v1.8.0-beta.1

Hermes autonomous agents platform end-to-end onboarding (wizard, gateway, channels, skills, plugins/MCP browser, permissions), MCP wired into agent runtime, MLX recommendation on Apple Silicon.

Backend.AI GO v1.8.0-beta.1

23 commits since v1.7.2. (38,694 lines added, 1,388 lines deleted)

New Features

• Hermes module skeleton — HermesConfig (camelCase JSON, YAML on disk), HermesProfile / HermesProfileRef, HermesMcpServer / HermesMcpScope, HermesPluginRef, HermesTerminalBackend, HermesPlatformBinding, HermesLlmConfig, and a profile manager that round-trips upstream ~/.config/hermes/*.yaml byte-identically. Per-platform credentials live behind credentialsRef on the wire (raw secrets never serialize) and the same MessagingPlatform enum is reused from crate::autonomous::types. Full dto_validation.rs + canonical-example round-trip test (, epic Phase 2 /).
• Hermes environment detection and container installer — detects the user's container runtime (Docker / Podman / Apple Container) and reports actionable EnvironmentIssue variants (container_runtime_not_found, container_runtime_unsupported, image_missing, image_outdated, port_in_use, persistent_volume_unavailable, custom). Installer drives pull progress with InstallStage / InstallProgress events through the autonomous_* SSE bus .
• Hermes gateway lifecycle + daemon WS/HTTP client + event bridge — start / stop / health-check the Hermes gateway container, stream daemon events into the autonomous_* SSE channel, and proxy HTTP calls (channels, skills, models, send-message) through a thin Rust client so the React layer talks to one provider-agnostic shape .
• continuum-router wired as the Hermes LLM provider (PHASE2-4) — the Hermes daemon's LLM bridge now points at Backend.AI GO's local router instead of an external Anthropic endpoint by default, so locally served models can drive Hermes agents without an internet round-trip; the bridge respects model_aliases and Web Search injection from the Claude Code router config .
• Hermes setup wizard UI with hermes claw migrate integration — end-to-end onboarding: container runtime check, image pull with InstallProgress UI, profile creation, channel selection, LLM bridge sync, optional one-click migration of existing Claw profiles via the new hermes claw migrate CLI subcommand. Picks up where the existing Autonomous Agents shell leaves off so Hermes can be onboarded in-app without touching the command line .
• Hermes plugins / MCP browser — discover MCP servers (HermesMcpServer) and plugin references (HermesPluginRef) registered in the daemon, enable / disable per-scope (profile / user / system), and inspect tool surfaces before binding them to a profile .
• Hermes permissions + container settings + approval workflow — profile-level permission grants (filesystem mounts, network egress, tool allowlists), container resource limits, and a per-action approval queue that pipes into the existing supervisor ApprovalDialog so Hermes agent actions share the same audit machinery as in-app agents .
• Hermes Channels tab with per-platform credential entry — bind a Hermes profile to one or more MessagingPlatform channels (Telegram, Slack, Discord, WhatsApp, Home Assistant, Google Chat, etc.) and store credentials behind credentialsRef in the OS credential vault; only the reference ID ever lands in hermes.yaml .
• Hermes Skills tab and reusable skill components — lists discovered skills (AgentSkill, SkillSource) per profile with a refactored, provider-agnostic skill card surface shared with the existing autonomous-agents UI .
• Recommend MLX-format models in Featured Models on Apple Silicon — reorders the curated list so MLX builds float to the top when the platform detects an Apple Silicon Mac, matching the engine the user is most likely to run .

Improvements

• Provider-agnostic channel/messaging UI with tab registry — hoists the channel and messaging surfaces out of the legacy Claw layout into a registry-driven tab system so any AutonomousAgentProvider (Claw, Hermes, future backends) can contribute tabs without forking the page. Existing Claw routes continue to render through the same registry .
• Split tests out of pre-push gates and parallelize frontend / Rust lanes so make check finishes faster on contributor machines while CI still runs the full suite.
• What's New slash command updated to better drive per-release locale catalog refreshes.
• cargo fmt applied to the Claw provider module so the recent adapter rewrite matches surrounding style.

Bug Fixes

• MCP tool names containing colons (e.g. server:tool) were rejected by the Anthropic API path because Claude's tool-name validation forbids :. The MCP bridge now sanitizes tool names to server__tool on the wire so agents using Claude models can call MCP tools registered with namespaced names without manual renaming .
• MCP tools wired into the agent runtime — the MCP registry was loaded but its tools were not surfaced to the runtime tool dispatcher; agents could see MCP servers in settings but could not actually call their tools. Now MCP tools are merged into the agent's tool catalog on session start and execute through the same tool-execution pipeline as built-in tools .
• Ensure dist/ exists before the embed-frontend RustEmbed derive runs — clean cargo build (no prior pnpm build) was failing because RustEmbed requires the target directory to exist at macro-expansion time .
• Register Hermes routes in the route_scope manifest so route_scope_middleware enforces the same scope gate as the rest of the management API surface; without the manifest entries, the fallback pass-through would let any authenticated identity hit Hermes endpoints regardless of scope .
• Raise the FD soft limit at the start of make test-rust so the full Rust test suite no longer hits "Too many open files" on macOS defaults .
• Remove a duplicated cfg(test) attribute in hermes::mcp_tests that prevented cargo build --tests from compiling on main after merged.
• Silence Windows-only unused-import and dead-code warnings in cli.rs so cargo clippy is clean on cross-platform builds.

CI/CD Improvements

• Temporarily disable the Windows build job in the packaging workflow while a sidecar binary-bundling regression is investigated; non-Windows artifacts continue to build. Will be re-enabled before v1.8.0 stable.
• Local pre-push gates split tests off the critical path and run frontend / Rust lanes in parallel.

Technical Details

• Hermes module structure: types and config under src-tauri/src/hermes/, with dto_validation.rs pinning the wire shape (camelCase JSON, snake_case YAML) and a canonical-example test asserting byte-identical save-load-save round-trip with upstream ~/.config/hermes/*.yaml.
• Reuse: MessagingPlatform enum is shared from crate::autonomous::types rather than redeclared in hermes; the AutonomousAgentProvider trait abstraction (epic Phase 1) is what makes the provider-agnostic tab registry possible.
• Secret handling: per-platform credentials never serialize to disk — HermesPlatformBinding only carries credentialsRef on the wire, and the raw API key only lives in the OS credential vault; same pattern applied to HermesLlmConfig.apiKeyEnv.
• Continuum-router integration: PHASE2-4 of makes the Hermes daemon point its LLM bridge at the local router; honors model_aliases and Web Search injection from RouterConfigYaml so Claude Code router config and Hermes config share one source of truth.
• MCP tool-name sanitization: server:tool → server__tool mapping is one-way on the outbound side and reversed on the inbound side so the agent sees the original name in tool-use responses; round-trip tests pin the mapping.

Dependencies

• No notable production dependency bumps in this beta.
• Workspace bumped to backend-ai-go v1.8.0-beta.1 (cargo update -p backend-ai-go).

Breaking Changes

None. The provider-agnostic tab registry preserves the existing Claw routes through the same registry, and the legacy clawStore continues to operate as a backward-compatibility shim for existing callers.

Known Issues

• Windows packaging job is temporarily disabled while a sidecar binary-bundling regression is investigated; Windows installers (NSIS) are not produced for this beta and will return before the v1.8.0 stable release.

Full Changelog

v1.7.2

v1.7.2 introduces the Autonomous Agents platform foundation (provider trait + registry + adapter), Claude Code router integration with verify probe, API-driven capability detection for remote provider models, and the OpenAI ChatGPT Codex OAuth provider.

Backend.AI GO v1.7.2

49 commits since v1.7.1. (49,781 lines added, 3,057 lines deleted)

New Features

Autonomous Agents Platform Foundation

• New AutonomousAgentProvider trait, supporting types (ProviderKind, ProviderCapabilities, MessagingPlatform, GatewayStatus, EnvironmentReport, InstallProgress, AgentChannel, AgentSkill, ModelSummary, SyncedModel, ProviderEvent, etc.) and ProviderRegistry so multiple autonomous-agent backends can plug in side by side. DTO validation tests pin the wire shape across all enums and tagged unions (, epic,).
• Unified Tauri IPC + REST API surface under the autonomous_* namespace. Both transports call into the same shared registry so command parity, scope enforcement, and SSE event mirroring are guaranteed by construction .
• autonomousAgentsStore Zustand store with selector hooks; the legacy clawStore continues to operate as a backward-compatibility shim so existing callers do not break during the migration .
• AutonomousAgentsPage shell with sidebar navigation rename ("Autonomous Agents" replacing the legacy "Claw" entry); the deprecated /claw route is removed and deep links redirect to the new page .

