v1.61.0

This is a maintenance release that updates documentation for the previous version.

Technical Changes

• Updates CHANGELOG.md with release notes for v1.60.0

---

What's Changed

• docs: update CHANGELOG.md for v1.60.0 by @docker-read-write[bot] in #2817

Full Changelog: v1.60.0...v1.61.0

v1.60.0

This release adds agent switching commands, MCP server discovery capabilities, and runtime model switching, along with UI improvements and stability fixes.

What's New

• Adds slash commands for agent switching (e.g., /plan to hand off to planner agent)
• Adds MCP catalog toolset for on-demand discovery and activation of remote MCP servers
• Adds runtime model switching with GET/PATCH/POST endpoints for changing models during sessions
• Adds sampling/createMessage support for MCP servers to use the host's LLM
• Adds identity headers (X-Docker-Agent-Version, X-Docker-Desktop-Version) to built-in tool requests

Improvements

• Renders user pasted content in TUI and collapses large pasted file contents (over 30 lines) into toggleable view
• Routes mouse-wheel events to background dialogs instead of falling through to chat area
• Uses Claude Sonnet 4.6 as default model in Anthropic provider
• Switches to non-preview Gemini model
• Adds configurable thinking expansion in user config

Bug Fixes

• Fixes evaluation builds with legacy Docker builder by using printf instead of heredoc for /run.sh
• Fixes crash prevention by explicitly sending tool_choice=auto in OpenAI requests with tools
• Fixes Desktop version lookup to be TTL-based and context-independent
• Fixes command resolution before agent switching to prevent lookup failures
• Fixes concurrent access issues by using thread-safe methods and improving snapshot isolation

Technical Changes

• Refactors toolset creation into individual packages with standardized naming
• Improves concurrent package with thread-safe methods and uses it across multiple components
• Centralizes context-limit resolution in runtime
• Moves concurrency deduplication from trigger to review workflow in CI
• Updates example configuration to use xai/grok-2-latest model

---

What's Changed

• fix(evals): build /run.sh with printf so legacy builder works by @hamza-jeddad in #2779
• bump github.com/coder/acp-go-sdk from v0.12.2 to v0.13.0 by @dgageot in #2782
• docs: update CHANGELOG.md for v1.59.0 by @docker-read-write[bot] in #2783
• route mouse-wheel events to background dialogs by @dgageot in #2787
• Use a non preview gemini model by @dgageot in #2785
• Use sonnet 4.6 as default in anthropic by @rumpl in #2786
• feat(tui): show user pasted content by @joshbarrington in #2784
• ci: move concurrency dedup from trigger to review workflow by @dgageot in #2789
• docs(site): make the docs site feel like part of Docker, and explain what Docker Agent is by @dgageot in #2793
• Expand thinking configuration by @rumpl in #2802
• fix(examples): use xai/grok-2-latest in grok.yaml by @dgageot in #2806
• bump direct go dependencies by @dgageot in #2803
• feat: add X-Docker-Agent-Version and X-Docker-Desktop-Version headers to built-in tools by @dgageot in #2795
• Improve concurrent package by @dgageot in #2810
• bump direct go dependencies by @dgageot in #2811
• feat(mcp): add sampling/createMessage support by @dgageot in #2815
• fix(runtime): use provider_opts.context_size for compaction by @dgageot in #2814
• fix(openai): explicitly send tool_choice=auto when tools are provided by @dgageot in #2813
• Better tool registry by @dgageot in #2807
• feat(api): accept model overrides on session creation and add runtime model switching endpoints by @dgageot in #2791
• feat: add mcp_catalog toolset for on-demand MCP server discovery by @dgageot in #2794
• feat: add slash commands for agent switching by @dgageot in #2790

Full Changelog: v1.59.0...v1.60.0

v1.59.0

This release adds XML tool call parsing for better model compatibility, performance improvements for TUI rendering, and enhanced remote runtime capabilities.

