Skip to content

chore(deps): Bump actions/download-artifact from 4 to 8 in /.github/workflows#5

Open
dependabot[bot] wants to merge 2825 commits into
mainfrom
dependabot/github_actions/dot-github/workflows/actions/download-artifact-8
Open

chore(deps): Bump actions/download-artifact from 4 to 8 in /.github/workflows#5
dependabot[bot] wants to merge 2825 commits into
mainfrom
dependabot/github_actions/dot-github/workflows/actions/download-artifact-8

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 23, 2026

Copy link
Copy Markdown
Contributor

Bumps actions/download-artifact from 4 to 8.

Release notes

Sourced from actions/download-artifact's releases.

v8.0.0

v8 - What's new

[!IMPORTANT] actions/download-artifact@v8 has been migrated to an ESM module. This should be transparent to the caller but forks might need to make significant changes.

[!IMPORTANT] Hash mismatches will now error by default. Users can override this behavior with a setting change (see below).

Direct downloads

To support direct uploads in actions/upload-artifact, the action will no longer attempt to unzip all downloaded files. Instead, the action checks the Content-Type header ahead of unzipping and skips non-zipped files. Callers wishing to download a zipped file as-is can also set the new skip-decompress parameter to true.

Enforced checks (breaking)

A previous release introduced digest checks on the download. If a download hash didn't match the expected hash from the server, the action would log a warning. Callers can now configure the behavior on mismatch with the digest-mismatch parameter. To be secure by default, we are now defaulting the behavior to error which will fail the workflow run.

ESM

To support new versions of the @actions/* packages, we've upgraded the package to ESM.

What's Changed

Full Changelog: actions/download-artifact@v7...v8.0.0

v7.0.0

v7 - What's new

[!IMPORTANT] actions/download-artifact@v7 now runs on Node.js 24 (runs.using: node24) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.

Node.js 24

This release updates the runtime to Node.js 24. v6 had preliminary support for Node 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.

What's Changed

New Contributors

Full Changelog: actions/download-artifact@v6.0.0...v7.0.0

v6.0.0

... (truncated)