Claude Code Router Integration (epic)

• Settings → Claude Code tab points Anthropic's Claude Code CLI at your local Backend.AI GO router. Four cards (Endpoint / Quick Setup / Model Aliases / Web Search) backed by the new model_aliases and web_search sections of RouterConfigYaml, with a card-level Save bar gated on validation and a ?tab=claude-code deep link .
• ClaudeCodeEndpointCard with read-only ANTHROPIC_BASE_URL, masked ANTHROPIC_API_KEY, ANTHROPIC_MODEL selector, "Copy as export" / "Copy as .env" buttons, and a "Verify" button issuing a /v1/messages probe through router::service::verify_anthropic_endpoint (shared by Tauri command and REST handler) with classified outcomes: connection_refused, timeout, auth, model_not_found, schema_mismatch, other .
• Locale fan-out across all six locales (28 keys under settings.apiSettings.claudeCode.*) with locale-parity.test.ts enforcing structural parity. User-facing docs at docs/en/api-server/claude-code.md and docs/ko/api-server/claude-code.md covering env vars, WebSearch provider table, walkthrough, troubleshooting, and known limitations .
• Interim UX notice that web search API keys entered in the Claude Code → Web Search card are stored separately from the Providers panel .

API-Driven Capability Detection

• Two-tier capability schema (provider-level + per-model) replaces the pure name-string heuristic with a five-level pipeline: ManualOverride > ProviderTable > ExtendedMetadata > EndpointInheritance > NameHeuristic. Backend src-tauri/src/providers/capabilities/ with prober, metadata parser, detector, hardcoded provider tables for OpenAI / Anthropic / Gemini, and SQLite-backed cache with 7-day TTL plus manual-override survival. Eight service functions exposed as both Tauri commands AND REST handlers per the API parity rule. RemoteModelsTab and ModelsPage kick off refreshAllProviderCapabilities(true) non-blockingly with row-by-row event streaming .
• CapabilityOverrideDialog with Inputs / Outputs / Features tabs, per-row Re-detect / Override actions in RemoteModelCard, and chip tooltips showing localized detected_via pipeline chain and confidence level .
• Auto-download of model-metadata.yaml with continuum-router so version bumps no longer leave stale model definitions; bundled metadata synced to v1.6.1 .

Other Additions

• OpenAI ChatGPT (Codex OAuth) provider with device-code login. Per-provider token store at <app_data_dir>/router/auth/<id>.json so the continuum-router consumes it without surfacing the access token to the frontend .
• Agent Profile "From URL" import accepting https:// links to .json profile files with SSRF protection (private/loopback range blocking via custom DNS resolver), 256 KiB body cap, 10 s timeout, 3-redirect limit, and embedded-credential rejection .
• Carry recommendedSampling defaults and the user's per-model sampling config through .baimodel packages so re-imports keep their preferred sampling parameters end-to-end (issue,).
• repairMarkdownTables utility in src/lib/markdownTableRepair.ts integrated into MarkdownContent rendering. Pure preprocessor that repairs three malformed GFM table patterns produced by local LLMs (delimiter-row pollution, empty delimiter cells, list-marker contamination) before they reach react-markdown .
• Additive translations map on RegistryProfileEntry with optional name / description overlays, backward-compatible .

Improvements

• agent_profile store::get and store::delete use read_profile_file as the sole existence probe, mapping IoError(NotFound) to AgentProfileError::NotFound(id) so REST callers see consistent 404s .
• Unified Serper / Brave Search API key storage between Settings and Claude Code. Web Search card persists ${BACKEND_AI_SERPER_API_KEY} / ${BACKEND_AI_BRAVE_API_KEY} placeholders instead of plaintext keys; Backend.AI GO injects matching env vars into every router child spawn .
• Wrap the legacy Claw module as an AutonomousAgentProvider adapter so the existing OpenClaw integration runs through the new provider trait without breaking running deployments .
• API Settings page migrated to the shared SettingsLayout sidebar pattern introduced in v1.7.1 .
• Unify ApiSettings and Settings sections under a single layout primitive and fix a TCP fallback gap in the Claude Code endpoint card .
• Unify ad-hoc page tab implementations on the common Tabs component so every page shares the same accessibility behaviour, keyboard navigation, and visual treatment (issue,).
• Extend RouterEndpointResolver to translation, stats, agent, and lifecycle endpoints so headless REST mode uses the Unix-socket fast-path consistently across every router-backed surface .
• Migrate every consumer of isImageGenerationModel, getImageEditCapabilities, getImageModelType, supportsVision, getModelImageParamCapabilities, and supportsImageRefinement to forward the providers' ModelCapabilityRecord, with deterministic provider-id ordering for stable cross-session winners .
• i18n parity for capability detection across ja, zh-CN, zh-TW, and es — 27 missing keys mirrored from canonical en/ko locales .

Bug Fixes

• reset_settings (Tauri + REST) returns the resolved platform default for general.modelsDirectory instead of an empty string. Six locale files (en, ko, ja, zh-CN, zh-TW, es) drop the hardcoded legacy path. New REST endpoint GET /api/v1/settings/default-models-directory returns the platform default for headless clients .
• Prevent a duplicate pool session when the user selects a model that is already loaded .
• Harden several recent model and router follow-ups discovered during pre-release smoke testing.
• Register agent_profile_import_from_url in the parity and security-regression scope manifests so the new From-URL transport pair is enforced by the boundary tests .
• Community tab agent cards now use translations and preserve raw categories .
• Summarization prompt no longer injects the Qwen3-specific /no_think control token into prompts sent to other model families .
• Walk providers in lexicographic order in useCapabilityRecordByModelId and getCapabilityRecordByModelId so the winner for a modelId collision is stable across sessions (HIGH severity, review of).
• Restrict <article> keyDown handler in RemoteModelCard to its own target so Enter/Space on Re-detect / Override buttons no longer cross-fires onToggle. Track the redetect spinner timer with useRef + useEffect cleanup. Replace destructured useProvidersStore in CapabilityOverrideDialog with stable per-action selectors .
• Capability detection routes added to ROUTE_MANIFEST in management_api/route_scope.rs so route_scope_middleware enforces the same scope gate as PUT /providers/{id} (HIGH severity,).
• Capability probe HTTP client redirect cap reduced from reqwest's default 10 hops to 1 hop to prevent latency amplification .
• Preserve seeded provider endpoint flags on indeterminate probe outcomes; use HashSet membership when pruning orphan capability rows; add eight Tauri/REST mappings to API parity manifest .
• Delete action hidden for built-in agent profiles in AgentProfileCard; store::create strips is_builtin = false .
• cargo test --test api_parity failure on main from missing five transport pairs in PARITY_MAPPINGS (four Codex OAuth commands + verify-probe pair) — added .
• cargo test --test security_regression failure from same omission — four codex-oauth REST routes added to ROUTE_MANIFEST with settings_write scope ( follow-up).
• router::service::tests::backends_are_preserved_across_saves no longer fails to compile after continuum-router v1.6.2 introduced BackendConfig::auth: Option<BackendAuthConfig> .

CI/CD Improvements

• Local pre-push quality gates via lefthook (auto-installed by the pnpm install prepare script) so contributors run make check before every push; an explicit SKIP_LOCAL_GATES=1 escape hatch keeps emergency bypasses auditable .
• Release statistics tracking script for measuring change scope across releases.

Technical Details

• name_heuristic::detect regex caching: dall-?e[-_]?3 and nano[-_]?banana[-_]?pro regexes cached in the OnceLock NameHeuristic struct alongside the rest of the heuristics so the per-call compile is no longer a hot path (HIGH severity,).
• router::service module as the single source of truth for `router_conf...

v1.7.2-beta.2

Claude Code router-settings tab lands with the model_aliases + web_search RouterConfigYaml extensions, a /v1/messages Verify probe, OpenAI Codex OAuth device-code login, and agent-profile defense-in-depth hardening.