What's New

• Adds XML tool call fallback parsing for models that return <tool_call>...</tool_call> text instead of using OpenAI function-calling API
• Adds fd:// scheme support to server.Listen for parent process socket passing
• Adds per-code-block copy affordance with clickable copy glyphs in TUI
• Adds session persistence and resumption for A2A (agent-to-agent) interactions using SQLite
• Adds comprehensive remote runtime API with SSE event streaming, session management, and graceful degradation

Improvements

• Improves TUI rendering performance with cached output, targeted invalidation, and incremental markdown rendering
• Improves ACP support with session management, event handling, and structured error codes
• Preserves user input across tab switches in TUI dialogs

Bug Fixes

• Fixes crash during tool auto-install by adding panic recovery
• Fixes SSE stream cancellation and IPv6 address binding issues
• Fixes Vertex AI Model Garden provider capability lookups by rewriting provider to publisher mapping

Technical Changes

• Replaces internal secretsscan with github.com/docker/portcullis library
• Centralizes modelsdev.Store creation via RuntimeConfig with lazy initialization
• Merges modelcaps into modelinfo and introduces strongly-typed modelsdev.ID
• Refactors event handling to use EventSink interface instead of channel threading
• Removes experimental send, watch, and proto subcommands

---

What's Changed

• docs: update CHANGELOG.md for v1.58.0 by @docker-read-write[bot] in #2745
• feat: add fd:// scheme support to server.Listen by @dgageot in #2744
• refactor: replace internal secretsscan with github.com/docker/portcullis by @dgageot in #2747
• refactor: centralize modelsdev.Store creation and inject via RuntimeConfig by @dgageot in #2746
• docs: Docker-branded redesign with dark-mode-first theme and improved homepage by @dgageot in #2750
• feat(modelsdev): add WithCache option to override cache file path by @rumpl in #2753
• feat: wire TUI/CLI to emit Document parts and render attachments by @simonferquel-clanker in #2751
• fix: avoid sub-agent terminology in skill instructions to prevent transfer_task confusion by @dgageot in #2748
• refactor: merge modelcaps into modelinfo and simplify by @dgageot in #2755
• refactor: simplify RuntimeConfig by removing dead field and caching env provider by @dgageot in #2754
• refactor: extract loopState struct to bundle runTurn parameters by @dgageot in #2759
• feat: add docs preview workflow for PRs by @dgageot in #2752
• feat(runtime): remote runtime with full TUI parity and production readiness by @dgageot in #2749
• feat(a2a): allow session to be resumed interactively by @maxcleme in #2762
• feat: improve TUI control plane API for external consumers by @dgageot in #2757
• perf: TUI rendering performance improvements by @dgageot in #2756
• drop send, watch and proto subcommands by @dgageot in #2763
• xml fallback for llama.cpp models by @areebahmeddd in #2732
• refactor: replace chan Event threading with EventSink interface by @dgageot in #2760
• Improve ACP support: session management, event handling, and code simplification by @dgageot in #2758
• refactor: introduce modelsdev.ID for provider-qualified model identity by @dgageot in #2766
• fix(toolinstall): recover from panics during auto-install by @dgageot in #2768
• fix: rewrite Vertex AI Model Garden provider to publisher for capability lookups by @dgageot in #2767
• bump direct go dependencies by @dgageot in #2771
• Fix linter by @dgageot in #2772
• fix(tui): preserve user_prompt input across tab switches by @dgageot in #2774
• perf(tui): make streaming chunk rendering linear by @dgageot in #2773
• fix: two TUI control-plane bugs (SSE cancel, IPv6 listen) by @dgageot in #2775
• set working dir properly by @krissetto in #2777
• feat(tui): add per-code-block copy affordance by @rumpl in #2778

New Contributors

• @areebahmeddd made their first contribution in #2732

Full Changelog: v1.58.0...v1.59.0

v1.58.0

This release adds external TUI control capabilities, HTTP POST hooks, and several security hardening improvements.

