated into release/v3.8.0
Integrated into release/v3.8.0
…e-exposure) Integrated into release/v3.8.0
|
When is these release planned? |
Protect cloud agent task routes and model cooldown management endpoints with management-session auth and consistent CORS handling. Also align cloud agent API serialization with the dashboard, reuse the provider connection schema for CLI key storage, and accept active OAuth tokens when building virtual auto-combo candidates.
Centralize optional API key capability checks so dashboard forms and provider schemas share the same rules, including keyless Pollinations support and cloud-agent batch testing mode. Also align auto-combo config on `routerStrategy`, keep legacy combo reads compatible, preserve MCP routes as management APIs, narrow `require-login` public access to readonly/bootstrap flows, and make cloud-agent CORS reflect the request origin for credentialed requests.
Refresh the v3.8.0 documentation set across API, setup, Docker, environment, Fly.io, VM deployment, and troubleshooting guides. Document the updated budget payload, management-auth requirements, WebSocket bridge secret, Compose profiles, production deployment details, and expanded Node support. Also update the OpenAPI catalog, raise coverage thresholds to match the current baseline, and align cloud-agent task route typing and schemas with the stricter runtime behavior.
Refresh the documentation set for v3.8.0 with new guides covering authz, agent protocols, cloud agents, compliance, electron, evals, guardrails, memory, skills, stealth, tunnels, webhooks, and more. Add an auto-generated provider reference plus a `gen:provider-reference` script to keep provider catalog docs aligned with `src/shared/constants/providers.ts`.
Adds three automated drift-detection scripts under scripts/, plus npm helpers to run them, and applies small follow-ups to TERMUX, I18N, and CODEBASE docs flagged by the docs audit. New scripts (scripts/): - check-env-doc-sync.mjs — cross-checks process.env.X in code vs .env.example vs docs/ENVIRONMENT.md. Soft-fails by default; --strict exits 1 on drift. - check-docs-counts-sync.mjs — validates counts (executors, routing strategies, OAuth providers, A2A skills, cloud agents) match between code and docs. - check-deprecated-versions.mjs — flags hardcoded stale versions and "Last updated" dates older than 60 days. Uses hardcoded regexes to satisfy semgrep ReDoS guidance. package.json: - New scripts: check:env-doc-sync, check:docs-counts, check:deprecated-versions, check:docs-all (umbrella). Doc refinements: - TERMUX_GUIDE: spell out the Node version range required by package.json. - I18N: note that docs/i18n/in/ tree is an orphan duplicate of hi/ that the generator no longer writes to; replace hard-coded UNTRANSLATABLE_KEYS count with "varies per release". - CODEBASE_DOCUMENTATION: minor wording. Pre-commit hook is unchanged — the new checks are heuristic and ship as on-demand npm scripts to avoid false-positive blocks. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
|
|
||
| function escapeCell(value: string | undefined): string { | ||
| if (!value) return "—"; | ||
| return value.replace(/\|/g, "\\|").replace(/\n/g, " "); |
REPOSITORY_MAP.md (new, ~26 KB) documents every directory and root file with one-line descriptions so newcomers can navigate the tree without opening files. Covers src/, open-sse/, electron/, bin/, scripts/, docs/, tests/, .github/, .husky/, .claude/, .agents/, and the underscore-prefixed out-of-tree directories. README.md (was ~100 KB / 1876 lines) is rewritten as a sales-focused landing of ~22 KB / 482 lines: - Updated SEO/JSON-LD/FAQ to v3.8.0 (was 3.7.8) with correct counts (177 providers, 14 strategies, 37 MCP tools, 14 OAuth, 9-factor Auto-Combo). - Trimmed long FAQ/Troubleshooting/Compression Math/Docker prose in favor of links to the dedicated docs. - Added "What's new in v3.8.0" section + competitive comparison table. - Added a categorized Documentation index covering all 44 docs in docs/. - Kept screenshots, quick start, providers summary, compatibility tables, multi-platform install table, use-cases at a glance, i18n strip, community + security blocks. The CHANGELOG, deep technical guides, and per-area references stay where they belong — under docs/. The README is now a marketing page that points to them. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