Backend.AI GO v1.7.2-beta.2

14 commits since v1.7.2-beta.1. (13210 lines added, 397 lines deleted)

New Features

• Claude Code router-settings tab in Settings → API. Four cards (Endpoint, Quick Setup, Model Aliases, Web Search) compose the new tab between Providers and Mesh. The tab is fully wired through RouterConfigYaml extensions so continuum-router can rewrite hard-coded claude-haiku-4-5-20251001 / claude-sonnet-4-6 / claude-opus-4-7 model names to locally served models and (optionally) inject Serper / Brave / Exa search results into agent prompts (,,, epic).
• RouterConfigYaml extended with model_aliases (ModelAliasesConfig) and web_search (WebSearchConfig) fields, both optional and skip_serializing_if = "Option::is_none" so existing configs round-trip unchanged. ModelAliasesConfig maps size-class slots (haiku, sonnet, opus, reasoning, default) plus an exact HashMap. WebSearchConfig mirrors the continuum-router web_search schema (provider, api_key, timeout, result caps, inject policy) and includes a custom Debug impl that redacts api_key. DTO-validation tests pin the wire shape against the router spec .
• routerSettingsStore extended with TypeScript mirrors of the Claude Code router fields. Four new Zustand actions — setModelAlias, setExactAliasEntry, updateWebSearch, applyClaudeCodeDefaults — manage the optional model_aliases and web_search sub-trees with tombstone semantics (drops the parent key when the last field is cleared). Two selector hooks: useModelAliases, useWebSearch. ActiveTab union extended with "claude-code" .
• ClaudeCodeEndpointCard ships with read-only ANTHROPIC_BASE_URL (derived from bind_address via deriveAnthropicBaseUrl), ANTHROPIC_API_KEY (password input with reveal toggle), and ANTHROPIC_MODEL (Select populated from loaded models and model_aliases.default). "Copy as export" and "Copy as .env" buttons land the three env-vars as shell-ready snippets. A Verify button issues a /v1/messages probe through the canonical API adapter; router::service::verify_anthropic_endpoint (shared by both Tauri command and REST handler) classifies outcomes into connection_refused, timeout, auth, model_not_found, schema_mismatch, or other so the UI renders a localized hint .
• OpenAI ChatGPT (Codex OAuth) provider with device-code login flow. CodexOAuthLoginDialog runs the device-code dance; codexOAuthService is the transport-agnostic shim for start/poll/cancel/revoke. Per-provider token store is written to <app_data_dir>/router/auth/<id>.json. Full Tauri + REST parity on the four Codex OAuth commands .
• Locale fan-out for the Claude Code Settings tab across en, ko, ja, zh-CN, zh-TW, es — 28 keys under settings.apiSettings.claudeCode.* cover Endpoint, Quick Setup, Model Aliases, and Web Search cards plus inline help text and error messages. A locale-parity.test.ts (16 cases) enforces structural parity. User docs shipped at docs/en/api-server/claude-code.md and docs/ko/api-server/claude-code.md .
• Interim notice that web search API keys entered in the Claude Code → Web Search card are stored separately from those in the Providers panel. Rendered below the api_key input in WebSearchCard.tsx with claude-code-section__hint styling and a corresponding !!! note "Storage separation" admonition in both English and Korean docs. Both surfaces cross-reference (the planned consolidation fix) .

Improvements

• router::service module is the single source of truth for router_config.yaml read/write logic. read_router_config_from_file, save_router_config_preserving_backends, and reset_router_config_to_default are called by both the Tauri command and the REST handler so validation, backend-list preservation, and 0o600 permission enforcement live in exactly one place. ServiceError discriminates Validation from Io/Serde so the REST handler maps validation failures to 400 without duplicating that decision in the transport layer .
• Quick Setup card writes haiku/sonnet/opus/default slots in a single fan-out and immediately persists. Model Aliases card surfaces per-slot <Select> rows for primary aliases plus an advanced reveal for reasoning and exact mappings using the CorsOriginsEditor visual pattern. Web Search card exposes provider dropdown, masked api_key with explicit reveal toggle, and eight advanced tuning fields. A card-level Save bar with HotReloadBadge confirmation sits below the cards; Save is gated on getWebSearchValidationKey so web_search enabled without an api_key blocks persistence .
• All interactive elements in the new Claude Code tab use src/components/common/ primitives (no raw <button>, <select>, or <input type="checkbox">); two pure helpers in utils.ts — getWebSearchValidationKey and buildClaudeCodeModelOptions — are the single source of truth for the blocking rule and option construction; both are unit-tested. 10 component tests, 2 regression tests in ApiSettingsPage.test.tsx, and 10 new util tests .

Bug Fixes

• cargo test --test api_parity was failing on main because five transport pairs were missing from PARITY_MAPPINGS: the four Codex OAuth commands/endpoints (start_codex_oauth_login, poll_codex_oauth_login, cancel_codex_oauth_login, revoke_codex_oauth_tokens) and the verify-probe pair (verify_anthropic_endpoint / POST /router/verify-anthropic-endpoint). Both transports already existed and shared their service function; only the parity manifest was missing the rows .
• cargo test --test security_regression was also failing on main from the same omission. The four codex-oauth REST routes were absent from ROUTE_MANIFEST in management_api/route_scope.rs — added with settings_write scope (mirrors the surrounding /providers/* mutation routes). oauth.rs added to HANDLER_FILES_WITHOUT_EXPLICIT_SCOPE_ALLOWLIST (, follow-up).
• router::service::tests::backends_are_preserved_across_saves no longer fails to compile after the continuum-router v1.6.2 bump introduced BackendConfig::auth: Option<BackendAuthConfig>; the test fixture now sets auth: None like every other field ( drive-by).
• Delete action hidden for built-in agent profiles in AgentProfileCard (marketplace grid), matching the existing gate in AgentProfileEditor. store::create now unconditionally strips is_builtin = false so a caller cannot promote a newly created profile to built-in status .
• store::update preserves is_builtin from disk, preventing a REST/Tauri caller from unmarking a canonical built-in profile and bypassing the delete-protection guard. Forcing false in update would allow PUT {canonical-builtin-id} with is_builtin: false followed by a successful DELETE because the BuiltinCannotBeDeleted guard is a conjunction of profile.is_builtin && is_canonical_builtin_id(id) .

CI/CD Improvements

None.

Technical Details

• Single source of truth between Tauri commands and REST endpoints for all new transports: router::service::verify_anthropic_endpoint, router::service::{read_router_config_from_file, save_router_config_preserving_backends, reset_router_config_to_default}, and the four providers::oauth::codex::* service functions. Both transports are thin wrappers per .claude/rules/api-parity.md.
• ?tab=claude-code deep-link works via the validTabs allowlist already extended in.

Dependencies

• Update continuum-router to v1.6.2 (picks up BackendConfig::auth: Option<BackendAuthConfig>).

Breaking Changes

None.

Known Issues

• Web search API keys entered in Claude Code → Web Search are stored separately from those in the Providers panel; consolidation is tracked in.

Security

• agent_profile store::update defense-in-depth hardening (three changes, defaulting to Option A from the issue): (1) Self::validate_id(id)? is now the first statement of update, mirroring get and delete and rejecting path-traversal / null-byte / overlong IDs before any disk access; (2) the redundant upfront path.exists check is removed in favour of using read_profile_file as both the existence probe and the source-of-truth read for is_builtin (any I/O NotFound is mapped to AgentProfileError::NotFound(id)); (3) a new AgentProfileError::BuiltinCannotBeModified variant blocks content mutation on canonical built-in templates (UUID v5 IDs from templates::get_builtin_templates). Without this guard a direct REST/Tauri caller could rewrite "Code Assistant"'s system_prompt (prompt-injection vector), elevate enabled_tools, or swap preferred_model_id. The new error maps to HTTP 400 in management_api/handlers/agent_profiles.rs, matching the existing BuiltinCannotBeDeleted mapping .
• Four SSRF defenses on the verify endpoint: scheme allowlist (http/https only), cloud-metadata host block (169.254.169.254 / GCP / Azure / Alibaba + full 169.254.0.0/16 link-local range), 64 KiB response body cap, and api_key scrub on all error_detail surfaces — REST callers supplying a cloud-metadata URL receive a 400 .
• Claude Code settings hardening — `` reviews and locks down the new Claude Code tab surfaces (defense-in-depth on the api_key handling and validation paths added in /).