What's New

• Adds http_post builtin hook for making HTTP POST requests from agent workflows
• Adds --listen flag to run command to expose the running TUI for external control
• Adds send subcommand to drive a live TUI session from external processes
• Adds watch subcommand to stream events from a running TUI
• Adds --on-event hooks to observe arbitrary events during runs
• Adds --attach flag to serve mcp command to expose running TUI via MCP
• Adds newline-delimited JSON protocol over stdio for external communication
• Adds discovery files for live runs in run registry
• Adds bump-config-version skill for configuration management

Bug Fixes

• Fixes filesystem tool path expansion for ~ (home directory) in file paths
• Fixes model ID handling to use fully-qualified provider/model identifiers for capability lookups
• Fixes Nebius example to use available Kimi-K2.5 model instead of deprecated Kimi-K2-Instruct
• Fixes dry-run mode to work properly before contacting remote servers
• Fixes request context propagation in echo logging
• Fixes run registry permissions and session lifecycle cleanup

Improvements

• Makes max_iterations builtin stateless by using runtime's existing iteration counter
• Hardens http_post hook with SSRF-safe client, scheme validation, and request logging
• Consolidates home directory path expansion across the codebase
• Shows current git branch when working in a repository
• Unifies local and remote run dispatch through shared backend interface

Technical Changes

• Refactors snapshot handling into dedicated SnapshotController separate from runtime
• Refactors unload builtin to be pure and runtime-agnostic
• Promotes model switching and tools change subscription onto Runtime interface
• Adds security hardening for secrets provider, archive extraction, OAuth HTTP client, and shell tool
• Enables gosec linter for file permission validation
• Updates Go to version 1.26.3
• Adds migration content pinning to enforce append-only database schema changes

---

What's Changed

• docs: update CHANGELOG.md for v1.57.0 by @docker-read-write[bot] in #2703
• fix: expand ~ in filesystem tool paths by @dgageot in #2704
• feat(hooks): add http_post builtin by @dgageot in #2705
• fix: use available Kimi-K2.5 model in nebius example by @dgageot in #2711
• fix: make max_iterations builtin stateless (#2698) by @dgageot in #2708
• update PR reviewer to 1.5.1 by @derekmisler in #2717
• Show the current git branch when in a repo by @rumpl in #2721
• Consolidate home directory path expansion by @rumpl in #2720
• Change the default models for the golang dev by @rumpl in #2718
• Change the app name in otel to docker-agent by @rumpl in #2719
• bump direct go dependencies by @dgageot in #2709
• bump go to 1.26.3 by @dgageot in #2712
• feat: let external processes drive a running TUI by @dgageot in #2714
• security: five defense-in-depth fixes (secrets, archives, oauth, shell tool, request logs) by @dgageot in #2713
• refactor(run): unify local/remote dispatch via Backend (10 baby steps) by @dgageot in #2715
• refactor: extract SnapshotController so the runtime no longer brokers /undo by @dgageot in #2707
• add bump-config-version skill by @dgageot in #2729
• ci: enable gosec linter by @dgageot in #2730
• test(session): pin migration catalogue content (append-only enforcement) by @dgageot in #2727
• fix(toolinstall): route the registry client through httpclient.NewSafeClient by @dgageot in #2726
• Fix broken test on main by @dgageot in #2735
• Add alias by @dgageot in #2736
• ci: lint workflow invariants actionlint misses (concurrency, SHA pinning, payload deny-list) by @dgageot in #2725
• refactor(run-control): unify target resolution and SSE handling by @dgageot in #2731
• refactor(hooks): make the unload on_agent_switch builtin pure by @dgageot in #2706
• chore: bump direct Go dependencies by @dgageot in #2742
• remote-runtime: close silent gaps, consolidate Runtime, scaffold wire (10 baby steps) by @dgageot in #2723
• fix: pass fully-qualified provider/model ID to modelcaps.Load by @simonferquel-clanker in #2738

Full Changelog: v1.57.0...v1.58.0

v1.57.0

This release improves markdown rendering performance, adds agent switching capabilities, and enhances secret redaction with better error handling.