[3.8.0] — 2026-05-06
✨ New Features
maxOutputTokenscalculation, identity fingerprinting overhaul, and Cloud Code envelope payload sanitization (fix(antigravity): align identity protocol and fix streaming duplex #2055, fix(sse): send Antigravity Claude requests as Gemini schema #2063)omniroute providers,omniroute combos,omniroute doctor(feat(cli): Comprehensive CLI Enhancement Suite - 20+ new commands #2074)fallbackDelayMsto combo configuration and related settingsSTREAM_READINESS_TIMEOUT_MSand integrate into chat handlingtargetFormat: openai-responsesto all GitHub models (feat(github): add targetFormat openai-responses to all GitHub models #2122)buildComboCatalogMetadata()inlines contextLength, strategy, and target count for combo entries (Add metadata aggregation for combo models in /v1/models #2166 — thanks @faisalill)auto/prefix — dynamic virtual combo from connected providers with 6 variant profiles (coding, fast, cheap, offline, smart, lkgp), analytics tab, and settings UI (feat(auto): complete zero-config auto-routing with dashboard, settings, analytics, docs #2131 — thanks @oyi77)useUpstream429BreakerHintstoggle — per-provider default policy for upstream 429 hint trust at the circuit-breaker cooldown layer with tri-state PATCH semantics (feat(resilience): useUpstream429BreakerHints toggle (#2100 follow-up to #2116) #2133 — thanks @eleata)CHAT_LOG_TEXT_LIMIT,CHAT_LOG_ARRAY_TAIL_ITEMS,CHAT_LOG_MAX_DEPTH,CHAT_LOG_MAX_OBJECT_KEYS) andCHAT_DEBUG_FILEmode for untruncated JSON payloads (fix: Added in debug mode, support for storing raw data in json #2156 — thanks @bypanghu)background: trueto synchronous execution with a warning instead of throwingunsupportedFeature(feat(responses): degrade background mode to synchronous execution #2164 — thanks @Yosee11)🐛 Bug Fixes
getPricingForModelfully case-insensitive to ensure custom prices correctly reflect in new incoming requests cost calculationsfunctionDeclarationsfrom being dropped by the sanitizer whengoogleSearchtool is present ([BUG] gemini cannot call tool use #2077)jsonMode: trueflag in the request transformation to enforce correct JSON structure from Pollinations API ([BUG] pollination AI #2109)/docsdirectory during build ensuring API catalog availability at runtime ([BUG] API catalog unavailable and Error Loading Documentation #2083)auto/*model prefix (fix: add fuzzy auto-combo routing for 'auto/*' model prefix #2010)/dashboard/onboardingas PUBLIC to unblock setup wizard (fix(authz): classify /dashboard/onboarding as PUBLIC to unblock setup wizard #2127)auto/prefix modelsbody.systemin openai→claude translator when Claude Code sends native Anthropic system array through /chat/completions — fixes v3.7.9 regression where system prompt was silently dropped, triggering Anthropic 429 ([BUG] v3.7.9 regression: system prompt missing for Claude Code OAuth on Linux, triggers Anthropic 429 #2130)reasoning_contenton assistant messages withtool_callsorfunction_call— fixes Kimi and other thinking-enabled providers returning 400 errors when reasoning_content was incorrectly stripped (fix(sanitizer): preserve reasoning_content on assistant messages with tool_calls #2140 — thanks @DavyMassoneto)context_lengthviagetTokenLimit()fallback chain — prevents OpenCode and other clients from falling back to conservative ~4000 token limit (fix(catalog): ensure individual models get context_length via getTokenLimit fallback #2136 — thanks @herjarsa).dockerignoreso API catalog documentation is available at runtime inside containers (fix: remove docs from .dockerignore #2120 #2137, [BUG] openapi.yaml file missing when building docker #2120 — thanks @hartmark)anytype elimination across 8 core