Full Changelog

v1.7.2-beta.1

API-driven capability detection for remote provider models — five-level pipeline with SQLite cache and live row-by-row UI updates, plus override dialog, markdown table repair, and Community card translations.

Backend.AI GO v1.7.2-beta.1

12 commits since v1.7.1. (11971 lines added, 343 lines deleted)

New Features

• API-driven capability detection for remote provider models . Two-tier capability schema (provider-level + per-model) replaces the pure name-string heuristic with a five-level pipeline: ManualOverride > ProviderTable > ExtendedMetadata > EndpointInheritance > NameHeuristic. Backend (src-tauri/src/providers/capabilities/) ships with types, prober, metadata parser, detector, name-heuristic Rust port, hardcoded provider tables for OpenAI / Anthropic / Gemini, and a SQLite-backed cache with 7-day TTL plus manual-override survival. Eight service functions exposed as both Tauri commands AND REST handlers; both transports call the same internal providers::capabilities::* function per .claude/rules/api-parity.md. End-to-end event streaming (provider:capabilities-started, provider:capabilities-progress, provider:capabilities-updated, provider:capabilities-failed) wired through useProviderListeners so per-model rows upgrade row-by-row as detection completes. Concurrency cap 8, per-model timeout 2 s, redirect cap 1, partial-failure tolerated.
• Capability override UI . New CapabilityOverrideDialog common component with Inputs / Outputs / Features tabs rendered as ToggleSwitch rows seeded from the current ModelCapabilityRecord. "Save" calls providersStore.setCapabilityOverride; "Reset to detected" calls clearCapabilityOverride; both show inline error feedback on rejection. Per-row "Re-detect" and "Override" action buttons in RemoteModelCard surface in an on-hover toolbar. ModelCapabilityChips badge tooltips now show the localized detected_via pipeline chain and confidence level.
• Auto-download of model-metadata.yaml with continuum-router . The router needs a version-matched metadata file at runtime, but it lives in the lablup/continuum-router repo (not as a release asset) and was previously hand-committed. scripts/download-continuum-router.sh now fetches model-metadata.yaml from the matching tag via gh api -H "Accept: application/vnd.github.v3.raw", once per invocation regardless of how many platforms are requested; empty and JSON-error responses are detected before the file is moved into place. The bundled model-metadata.yaml is synced to v1.6.1, picking up gpt-image-2, the retrieval/embedding capability split, and other entries the bundled copy was missing.
• Markdown table repair preprocessor . New repairMarkdownTables utility in src/lib/markdownTableRepair.ts and integration into MarkdownContent rendering. Repairs three malformed GFM table patterns produced by local LLMs before they reach react-markdown: delimiter-row pollution (e.g., | :---ed | → | :--- |), empty delimiter cells filled with ---, and list-marker contamination (e.g., * | body | → | body |). Idempotent on valid input, code-fence-aware (backtick fences preserved), streaming-safe (incomplete table windows untouched), with a no-pipe early-exit fast path. 34 fixture-anchored unit tests plus four integration tests rendering the real <ReactMarkdown> tree.
• Additive translations map on RegistryProfileEntry . With a slim RegistryProfileTranslation carrying optional name / description overlays, #[serde(default, skip_serializing_if = "HashMap::is_empty")] so older registry indices and cache files keep parsing unchanged. Documented in docs/en/cowork/profiles.md and docs/ko/cowork/profiles.md.
• Release statistics tracking script for measuring change scope across releases.

Improvements

• All capability consumers migrated to prefer ModelCapabilityRecord . Every consumer of isImageGenerationModel, getImageEditCapabilities, getImageModelType, supportsVision, getModelImageParamCapabilities, and supportsImageRefinement now forwards the providers' ModelCapabilityRecord so the API-driven detection wins over the legacy name heuristic when present, and falls back to the heuristic when no record exists yet. New helpers: useCapabilityRecordByModelId (React) and getCapabilityRecordByModelId (snapshot); both walk providers in lexicographic order so the winner for a modelId collision is stable across sessions. makeRecordFinder extracted from providersStore so the five inline findRecord copies share the same deterministic-order logic. Migrated 18 files across components, hooks, stores, lib, and pages.
• Capability detection i18n parity across ja, zh-CN, zh-TW, and es . 27 missing keys under models.capabilities.* (top-level labels, detection.*, actions.*, dialog.*) mirrored from the canonical en/ko locales. Chinese variants aligned with surrounding term conventions: zh-CN providerTable (提供方表 → 供应商表) and zh-TW providerTable (提供者表 → 供應商表) match the existing models.* keys; zh-TW imageVariation (圖像變化 → 圖像變體) matches the existing image-variation cluster.

Bug Fixes

• Community tab agent cards now use translations and preserve raw categories . CommunityProfileCard resolves displayName / displayDescription through getTranslatedName / getTranslatedDescription, matching AgentProfileCard. The category badge no longer collapses every unknown category to "Custom" — known enum values still translate via the locale catalog, free-form community categories ("general", "writing-tools", ...) are humanised to Title Case, and empty categories render no badge. 18 unit tests cover humanizeCategory behavior.
• Summarization prompt no longer injects the Qwen3-specific /no_think control token . The literal /no_think\n prefix in SUMMARIZE_INSTRUCTIONS is a Qwen3-only control token; other model families (Llama, Mistral, Gemma, Phi, GPT, Claude, Gemini) interpret it as literal user input, corrupting the summarization prompt and occasionally leaking the token into generated summaries. Sibling fix to which patched the same issue in title generation. Regression test asserts no message in the LLM payload contains /no_think for any model id.
• Stable provider winner for modelId collisions (, HIGH from review of). useCapabilityRecordByModelId and getCapabilityRecordByModelId walk providers in lexicographic order so the winner for a modelId collision is stable across sessions. Without sorting, the winner depended on Map insertion order driven by network completion order, and a different provider could win each time.
• Cross-firing button events fixed in RemoteModelCard . <article> keyDown handler is now restricted to its own target so Enter/Space on the row's Re-detect / Override buttons no longer cross-fires onToggle. Redetect spinner timer tracked with useRef + useEffect cleanup so it is cancelled when the card unmounts. Destructured useProvidersStore in CapabilityOverrideDialog replaced with stable per-action selectors so background capability-detection events do not re-render the dialog on every store mutation.
• Capability detection routes added to ROUTE_MANIFEST (, HIGH security). route_scope_middleware now enforces the same scope gate as PUT /providers/{id} and friends — without the manifest entries, the fallback "pass-through" let any authenticated identity call them regardless of scope.
• Name-heuristic regexes cached in OnceLock (, HIGH perf). name_heuristic::detect previously rebuilt the dall-?e[-_]?3 and nano[-_]?banana[-_]?pro regexes on every call; with ~50 models per provider per refresh, the per-call compile became a measurable hot path. Both are now cached alongside the rest of the heuristics.
• Capability probe HTTP redirect cap reduced from 10 to 1 . For endpoint reachability discovery we never need to follow more than one redirect; treating the redirect target as the answer prevents a malicious provider URL from chaining redirects to amplify probe latency up to the per-request 2 s timeout.
• Provider capability cache hardening (post-merge follow-up to /). Preserves seeded provider endpoint flags on indeterminate probe outcomes so transient timeout/5xx responses do not erase known-good cache state. Uses HashSet membership when pruning orphan capability rows to avoid quadratic scans on large provider model lists. The eight provider capability Tauri/REST mappings added to the API parity manifest; cli.rs added to the security handler-scope baseline with a route-scope-middleware note.