What's New

• Adds unload on_agent_switch builtin hook for releasing model resources when switching between agents

Improvements

• Speeds up and simplifies markdown fast renderer for better performance
• Trims builtin tool schemas to save tokens in LLM requests
• Tightens Docker PAT redaction and adds organization access tokens support
• Adds more vendor-prefixed secret patterns for improved security scanning

Bug Fixes

• Fixes retry handling for Vertex AI 'function response parts' 400 errors that occur intermittently
• Restores styles on continuation lines of broken words in markdown rendering
• Fixes H1 prefix and ANSI style handling in wrapText functionality
• Defensively lowercases transient patterns in model error handling
• Caps quantifiers on new secret rules to prevent adjacent text being incorrectly redacted

Technical Changes

• Adopts new rubocop-go DSL across all linting cops for better code organization
• Uses slog.WarnContext where context is available for improved logging
• Drains unload response body and documents single-tenant assumption

---

What's Changed

• docs: update CHANGELOG.md for v1.56.0 by @docker-read-write[bot] in #2695
• Make the FastMarkdown renderer simpler and faster by @dgageot in #2686
• refactor(lint): adopt new rubocop-go DSL across all cops by @dgageot in #2687
• fix: retry transient Vertex AI 'function response parts' 400 errors by @dgageot in #2691
• shrink builtin tool schemas to save tokens by @dgageot in #2694
• feat: add unload on_agent_switch builtin hook by @dgageot in #2684
• secretsscan: tighten Docker PAT, add new vendor patterns, cap quantifiers by @dgageot in #2697

Full Changelog: v1.56.0...v1.57.0

v1.56.0

This release adds snapshot management capabilities and expands secret detection with 20 new patterns.

What's New

• Adds /snapshots command to list and restore captured snapshots from the current session
• Adds 20 new secret detection patterns including Discord bot tokens, Telegram bot tokens, Fly.io macaroons, Groq API keys, Perplexity API keys, and xAI/Grok API keys

Technical Changes

• Freezes config v8 and starts v9 as the latest configuration schema version
• Moves non-migration config tests to pkg/config for better organization
• Updates logging to use slog.WarnContext when a context is in scope
• Simplifies snapshot plumbing implementation

---

What's Changed

• freeze config v8 and start v9 as latest by @dgageot in #2688
• docs: update CHANGELOG.md for v1.55.0 by @docker-read-write[bot] in #2689
• feat(tui): add /snapshots command to list and restore captured snapshots by @dgageot in #2690
• feat(secretsscan): add 20 more secret patterns by @dgageot in #2692
• move non-migration config tests to pkg/config by @dgageot in #2693

Full Changelog: v1.55.0...v1.56.0

v1.55.0

This release introduces significant security hardening, attachment system foundations, and enhanced configuration capabilities.

What's New

• Adds HCL configuration format support as an alternative to YAML for agent configurations
• Adds /pause command to toggle the runtime loop at iteration boundaries
• Adds turn_end hook that fires once per turn regardless of how the turn ended
• Adds shadow snapshots and /undo command for restoring file changes without modifying session transcript
• Adds Anthropic Workload Identity Federation support for OIDC-derived authentication
• Adds attachment system foundations with chat.Document and per-provider document conversion
• Adds JavaScript/WebAssembly browser build with OpenRouter PKCE support
• Adds custom request headers support for the fetch toolset with environment variable expansion
• Adds allow/deny lists for filesystem toolset to sandbox file access
• Adds wildcard and CIDR pattern support in fetch toolset domain filtering
• Adds input-shape repair layer for tool calls to handle common model mistakes
• Adds MCP embedded resource content type support
• Adds --hook-stop CLI flag for the existing stop event
• Adds --tool-name flag to override MCP tool identifier
• Adds --mcp-keepalive flag for MCP server connections

Improvements

• Expands secret detection with additional patterns for OpenAI, Anthropic, Google, Stripe, Notion, GitLab, Vault, and Slack tokens
• Speeds up secret redaction with aho-corasick keyword pre-filter
• Improves markdown rendering performance with single-pass URL scanner optimizations
• Enhances session ID and install UUID forwarding on gateway-bound requests for better tracing
• Pauses animation ticks while terminal is blurred to reduce CPU usage
• Propagates non-interactive mode to child sessions and declines elicitation automatically