files —antigravity.ts,accountFallback.ts,usage.ts,geminiHelper.ts,error.ts,apiKeys.ts,settings.ts,logger.ts(fix: remove docs from .dockerignore #2120 #2137 — thanks @hartmark)CLOUD_AGENT_PROVIDERSdeclaration, move Kiro dash→dot Claude model aliases toPROVIDER_MODEL_ALIASES, and trim deprecated Kiro registry entries (fix: remove duplicate cloud agent provider constants #2141 — thanks @backryun)/v1/modelsfor health when CPA 6.x has no/healthendpoint (fix(cliproxyapi): probe /v1/models for health (CPA 6.x has no /health) #2189 — thanks @Brkic-Nikola)/v1/messages, strip Capy extras, and round-tripmcp_*tool name rewrites toMcp_*(fix(cliproxyapi): Anthropic-shape body routing and gate compatibility #2165 — thanks @Brkic-Nikola)[DONE]terminator for Claude SSE clients (fix(stream): skip [DONE] terminator for Claude SSE clients #2190 — thanks @Brkic-Nikola)datafield onredacted_thinking, drop bogus signature (fix(claudeHelper): emit data field on redacted_thinking, drop bogus signature #2191 — thanks @Brkic-Nikola)body.toolsis omitted but message history containstool_calls, preventing 400 errors from Claude Code and OpenCode (fix(kiro): synthesize tools schema when history references tool_calls without body.tools #2149 — thanks @Gioxaa)classify429FromErrorto prevent premature account deactivation (fix(kiro): avoid treating high-traffic 429s as quota exhaustion #2153 — thanks @Gioxaa)includearray (e.g.reasoning.encrypted_content) during Chat→Responses API translation, fixing broken thinking panel in Codex/OpenCode (fix(openai-responses): propagate include so chat clients stream reasoning summaries #2154 — thanks @Gioxaa)delta.reasoning_content(flat) instead ofdelta.reasoning.summary(nested) for Chat Completions client compatibility (fix(openai-responses): emit reasoning summary as delta.reasoning_content #2159 — thanks @Gioxaa)cloudflaredTunnel.ts(fix: Added in debug mode, support for storing raw data in json #2156 — thanks @bypanghu)🔒 Security
📝 Documentation
GITLAB_DUO_OAUTH_CLIENT_IDto.env.example(docs(env): add GITLAB_DUO_OAUTH_CLIENT_ID to .env.example #2031)🔧 Improvements
sanitizeReasoningEffortForProvider()hook inBaseExecutor.execute()— downgradesxhigh→highfor unsupporting providers, strips effort for mistral/devstral and github claude models (fix(executors): sanitize reasoning_effort for non-supporting providers #2162 — thanks @hachimed)targetFormat === FORMATS.CLAUDEbodies (fix(translator): inject thinking placeholder for all Claude-shape upstreams #2161 — thanks @johndoe-oss).tsextension imports, eliminate allas anycasts, addCustomModelEntryinterface andComboModelSteptype predicate, normalize alias resolution withresolveCanonicalProviderId()(refactor(catalog): remove .ts imports, as any casts, normalize alias resolution #2152 — thanks @herjarsa)useUpstream429BreakerHintstri-state PATCH field —true/falsepersists,nullresets to undefined (omitted from JSON) (feat(resilience): expose model cooldown list with manual re-enable #2146 tests — thanks @rafacpti23)🧹 Chores & Maintenance
@lobehub/iconsweb fonts (chore(providers): prune redundant provider icon assets #1992)contextLengthandmaxOutputTokensfor claude, kiro, github, kimi-coding, xiaomi-mimo, codex/gpt-5.5 models (chore(registry): refresh per-model contextLength/maxOutputTokens for active providers #2163 — thanks @brucevoin)gpt-4omodel ID, update OpenCode Zen model (chore(models): tidy up alibaba-coding-plan and cursor provider #2150 — thanks @backryun)gray-matterfrom devDependencies to dependencies (runtime requirement) (fix: Added in debug mode, support for storing raw data in json #2156 — thanks @bypanghu)fast-urifrom 3.1.0 to 3.1.2 (deps: bump fast-uri from 3.1.0 to 3.1.2 #2078)honofrom 4.12.14 to 4.12.18 (deps: bump hono from 4.12.14 to 4.12.18 #2065, deps: bump hono from 4.12.14 to 4.12.18 #2079)electron-builderfrom 26.9.1 to 26.10.0 (deps: bump electron-builder from 26.9.1 to 26.10.0 in /electron #2183)🏆 v3.8.0 Community Contributors
Thank you to all 50+ community contributors who made v3.8.0 possible! 🎉