CI/CD Improvements

• None

Technical Details

• Hot path optimization: deterministic provider ordering for capability lookups, cached regex compilation, per-call HashSet membership for orphan-row pruning.
• Event lifecycle: service::detect_provider_with_models_emitting extends to take an optional runtime-agnostic Arc<dyn EventEmitter> and emits events at four points: started at the very beginning, capabilities-updated for the provider record after server-endpoint detection, capabilities-updated again for each model as its JoinSet task completes (replacing the prior monolithic for handle in handles join loop), and progress after every model.
• Lifecycle parity: providers/lifecycle.rs extracts trigger_initial_capability_detection (background spawn), invalidate_capabilities_for_change (manual overrides preserved), and cascade_capability_delete so both Tauri and REST paths share the same code rather than duplicating cache lifecycle handling.
• Test coverage: 42 unit tests + DTO validation tests for capabilities, 19 component tests for CapabilityOverrideDialog, 13 store tests for providersStore event handlers, 7 tests for useProviderListeners lifecycle, 16 contract tests for providerCapabilityService, 34 fixture-anchored markdown table repair tests + 4 integration tests, 18 tests for `CommunityProfileC...

v1.7.1

Settings page redesigned to a left-sidebar layout grouped into App / Agent / System; Squad Channels gets a card grid plus drawer settings panel; global corner-triangle card accent rolls out; CLI install and QR code v1.7.0 regressions fixed.

Backend.AI GO v1.7.1

12 commits since v1.7.0. (10089 lines added, 5510 lines deleted)

New Features

• New SettingsLayout common component (src/components/common/SettingsLayout/) — vertical sidebar nav with grouping, tag badges, roving-tabindex keyboard navigation (Up/Down/Home/End/Enter/Space), WCAG aria-orientation="vertical" ARIA tab pattern, and a mobile drawer fallback below 768 px .
• New PageLayout variant="full" option that removes the max-width clamp, letting pages with their own internal layout chrome (such as the sidebar-based Settings page) span the full viewport width .
• New ChannelCard and ChannelSettingsDrawer components for the Squad Channels tab, both wrapping common primitives (BaseCard and Drawer) and sharing tokens / accessibility behavior with the rest of the app .

Improvements

• Settings page redesign — horizontal top tabs replaced with a vertical left-sidebar layout matching Ubuntu / Windows 11 / macOS Settings, grouped into App / Agent / System ; single-card chrome with sticky sidebar, mirrored sidebar width via --token-sidebarWidth, filled active-state tint (no layout shift on activation), label ellipsis, and 10 new nav icons (Appearance, Generation, Tools, Advanced, Memory, Supervisor, Policy, AgentProtocol, Connectors, Nodes) ; every Settings tab migrated to the shared SectionGroup (h3) primitive — ModelsSettings, ToolSettings, McpSettings, AcpSettings, AcpPermissions, DemoSettings, MemorySettings, SupervisorSettings, PoliciesSettings (main + editor drawer), NodeSharingSettings, ConnectedNodesSettings — for unified heading hierarchy with inline action buttons moved into the SectionGroup action slot ; Settings General tab split into focused sub-tabs .
• Squad Channels card grid — the per-channel Accordion is replaced with a responsive ChannelCard grid (1/2/3 columns at mobile/tablet/desktop) and a ChannelSettingsDrawer that hosts the existing per-channel *Settings form (Telegram / Slack / Discord / WhatsApp / OpenClaw), mirroring the AgentMarketplace pattern. Drawer body CSS flattens the legacy outer borders/padding so embedded forms sit cleanly inside the drawer instead of under accordion chrome. Drawer dirty-state confirms via the common ConfirmDialog; embedded forms unmount after the close animation completes . Channel cards swap the 4 px brand-color left-edge accent strip for a 32 × 32 brand-color triangle clipped via clip-path: polygon(0 0, 100% 0, 0 100%) pinned to the top-left corner; the triangle grows to 40 × 40 on hover/focus and prefers-reduced-motion collapses the size transition while preserving the hovered static state .
• Global corner-triangle accent rolled out to every card or box that previously used a border-left: Npx solid <color> emphasis: TaskCard, AgentRowList, ExecutionProgress, PlanApproval, SquadOverviewTab, StepItem, ApprovalDialog (3 sites), CoworkProgressPanel, ToolCallBlock, ToolResultBlock, ChatMessage edit container, ConversationItem and DrawSessionItem active states, DrawConversation refinement, ImportModelDialog (3 blocks), SettingsImportModal, SkillDetailDrawer, GlossaryManager, ImportExportDialog, EngineUpgradeDialog, MemoryViewer (2 blocks), NodeDetailsPanel, and the StructureTab rope-viz note. Each conversion replaces the left border with a 16 × 16 ::before right-triangle clipped via clip-path: polygon(0 0, 100% 0, 0 100%), positioned at the top-left of the box, with pointer-events: none and opacity: 0.85. Modifier-based components use a component-scoped custom property (e.g. --task-card-corner-color) so each modifier only swaps the property rather than redeclaring the pseudo-element .
• Squad task drawer renders planner-authored Markdown for both the description and result-summary blocks via the existing chat MarkdownContent renderer (sanitized via rehype-sanitize, GFM, syntax highlighting, math), with the renderer's outermost margins trimmed so the body sits flush against the section title .
• Complete font-size token scale defined and adopted across the codebase .

Bug Fixes

• "Install for current user" / "Install system-wide" buttons in Settings → Advanced → CLI Tools failed with Command install_cli_symlink not found because the frontend Tauri transport invoked install_cli_symlink / uninstall_cli_symlink while the registered Rust commands are install_cli_shell_integration / uninstall_cli_shell_integration. The IPC command strings are renamed (TypeScript method names installCliSymlink / uninstallCliSymlink stay stable). The useSystemPath parameter — silently dropped at every layer (component, adapter interface, Tauri/REST adapters, both transports) — is now plumbed end-to-end so the user's system-wide vs user choice actually reaches the backend. REST API parity for the four CLI shell-integration endpoints is added at the same time: GET /api/v1/system/cli/{info,detect} and POST /api/v1/system/cli/{install,uninstall}, all delegating to the same crate::cli::service functions with InstallContext::Headless so daemon-mode REST refuses admin-elevation flows with a clear 400 instead of blocking on a UI prompt .
• QR code generation in Settings → Node failing on v1.7.0 with command generate_qr_code missing required key connectionKey. The TS adapter parameter is renamed to connectionKey, the unused size field dropped from ApiAdapter.generateQrCode, both adapter delegates, both transports, and the QrCodeDisplay adapter call site. New REST POST /api/v1/nodes/qr-code endpoint added with regression tests .
• Squad ChannelSettingsDrawer dirty-state heuristic firing a false-positive Discard prompt on the happy-path close after a successful Connect/Disconnect; the connected state is now in the reset effect deps. Korean unsavedChanges block "취소" collision with the shared common.cancel "취소" — replaced with "버리기" / "버릴까요?" wording mirroring the English Discard intent and the existing ja/es/zh translations .
• ChannelSettingsDrawer keeping the embedded *Settings component mounted in the React tree forever after the drawer's first close — the ref-mutation pattern inherited from AgentProfileEditor never re-rendered the body. Replaced with a displayChannel useState so the close-animation timer's clear actually unmounts the embedded form after the 350 ms drawer slide-out .
• SettingsLayout per-tab aria-controls attributes referenced the currently active panel id rather than each tab's own panel id, contradicting the WAI-ARIA tabs pattern; on mobile both the desktop sidebar (CSS-hidden) and the mobile Drawer rendered the same nav list, producing duplicate DOM ids on the tab buttons. Sidebar is now conditionally rendered only when !isMobile, exactly one nav list is mounted at any time, and each tab's aria-controls matches its own panel id .