Bug Fixes

• Fixes crash on startup when configuration file is empty
• Fixes environment variable race in script shell tool execution
• Fixes data races on session token and message writes
• Fixes lifecycle supervisor state race condition
• Fixes infinite loop on hash-prefixed paragraphs in markdown renderer
• Fixes tab switching and chat scroll functionality while prompts are open
• Fixes compaction kept-tail mapping after prior summaries
• Fixes IPv4-mapped IPv6 SSRF bypass in fetch domain matcher
• Fixes finish_reason stop when tracking usage in OpenAI streams
• Fixes comment-only SSE events that crash openai-go client

Technical Changes

• Replaces mise with go-task as the project task runner
• Splits builtin tools into individual sub-packages for better organization
• Centralizes model-specific behavior in pkg/modelinfo package
• Tightens file and directory permissions for per-user data to 0o700/0o600
• Adds contextual logging throughout codebase for better trace correlation
• Adds 7 new architectural-sync linting cops that caught 10 real bugs
• Hardens OAuth with constant-time state comparison and SSRF protection
• Blocks non-public IPs in API and OpenAPI tools by default
• Updates jose2go to v1.7.0 to address security vulnerabilities
• Bumps various Go dependencies including Anthropic SDK, Docker CLI, and OpenTelemetry packages

---

What's Changed

• docs: document toon and per-toolset model routing by @dgageot in #2587
• Bump direct Go dependencies by @dgageot in #2586
• docs: update CHANGELOG.md for v1.54.0 by @docker-read-write[bot] in #2588
• Finish secret redaction by @dgageot in #2589
• simplify pkg/hooks: drop unused EventSpec abstraction by @dgageot in #2591
• lint: add 7 architectural-sync cops (catches 10 real bugs) by @dgageot in #2593
• Add turn_end hook by @rumpl in #2592
• Bump direct Go dependencies by @dgageot in #2597
• update PR review workflow with fork-supporting trigger by @derekmisler in #2596
• Use the latest rubocop-go by @dgageot in #2594
• Bump direct Go dependencies by @dgageot in #2599
• docs: fix outdated content and document missing commands by @dgageot in #2600
• Handle case when session started with Docker Desktop proxy available, and the Desktop is stopped by @gtardif in #2606
• Add /pause command to toggle the runtime loop by @dgageot in #2605
• harden docker agent serve api: warn on non-loopback, fix runtime race, block SSRF by @dgageot in #2604
• Support HCL as an alternative agent config format by @dgageot in #2598
• fetch: support wildcard and CIDR patterns in domain allow/deny lists by @dgageot in #2602
• Add detection rules for more secret formats by @dgageot in #2603
• docs: refresh outdated examples, missing env vars, and CLI options by @dgageot in #2610
• feat(hooks): expose stop hook via CLI by @tdabasinskas in #2627
• fix(session): close data races on session token and message writes by @tdabasinskas in #2622
• fix(lifecycle): order state transition before waking restart waiters by @tdabasinskas in #2621
• fix(security): bump jose2go to v1.7.0 (GO-2025-4123, GO-2023-2409) by @tdabasinskas in #2619
• fix(runtime): add OpenTelemetry tracer to runtime initialization by @tdabasinskas in #2505
• fix(tools): prevent environment variable race in script shell tool by @tdabasinskas in #2616
• feat(mcp): add support for embedded resource content type by @tdabasinskas in #2612
• docs: fix outdated and incorrect references by @dgageot in #2618
• deps: bump direct Go dependencies by @dgageot in #2609
• feat(filesystem): add allow_list / deny_list to sandbox the toolset by @dgageot in #2601
• feat(gateway): add X-Cagent-Session-Id header to models gateway requests by @tdabasinskas in #2631
• feat(mcp-server): add --tool-name flag to override the MCP tool identifier by @tdabasinskas in #2625
• feat(runtime): propagate non-interactive mode to child sessions and decline elicitation by @tdabasinskas in #2623
• feat(otel): configure W3C trace propagation for distributed tracing by @tdabasinskas in #2506
• docs: fill in missing CLI flags and fix outdated content by @dgageot in #2633
• bump direct Go dependencies by @dgageot in #2637
• feat(mcp-server): add keep-alive support by @tdabasinskas in #2624
• Fix perf regression urls by @dgageot in #2638
• docs: add HCL configuration documentation by @rumpl in #2643
• docs: fix broken links and outdated/incorrect snippets by @dgageot in #2650
• Update pr-review.yml by @derekmisler in #2648
• avoid duplicate compaction system prompt by @rumpl in #2647
• HCL: add a file() function by @rumpl in #2642
• docs(agents): expand AGENTS.md with guidelines and standards by @aheritier in #2644
• docs(github): update issue templates and triage workflow by @aheritier in #2645
• Fix finish_reason stop when tracking usage by @rumpl in #2641
• feat(tools): generic input-shape repair for tool calls (validate-then-repair) by @trungutt in #2635
• bump direct go dependencies by @dgageot in #2655
• fix: keep tab switching and chat scroll working while a prompt is open by @dgageot in #2654
• Add JS placeholders support in instructions by @dgageot in #2652
• fetch: support custom request headers by @dgageot in #2651
• feat(httpclient): forward cagent install UUID on gateway-bound requests by @dgageot in #2653
• split builtin tools into individual sub-packages by @dgageot in #2661
• chore: replace mise with go-task by @dgageot in #2659
• docs: refresh examples README by @dgageot in #2665
• tui: pause animation ticks while the terminal is blurred by @dgageot in #2668
• refactor(logging): pass context to all slog calls for correlation by @tdabasinskas in #2669
• redact_secrets: catch more token shapes and bare unquoted values by @dgageot in https://github.com/docke...

v1.54.0

This release introduces clickable terminal links, domain filtering for fetch operations, and enhanced toolset lifecycle management with configurable supervision profiles.

What's New

• Makes markdown links and URLs clickable in the terminal using OSC 8 hyperlink escape sequences
• Adds allowed_domains and blocked_domains filters to the fetch toolset for restricting network access
• Adds /toolsets command and supervisor-aware status surface in the TUI
• Introduces redact_secrets agent flag that scrubs credential patterns from tool calls and LLM messages
• Adds per-toolset lifecycle configuration with profile presets for MCP and LSP servers
• Introduces /toolset-restart slash command for hot-reload functionality

Improvements

• Defers OAuth elicitation outside interactive context to prevent premature prompts
• Reduces macOS keychain prompts by storing all MCP OAuth tokens in a single keychain item
• Makes every dialog close on ctrl+c, with twice exiting the application
• Filters LSP tools by server-advertised capabilities
• Detects secrets embedded inside larger tokens, not just word-bounded patterns

Bug Fixes

• Fixes MCP catalog reference in mcp-definitions.yaml from docker:github to docker:github-official
• Fixes Slack token responses and surfaces server errors in MCP OAuth handling
• Fixes config package names for v6 and v7 versions
• Fixes strip transform reading wrong model in alloy/per-tool override mode
• Suppresses spurious 'is now available' MCP toolset notice after OAuth completion

Technical Changes

• Separates toolset notices from warnings in agent handling
• Simplifies history package by replacing manual parsing with standard library functions
• Refactors skills package into focused files without changing behavior
• Extracts image-stripping into registered MessageTransform mechanism
• Unifies MCP/LSP toolset supervision with typed errors and state-machine architecture
• Isolates example loading in temporary directories for tests