CI/CD Improvements

None

Technical Details

• InstallContext enum introduced so the same CLI shell-integration service can distinguish desktop callers (interactive UI session, allowed to spawn osascript/pkexec admin prompts) from headless callers (REST handlers in server mode, must refuse those flows). All existing behavior — atomic symlink creation, single-quote escaping for shell injection prevention, Windows registry handling, and the WM_SETTINGCHANGE broadcast — is preserved bit-for-bit .
• Regression tests added: commands::nodes::tests::generate_qr_code_argument_shape_is_camel_case mirrors the argument-resolution struct Tauri synthesizes for the command and verifies that { connectionKey: "..." } deserializes correctly; commands::nodes::tests::generate_qr_code_rejects_legacy_argument_shape verifies the previously-broken { data, size } payload no longer matches; management_api::handlers::nodes::tests::generate_qr_code_request_accepts_camel_case verifies the REST DTO accepts the same camelCase wire shape; src/lib/api/rest/system.test.ts covers the new REST transport for QR code; src/components/QrCodeDisplay.test.tsx updated to assert the new single-argument adapter call .
• Regression tests added: REST transport tests for CLI install/uninstall endpoints covering installCliSymlink(true) and installCliSymlink(false) asserting the snake_case use_system_path field in the POST body, and uninstallCliSymlink asserting no body is sent. Brings the api/ test suite from 94 to 97 tests .
• Regression tests added: ChannelCard and ChannelSettingsDrawer unit tests ; SettingsLayout keyboard nav, grouping, ARIA, and mobile drawer behavior (27 tests) ; PageLayout.test.tsx covering standard/wide/full variant classes, className passthrough, and children rendering (5 tests) .

Dependencies

None

Breaking Changes

None

Known Issues

None

What's Changed

• refactor(settings): redesign Settings page from top tabs to left sidebar layout by @inureyes
• refactor(settings): unify layout as single card with sticky sidebar and add nav icons by @inureyes
• refactor(settings): unify all tab sections to use SectionGroup primitive by @inureyes
• fix: QR code generation in Settings/Node fails with missing connectionKey by @inureyes
• fix: CLI install button fails with 'Command install_cli_symlink not found' by @inureyes
• refactor: define complete font-size token scale and adopt across codebase by @inureyes
• refactor(settings): split General tab into focused tabs by @inureyes
• refactor: replace Squad channel accordion with card grid and settings drawer by @inureyes
• refactor(squad): swap channel card accent strip for top-left corner triangle by @inureyes
• refactor: render task descriptions as markdown and adopt corner-triangle accents globally by @inureyes

v1.7.0

Sessions menu, External Connectors (Email + Calendar), multi-agent @mention, governance Phase B, generate_image tool, and 100+ fixes.

Backend.AI GO v1.7.0

171 commits since v1.6.1. (143,498 lines added, 6,356 lines deleted)

New Features

Sessions Management

• Sessions menu rolls out to production with full Active / History / Diagnostics tabs available on every build .
• SessionsService consolidates LLM, diffusion, squad-agent, and history lifecycle events into one observable surface, exposed via Tauri commands and matching REST handlers .
• Active tab with sortable / filterable DataTable, table & card view toggle, and terminate-vs-delete semantics with starting / terminal-state guards .
• History tab with paginated list, delete actions, and persistence so terminated sessions are recorded across restarts .
• Session detail drawer reusing the model-card pattern, plus a Diagnostics tab with PID, health, uptime, and a bounded 200-entry scrollable log list — full API parity (sessions_get_diagnostics Tauri + GET /api/v1/sessions/{id}/diagnostics REST); api_key is never exposed .
• Accessible column sorting on the shared DataTable (per-column sortable / accessors / comparators / default direction; aria-sort for WCAG 2.1 SC 1.3.1; keyboard activation; stable sort) .
• Session-alias rename UI when multiple instances of the same model are loaded; multi-session model display in chat & selection surfaces .

External Connectors Platform

• Email (SMTP/IMAP) as the first external connector — IMAP read adapter, SMTP write adapter Stages 0-6, end-to-end docs .
• Calendar (Google Calendar) as the second connector — backend foundation, governance integration, Settings UI alignment with Email .
• Connector governance hook API + thin interceptor .
• Finalized connector audit trail schema with canonical_serialize and redactedFields, SQLite-backed ConnectorAuditStore, redaction pass, and retention policy .
• Content-addressed blob storage for rollback snapshots .
• Connector audit log page with one-click undo per row, plus an in-app toast carrying an undo action immediately after a connector write .
• Undo intent taxonomy and orchestration through the connector registry; affordances on notifications, audit rows, and agent cards .
• Channel bot tokens migrated to the OS credential vault; channel capability class declared for governance; channel messages now emit ConnectorAuditEntry rows .
• Retention-to-blob deletion handoff for ContentAddressed snapshots; credential-bearing params.body content redacted before truncation .

Multi-Agent @mention Collaboration

• Foundation: message and agent-run data model extensions for mentions, parent run chains, and forwarded messages .
• @mention autocomplete in the chat input with profile picker and inline chip preview .
• Main-agent orchestration and task delegation service routing @mention requests to sub-agent profiles .
• Mention chip rendering in user messages and assistant sub-agent attribution on reply bubbles .
• Real-time execution status UI for mention chips and chat — live run progress, stall, and error states .
• No-mention continuity (last responder retains the turn) and parallel mention dispatch .
• Polish pass — header relabel, i18n strings, docs, integration validation .

Personal Governance & Policy (Phase B)

• Policy-triggered approval prompt with inline policy edit from the approval dialog .
• Policy surface in Settings .
• Governance events emitted on guardrail and limit rule changes .
• IANA timezone names supported for limit day-boundary calculations .

Models, Agent Tools, and Chat

• New generate_image agent tool for LLM-autonomous image creation, wired to the existing Draw / sd-server stack .
• Recommended utility-model registry as a single source of truth for memory-extraction and title-generation models, with on-demand auto-load, lifecycle toasts, onboarding suggestion, and Settings UI to pick extraction & title models independently .
• Per-session preserve_thinking override with tri-state UI in the Chat Parameters Drawer .
• thinking_budget_tokens and preserve_thinking support for Qwen models .
• Models page table view backed by the shared ViewModeToggle .
• Bench harness for memory-extraction and title-model output quality .

Server, Distribution, and UI Foundations

• aigo-server manpage and headless .deb packaging for Linux server deployment .
• Sidebar header unified with the main toolbar (macOS traffic-light fix included) .
• Streaming audit-row scan for collect_live_store_refs so very large audit stores no longer block on full materialization .

Improvements

• Email read action contexts thread GovernanceHint::Silent through invoke_with_governance for full parity with Calendar .
• First-class metadata slot on OperationResult for connector-specific receipt data .
• Settings: align Email and Calendar connector design under the same layout .
• Refresh whitelisted default models for cloud providers .
• Serialize utility LLM calls (memory extraction, title generation) via a promise-chained queue to prevent slot contention with the active chat .
• Models menu no longer surfaces running models — moved to the header status pill and Sessions UI .
• Multi-session aliases align after router suffixing so /v1/models and selectors stay coherent across reloads ( follow-up).
• Memory extraction notification now explains why 0 entries were saved (no new facts, parse failure, validation failure, all duplicates) instead of an opaque "0 saved" .
• Unify router endpoint resolution for Tauri commands and REST handlers via RouterEndpointResolver trait .
• Make GGUF arch validation permissive with improved failure errors .
• Email connector UI + adapter polish .
• Wrap connector credentials in zeroize-on-drop SecretString .
• Squad Overview activity grid + timeline integration and UI polish .
• Align policies rule drawer with the canonical Drawer layout .
• Migrate governance UI raw elements to common components .
• Use fs4 for cross-platform disk space detection in engine commands .
• Codify before_state vs undo_token precedence in connectors-trait.md for connector authors .