---

What's Changed

• docs: update CHANGELOG.md for v1.53.0 by @docker-read-write[bot] in #2565
• Make the slack remote MCP server work by @dgageot in #2512
• Fix misleading UpdateMessage doc comment by @rumpl in #2570
• docs: bring hooks reference up to date with new events by @dgageot in #2569
• lint: add config-versioning robustness cops + fix v6/v7 package names by @dgageot in #2568
• Use the slices package to simplify slice operations by @dgageot in #2566
• test: stop example tests from writing SQLite files into examples/ by @dgageot in #2564
• Simplify the history package by @dgageot in #2567
• runtime: extract image-stripping into a registered MessageTransform by @dgageot in #2573
• refactor(skills): split package into focused files by @dgageot in #2571
• feat(fetch): add allowed_domains and blocked_domains filters by @dgageot in #2572
• defer oauth when elicitation bridge isn't wired up yet by @dgageot in #2574
• feat(tui): make markdown links and URLs clickable in the terminal by @silvin-lubecki in #2498
• stop hard-coding "root" as the default agent name by @dgageot in #2576
• fix(examples): correct MCP catalog ref in mcp-definitions.yaml by @aheritier in #2465
• refactor(sessiontitle): simplify Generator without changing behavior by @dgageot in #2575
• Add redact_secrets builtin hook + before_llm_call transform by @dgageot in #2577
• Suppress spurious 'is now available' MCP toolset notice by @dgageot in #2578
• reduce macOS keychain prompts for OAuth MCP servers by @dgageot in #2580
• docs: document redact_secrets agent flag by @dgageot in #2581
• detect secrets embedded inside larger tokens by @dgageot in #2582
• feat(lifecycle): unify MCP/LSP toolset supervision with configurable profiles + /toolsets UX by @dgageot in #2579
• test(mcp): test buildRemoteDescription directly to skip keychain by @dgageot in #2584
• make every dialog close on ctrl+c, twice exits by @dgageot in #2583
• Disable test that prompts for a password by @dgageot in #2585

Full Changelog: v1.53.0...v1.54.0

v1.53.0

This release adds OpenAI-compatible API server functionality, skill model overrides, and response caching, along with extensive refactoring to improve code organization and testability.

What's New

• Adds docker agent serve chat command that exposes agents through an OpenAI-compatible HTTP server
• Adds configurable response cache for agents to skip model calls for repeated questions
• Adds skill model override capability allowing fork skills to specify different models via model: field in SKILL.md frontmatter
• Adds g/G keybindings to scroll messages view (jump to top/bottom)
• Adds 10 new builtin hook events including lifecycle events, compaction events, and observability events
• Adds type: model hook handler for LLM-as-judge functionality

Improvements

• Switches Anthropic Opus 4.6/4.7 to adaptive thinking when token-based budgets are configured
• Improves file path handling for sub-agent sessions by propagating user-attached files and encouraging absolute paths
• Improves error messages for HTTP 400 failures with structured provider error details

Bug Fixes

• Fixes Copilot integration by adding required Copilot-Integration-Id header for github-copilot provider
• Fixes crash when opening sessions with empty configuration files
• Fixes session_start hook output appearing as user messages in transcript
• Fixes TUI bottom slack clearing after thinking text fades out
• Fixes race conditions in skill model overrides and response cache handling

Technical Changes

• Extracts hooks builtins from runtime into separate package
• Extracts tool execution, compaction, and delegation logic into focused sub-packages
• Consolidates hook orchestration and simplifies executor caching
• Improves testability across runtime, session, provider, and TUI packages
• Replaces PersistentRuntime decorator with EventObserver pattern
• Updates multiple dependencies including Anthropic SDK, AWS Smithy, and various UI libraries

---

What's Changed

• docs: update CHANGELOG.md for v1.52.0 by @docker-read-write[bot] in #2520
• refactor(hooks): extract builtins from pkg/runtime into pkg/hooks/builtins by @dgageot in #2521
• refactor(hooks): simplify package while preserving features by @dgageot in #2522
• refactor(runtime): consolidate hook orchestration and cache executors by @dgageot in #2523
• Skills: allow fork skills to override the model by @dgageot in #2525
• refactor(skills): move fork-skill validation into SkillsToolset by @dgageot in #2524
• fix(skills): unbreak main after fork-skill refactor merge by @dgageot in #2527
• fix(openai): send Copilot-Integration-Id header for github-copilot by @dgageot in #2475
• refactor(hooks/builtins): one file per builtin + simplify registration by @dgageot in #2526
• feat(tui): add g/G keybindings to scroll messages view by @dgageot in #2528
• refactor(hooks/builtins): inline GetEnvironmentInfo + simplify package by @dgageot in #2529
• refactor(hooks/builtins): inline & simplify add_prompt_files by @dgageot in #2530
• refactor(hooks): simplify caching, dispatch flow, and notification helpers by @dgageot in #2531
• Inherit user-attached files in sub-agent sessions by @dgageot in #2532
• fix(runtime): don't persist session_start hook output as a session message by @dgageot in #2533
• refactor(hooks): drop runtime shadow types and tighten the executor by @dgageot in #2534
• feat: add docker agent serve chat command (OpenAI-compatible API) by @dgageot in #2510
• feat(hooks): add 6 builtin hooks + widen post_tool_use / before_llm_call contract by @dgageot in #2538
• refactor(runtime): drop unused receiver from handleStream by @dgageot in #2539
• feat(hooks): add three observability events around runtime transitions by @dgageot in #2542
• fix(tui): clear bottom slack after thinking text fades out by @dgageot in #2543
• refactor(tui): simplify components, drop dead code, consolidate helpers by @dgageot in #2544
• refactor(provider): improve testability and split provider.go by @dgageot in #2547
• speed up PR image builds by @dgageot in #2553
• refactor(tui): reduce duplication across picker dialogs by @dgageot in #2556
• Add context to todo storage methods by @rumpl in #2560
• refactor(runtime): improve testability and simplify package structure by @dgageot in #2554
• docs: document all builtin hooks in schema and hooks page by @dgageot in #2555
• tui: improve testability and simplify code by @dgageot in #2551
• refactor(session): improve testability and simplify the session package by @dgageot in #2550
• feat(modelerrors): surface structured provider error details on non-2xx responses by @dgageot in #2549
• feat(hooks): lifecycle events, per-hook options, and event-spec refactor by @dgageot in #2540
• refactor(runtime): extract sub-session orchestration by @dgageot in #2535
• refactor(runtime): extract model-fallback chain into fallbackExecutor by @dgageot in #2541
• refactor(runtime): extract tool execution into pkg/runtime/toolexec by @dgageot in #2545
• log history init failure via slog instead of stderr by @dgageot in #2561
• feat(hooks): add before_compaction and after_compaction events by @dgageot in #2537
• Bump direct Go dependencies by @dgageot in #2562
• feat(agent): add a configurable response cache by @dgageot in #2536
• refactor(runtime): replace PersistentRuntime decorator with EventObserver by @dgageot in #2552
• feat(hooks): add 4 new hook events to match Claude Code / OpenCode / pi by @dgageot in #2548
• anthropic: switch opus 4.6/4.7 token thinking budgets to adaptive by @dgageot in #2563
• feat(hooks): add 'type: model' hook and integrate pre_tool_use into approval flow by @dgageot in #2546

Full Changelog: v1.52.0...v1.53.0

v1.52.0

This release adds file picker hotkeys, improves message handling consistency, and introduces an extensible hooks system with new lifecycle events.

What's New

• Adds Alt+H and Alt+I hotkeys in file picker to toggle hidden and ignored file visibility
• Adds extensible hooks system with 5 new lifecycle events and 3 builtin hooks

Improvements

• Makes user prompt elicitation dialog scrollable to prevent content overflow in terminal

Bug Fixes

• Fixes message trimming behavior to be consistent across all model providers
• Fixes steer message handling by appending newlines between queued messages to prevent word fragments from being concatenated

Technical Changes

• Refactors hooks architecture for better extensibility with pluggable registry system
• Centralizes whitespace-only message filtering in session.GetMessages

---

What's Changed

• docs: update CHANGELOG.md for v1.51.0 by @docker-read-write[bot] in #2514
• fix(tui): make user_prompt elicitation dialog scrollable by @dgageot in #2509
• hotkeys to toggle filepicker hidden/ignored files by @joshbarrington in #2501
• runtime: append newline to non-last steer messages on multi-drain by @simonferquel-clanker in #2518
• fix: normalize message trimming behavior across all model providers by @simonferquel-clanker in #2516
• feat(hooks): refactor for extensibility, add 5 events and 3 builtins by @dgageot in #2519

Full Changelog: v1.51.0...v1.52.0