Bug Fixes

• Loaded MLX/local models in the main model selector display the same name as the router/Continuum dropdown instead of "Model.safetensors" .
• Use named exports for date-fns v4 locale loaders — fixes Cannot access 'es' before initialization startup crash that prevented v1.7.0-beta.3 from running .
• Strip · port {port} · {n}k ctx suffix from SessionSummary.displayName for LLM-serving sessions to avoid duplicating columns .
• Sessions: complete i18n, accessibility, and responsive QA pass .
• Providers: sync router and enrich selected_models on Refresh .
• Stabilized unified Sessions runtime identities and lifecycle history; encoded/validated session history filenames defensively .
• Ensure terminated sessions appear in the History tab .
• Cancel in-flight tool execution on cowork stop signal; Cowork stop button actually halts the running task .
• Sub-agent tool approval dialog surfaces in the chat surface so runs no longer stall .
• Sub-agent approval prompts no longer surface in the wrong chat session when the user switches sessions; switching sessions no longer leaves approval-waiting sub-agents stalled .
• Scope sub-agent approval surface to the active chat session so approvals don't leak across sessions .
• Sub-agent retains its prior reply when the user sends a no-mention follow-up, preventing repeated clarifying questions .
• Parallel fetch_url calls no longer block when approved with remember=false .
• Headless file and event APIs hardened for permission and lifecycle edge cases .
• Epic 1047 agent tools hardening pass .
• Complete node registration pairing flow .
• Address epic 2759 review gaps and headless gating .
• Memory extraction empty-reason surfacing in chat UI notification + Rust diagnostic logging under memory::extraction .
• Title-generation prompt, validation, retry behavior unified with the recommended utility model; parseBareModelId applied; Qwen3-specific /no_think prefix removed; memory extraction serialized before title generation .
• Title generation no longer races memory extraction for the local single-completion slot .
• Title generation no longer injects the Qwen3-specific /no_think control token into prompts for other model families .
• Sub-agent run hangs after spawn — reject the literal default model alias to recover .
• Resolve @mention delegation failures for the Main Agent and built-in profiles; complete delegation follow-ups; flip autocomplete popover when clipped by the viewport .
• Stabilize Hugging Face download manager: delete, retry, cancel/retry race, and queue persistence .
• Chat memory extraction persists saved memories and the UI distinguishes success and failure outcomes .
• Detect token exhaustion inside reasoning blocks via request config .
• MLX capability detector identifies audio/video on multimodal Qwen3.5/3.6 models; fall back to chat_template.jinja for tool-calling detection .
• Close email governance and rollback gaps .
• Enter Tokio runtime context before spawning the retention scheduler so make dev no longer panics in the AppKit delegate .
• Strip MLX quantization suffix (-4bit, _4bit, .4bit, etc.) in Rust alias derivation so model aliases match the TypeScript frontend .
• Capture per-chunk undo ids and propagate all-failed across channel multi-chunk sends .
• Stabilize download queue height with max-3-item constraint and smooth transitions .
• Forward top_k, min_p, frequency_penalty, presence_penalty, repeat_penalty, and seed over the Unix-socket transport — six sampling fields were silently dropped for all socket-backed models on macOS .
• Context-window indicator no longer drops to 0% between mult...

v1.6.1

Backend.AI GO 1.6.1 ships OS credential vault, per-agent spending and rate limits, step reasoning retention, plus aarch64 Linux and Squad monitor stability fixes.

Backend.AI GO v1.6.1

10 commits since v1.6.0. (15461 lines added, 146 lines deleted)

New Features

• OS credential vault integration — API keys, secrets, and inference credentials are now stored in the operating system's native keyring (macOS Keychain, Windows Credential Manager, Linux Secret Service) instead of plain text on disk.
• Connector trait and capability model design — Foundational trait abstraction for plugging in new external integrations with declared capabilities.
• Conversational guardrail model primitives and storage — Configurable safety boundaries for chat with reusable storage shared across agents.
• Per-agent, per-day, per-tool spending and rate limits — Fine-grained controls let operators cap cost and usage by agent, day, and individual tool, with a persisted ledger and replenishment engine.
• Reversible-by-design action audit schema — Every recorded action carries the metadata needed to undo it, laying the groundwork for safe automated rollbacks.
• Step reasoning retention and display — Each agent's chain-of-thought is preserved across runs and surfaced in the run detail view so you can replay how an answer was reached.

Improvements

• What's New modal content refreshed across all six locales (English, Korean, Japanese, Spanish, Traditional Chinese, Simplified Chinese) with v1.6.1 highlights.
• CHANGELOG and README Recent Updates section refreshed for the v1.6.1 maintenance release.

Bug Fixes

• aarch64 Linux build restored after toolchain regressions, and the Squad monitor re-render loop that caused runaway re-renders on active squads has been eliminated.
• Container CLI check parser correctly handles the updated container-cli output format.
• Squad workspace self-heal automatically recovers from inconsistent or partial workspace state on launch.
• Tauri runtime startup panic in spawn agent limits init resolved by binding the limits initializer to the Tauri runtime.

CI/CD Improvements

None.

Technical Details

• OS credential vault uses the existing keyring crate with platform-specific backends (apple-native, windows-native, sync-secret-service).
• Conversational guardrail and reversible action audit work introduces new SQLite tables and schema migrations.
• Spending and rate-limit ledger is persisted per agent with daily and per-tool quotas managed by a dedicated rate-limit engine.
• Step reasoning is stored alongside each agent step so it survives across run boundaries and is rendered in the run detail view.
• Connector trait and capability model are pure design scaffolding in this release; no user-visible connector is enabled yet.

Dependencies

None.

Breaking Changes

None.

Known Issues

None.

Full Changelog

Backend.AI GO v1.6.0

Backend.AI GO v1.6.0 ships the Squad Overview tab with live Agent Activity Grid and Execution Timeline, a full CLI suite for headless operation, and massive squad, agent, and chat state persistence fixes across navigation.

Backend.AI GO v1.6.0

202 commits since v1.5.4. (171,055 lines added, 60,288 lines deleted)

New Features

• Squad Overview tab with live Agent Activity Grid and chronological Execution Timeline (E1-8:, E1-9:, parent,)
• TokenUsageBar, AgentActivityCard common components, activity summary and stall-detection selectors, and squadTimelineSlice Zustand slice powering the new Squad Overview
• Full CLI suite for headless operation: Agent Runtime , Node/Mesh networking , Squad Management , and Supervisor policy/monitoring
• Startup section in Settings → General with auto-load model policy (none / lastUsed / explicit), sequential loader with RAM budget and timeout, landing page selector, and auto-restore chat session opt-out (–)
• Auto-restore most recent chat session on /chat entry with opt-out
• Unified agent activity state model with dynamic liveness thresholds per activity type and token-stream heartbeat for streaming inference steps
• Background execution hardening for long-running jobs
• Tray residency policy with onboarding prompt
• Approval-waiting pinned section with cross-squad aggregation
• Rich Team Dashboard with agent row list, name filter, and status chip toggles
• Independent headless build without desktop feature dependency , plus headless diffusion browser, file picker, directory selection
• Standalone .baimodel packager script and fast-head manifest reader that inspects bundles without scanning the full archive
• Auto-select model after loading with Start Chat notification action
• --parallel parameter configuration for inference servers
• Engine auto-update toggle in Settings → General → Updates
• Support new GGUF split format (name-NNNNN-of-NNNNN.gguf)

Improvements

• Complete shared-runtime refactor closing headless/desktop parity across engine, router, scheduler, squad, supervisor, process, diffusion, plugin, channel, provider, translation, mcp, and creation flows
• Lock-free routing table for the inference hot path eliminates chat freezes during concurrent model loads
• Canonical API layer architecture with frozen legacy tauri.ts, domain adapter methods, and component-level call migration
• Native async fn in traits replacing the async-trait crate
• Typed Zustand stores replace window.dispatchEvent internal protocol
• tokio::fs replaces sync std::fs in async contexts
• State persistence audit across squad/agent navigation — scroll, drafts, and log streams now survive tab switches
• Major codebase decomposition: adapter.ts (3978 → 281 lines), squadStore.ts (1515 → 32 lines barrel), modelStore.ts, hfStore.ts, agentStore.ts, clawStore.ts, chatApi.ts, chatStore.ts, src/types/squad.ts, lib.rs, management_api/server.rs, models/manager.rs, settings/types.rs, SettingsPage, ModelsPage, ApiSettingsPage (,,,,–,,,–)
• Consolidate shared domain types into core and unify state adapter layer
• Enforce domain service access pattern for extension areas
• Single source of truth mandate for Tauri/REST parity with api-parity rules extended to filesystem operations
• Common UI component usage promoted to lint/PR checklist
• Emphasize Backend.AI GO as an Agentic AI Platform on webpage

Bug Fixes

• Squad/agent/chat state persistence: SquadChat container log streams, monitored squad / activity feed / token usage, SquadMonitor UI state, BudgetMeter subscriptions, squad event subscriptions, AgentChat mount-time refetch, squad monitor drafts, ChannelsTab and AgentPage/CoworkPage cleanup handlers no longer wipe state on unmount (–,,,)
• Chat freeze during model load caused by outer Mutex on InferenceCoordinator
• Chat cancellation now propagates to backend and frees inference server slots
• Graceful shutdown on macOS Cmd+Q and SIGTERM cleanly releases inference slots and cancels in-flight chat streams
• GGUF model deletion now cleans up orphan directories and stale model cards
• Sharded MLX model stability fixes — disappearing models, wrong IDs, empty structure cards
• MLX capability auto-detection (vision, audio, tool calling) from config.json
• Null audio_config guard and tool-calling detection from tokenizer special tokens
• Progress race condition between timer task and coordinator
• Squad approval context propagation through agent runtime
• Tokio runtime entry before wiring suspend detector
• Headless data directory isolation and REST response shape alignment
• Headless flows: translation file handling, directory selection, session restore notification with model loading
• Register /startup/apply-model-policy route scope in Management API
• Repair auto-load review regressions in the Startup flow
• Auto-select and Start Chat not working after model loading
• Pass --jinja flag to mlxcel engine for tool calling support
• Security: enforce originating key scopes on session-authenticated requests , align Secure cookie flag with TLS state , fail startup when setup token generation fails , propagate real caller identity to registry audit entries , propagate TLS config to ServerConfig
• Numeric GPU temperature on macOS with all-smi 0.19.0
• Missing i18n strings for aria-labels and node titles
• Chat context not shared between demo playbook main prompt and follow-up questions
• Fall back to chat model when utility model is unavailable for title generation
• Filter active downloads from orphaned download detection
• Linux keyring dependency leaking into headless builds
• Explicit headless graceful shutdown on SIGTERM

CI/CD Improvements

• Criterion smoke benchmarks covering critical performance paths
• Security regression suite for the integrated Tauri + headless architecture
• Architecture check script with file size threshold warnings
• Automated Team Dashboard acceptance tests
• API parity verification promoted from documentation to automated tests
• Bump GitHub Actions to Node 24 compatible versions
• Teams release notification added to packaging workflow
• make watch-server target for bgo-server hot rebuild
• libdrm installed in CI so headless GPU monitoring works on Linux runners
• Resolve lint, format, and clippy warnings across the codebase

Technical Details

• Shared runtime bridges and service adapters route all domain services (engine, router, scheduler, squad, supervisor, process, diffusion, plugin, channel, provider, translation, mcp, creation) through a single runtime, enabling full parity between the desktop app and headless aigo-server.
• Canonical API layer architecture freezes legacy tauri.ts and promotes all backend calls through domain adapter methods — component-level tauriInvoke calls were migrated to the adapter layer and ESLint rules enforce the domain boundary.
• Unified agent activity state model provides a single source of truth for agent status across Squad Overview, Team Dashboard, and the new chronological Execution Timeline. Dynamic liveness thresholds per activity type and token-stream heartbeat during inference steps eliminate false-positive stall detection on long-running jobs.
• Lock-free inference routing table removes the outer Mutex on InferenceCoordinator that previously serialized chat completions behind background model loads.
• State persistence audit rewired subscription lifecycles at the store level so squad/agent/chat UI state (scroll, drafts, log streams, container logs, budget, approvals) now survives navigation across tabs and pages.
• Codebase decomposition broke up oversized modules (adapter.ts 3978 → 281-line barrel, squadStore.ts 1515 → 32-line barrel, lib.rs, management_api/server.rs, models/manager.rs, settings/types.rs, SettingsPage, ModelsPage, ApiSettingsPage, chatStore.ts, etc.) into subdomain slices, service modules, and section containers, aided by a new architecture check script with file size threshold warnings.
• DTO validation and API parity tests promoted from documentation to automated test suites now guard Rust↔TypeScript serialization and Tauri/REST endpoint parity.

Dependencies

• Upgrade all Cargo dependencies and fix pre-existing test failures
• llama.cpp → b8665
• mlxcel → 0.0.23 (from 0.0.15)
• all-smi → 0.19.0
• GitHub Actions bumped to Node 24 compatible versions
• async-trait crate removed in favor of native async fn in traits

Breaking Changes

• bgo / bago → aigo rename . The CLI binary, URL scheme, and internal identifiers have been renamed to aigo. bgo:// deep links and the legacy bgo CLI command are no longer supported. Update scripts, launch shortcuts, and integrations accordingly.
• mlx-server → mlxcel-server rename across docs and architecture notes .
• Legacy tauri.ts frozen . All new backend calls must go through the canonical domain adapter layer. Direct tauriInvoke imports in components and pages are now flagged by ESLint; Squad/Plugin/Cowork pages have boundary regression tests that block direct transport imports.
• Major store decomposition (–): adapter.ts, squadStore.ts, modelStore.ts, hfStore.ts, agentStore.ts, clawStore.ts, chatApi.ts, chatStore.ts, and src/types/squad.ts are now barrels that re-export from subdomain slices. Internal imports should use the barrel path; deep imports into former internal files may break.

Known Issues

None.

What's Changed

• fix(security): enforce originating key scopes on session-authenticated req...

v1.6.0-canary.260406

Canary release (260406)
This is a bleeding-edge canary build for testing purposes.
Update Channel: Canary
Base Version: 1.6.0
Build Date: 2026-04-06

⚠️ Warning: Canary releases may contain unstable features and bugs.
Use at your own risk. Not recommended for production use.

v1.5.4

Fix MLX model inference, propagate all model config parameters, and harden Management API security.

Backend.AI GO 1.5.4

42 commits since v1.5.3.

New Features

• Qwen-Image multi-component model support for vision-language tasks
• Smooth auto-scroll during streaming chat responses
• Qwen3/3.5 thinking mode control via reasoningEffort mapping to chat_template_kwargs
• Local update test server for pre-release E2E testing with BGO_UPDATE_URL env var override
• Install-phase progress UI with countdown timer and per-step status
• Scope-aware authorization middleware for Management API
• Per-route required scope mapping for all protected routes
• Audit logging for auth failures, permission denials, and sensitive access
• Repeat penalty parameter added to chat UI, chat API config, and llama-server args

Improvements

• Switch MLX model download filter from allowlist to blocklist — automatically includes new auxiliary files like chat_template.jinja and processor_config.json
• Propagate all 22 model drawer parameters to inference server CLI args (sampling, context, hardware, RoPE, DRY penalty)
• Add ESLint rules to forbid direct tauri.ts imports and tauriInvoke calls
• Add route scope coverage baseline test
• Add libprotobuf-dev to Docker build for protobuf well-known types

Bug Fixes

• Fix Gemma 4 models producing garbage output on mlxcel engine due to missing chat_template.jinja
• Fix macOS auto-update hang caused by resource fork metadata (._ files) in updater tar.gz
• Prevent indefinite hang during auto-update by keeping safety nets active through install/restart phase
• Prevent partial release sync to public repository when any platform build fails
• Remove duplicate download progress bar in model detail view
• Resolve update-and-restart flow failures from UI mismatch, safety-net race, and post-shutdown network call
• Show meaningful model metadata in Dashboard ModelStatusWidget
• Correct navigation target in SdServerUnavailable engine settings button
• Detect and clean up orphaned mlxcel-server processes on app restart
• Replace fixed sleep with process exit polling during router shutdown
• Audit CSP unsafe-inline and apply inline style removals
• Restrict shell.open to bago:// protocol allowlist
• Redesign bootstrap admin key policy for external access mode
• Add conditional Secure cookie policy based on binding mode
• Add scope escalation prevention on admin/keys endpoints
• Disable appstream-compose in Flatpak manifest
• Add repeatPenalty validation and model config loading in chat store

CI/CD Improvements

• Prevent release sync when any platform build fails — finalize job now checks all build results
• Scope App token to repo and resolve node IDs via GraphQL lookup in project automation workflow

Technical Details

• MLX model download uses blocklist instead of allowlist for auxiliary files
• All 22 model config parameters (sampling, context, hardware, RoPE, DRY) now flow from UI → ModelConfig → ServerConfig → CLI args
• New is_excluded_file function replaces the old is_config_file allowlist approach
• LLAMA_ONLY_FLAGS and LLAMA_ONLY_VALUED updated for non-llama engine compatibility

Dependencies

• mlxcel updated to v0.0.15

Breaking Changes

None

Known Issues

None

Full Changelog