Commits
  • 3e5f45b Add regression tests for CJK characters (#471)
  • e6d03f6 Add a regression test for artifact name + content-type mismatches (#472)
  • 70fc10c Merge pull request #461 from actions/danwkennedy/digest-mismatch-behavior
  • f258da9 Add change docs
  • ccc058e Fix linting issues
  • bd7976b Add a setting to specify what to do on hash mismatch and default it to error
  • ac21fcf Merge pull request #460 from actions/danwkennedy/download-no-unzip
  • 15999bf Add note about package bumps
  • 974686e Bump the version to v8 and add release notes
  • fbe48b1 Update test names to make it clearer what they do
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependabot Bot and others added 30 commits March 31, 2026 16:17
Bumps
[google.golang.org/api](https://github.com/googleapis/google-api-go-client)
from 0.271.0 to 0.273.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/googleapis/google-api-go-client/releases">google.golang.org/api's
releases</a>.</em></p>
<blockquote>
<h2>v0.273.0</h2>
<h2><a
href="https://github.com/googleapis/google-api-go-client/compare/v0.272.0...v0.273.0">0.273.0</a>
(2026-03-23)</h2>
<h3>Features</h3>
<ul>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3542">#3542</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/a4b47110f2ba5bf8bdb32174f26f609615e0e8dc">a4b4711</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3546">#3546</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/0cacfa8557f0f7d21166c4dfef84f60c6d9f1a49">0cacfa8</a>)</li>
</ul>
<h2>v0.272.0</h2>
<h2><a
href="https://github.com/googleapis/google-api-go-client/compare/v0.271.0...v0.272.0">0.272.0</a>
(2026-03-16)</h2>
<h3>Features</h3>
<ul>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3534">#3534</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/b4d37a1279665d52b8b4672a6a91732ae8eb3cf6">b4d37a1</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3536">#3536</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/549ef3e69575edbe4fee27bc485a093dc88b90b3">549ef3e</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3537">#3537</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/6def284013185ab4ac2fa389594ee6013086d5d0">6def284</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3538">#3538</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/319b5abcbc42b77f6acc861e45365b65695e8096">319b5ab</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3539">#3539</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/73bcfcf9b2fd8def3aec1cdff10e6d4ee646af41">73bcfcf</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3541">#3541</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/6374c496fde577aa9f5b32470e45676ff4f69dde">6374c49</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md">google.golang.org/api's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/googleapis/google-api-go-client/compare/v0.272.0...v0.273.0">0.273.0</a>
(2026-03-23)</h2>
<h3>Features</h3>
<ul>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3542">#3542</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/a4b47110f2ba5bf8bdb32174f26f609615e0e8dc">a4b4711</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3546">#3546</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/0cacfa8557f0f7d21166c4dfef84f60c6d9f1a49">0cacfa8</a>)</li>
</ul>
<h2><a
href="https://github.com/googleapis/google-api-go-client/compare/v0.271.0...v0.272.0">0.272.0</a>
(2026-03-16)</h2>
<h3>Features</h3>
<ul>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3534">#3534</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/b4d37a1279665d52b8b4672a6a91732ae8eb3cf6">b4d37a1</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3536">#3536</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/549ef3e69575edbe4fee27bc485a093dc88b90b3">549ef3e</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3537">#3537</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/6def284013185ab4ac2fa389594ee6013086d5d0">6def284</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3538">#3538</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/319b5abcbc42b77f6acc861e45365b65695e8096">319b5ab</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3539">#3539</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/73bcfcf9b2fd8def3aec1cdff10e6d4ee646af41">73bcfcf</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3541">#3541</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/6374c496fde577aa9f5b32470e45676ff4f69dde">6374c49</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/2e86962ce58da59e39ffacd1cb9930abe979fd3c"><code>2e86962</code></a>
chore(main): release 0.273.0 (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3545">#3545</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/50ea74c1b06b4bb59546145272bc51fc205b36ed"><code>50ea74c</code></a>
chore(google-api-go-generator): restore aiplatform:v1beta1 (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3549">#3549</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/0cacfa8557f0f7d21166c4dfef84f60c6d9f1a49"><code>0cacfa8</code></a>
feat(all): auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3546">#3546</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/d38a12991f9cee22a29ada664c5eef3942116ad9"><code>d38a129</code></a>
chore(all): update all (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3548">#3548</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/a4b47110f2ba5bf8bdb32174f26f609615e0e8dc"><code>a4b4711</code></a>
feat(all): auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3542">#3542</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/67cf706bd3f9bd26f2a61ada3290190c0c8545ff"><code>67cf706</code></a>
chore(all): update module google.golang.org/grpc to v1.79.3 [SECURITY]
(<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3544">#3544</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/e7df9fe0b92461f87b6d267a600e6825d1221e75"><code>e7df9fe</code></a>
chore(main): release 0.272.0 (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3535">#3535</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/5d8b2662ac4cd19ac978d9f08bedb59dc41c8247"><code>5d8b266</code></a>
chore(all): update all (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3540">#3540</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/6374c496fde577aa9f5b32470e45676ff4f69dde"><code>6374c49</code></a>
feat(all): auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3541">#3541</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/73bcfcf9b2fd8def3aec1cdff10e6d4ee646af41"><code>73bcfcf</code></a>
feat(all): auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3539">#3539</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/googleapis/google-api-go-client/compare/v0.271.0...v0.273.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google.golang.org/api&package-manager=go_modules&previous-version=0.271.0&new-version=0.273.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [electron](https://github.com/electron/electron) from 41.0.2 to
41.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/electron/electron/releases">electron's
releases</a>.</em></p>
<blockquote>
<h2>electron v41.1.0</h2>
<h1>Release Notes for v41.1.0</h1>
<h2>Features</h2>
<ul>
<li>Added nativeTheme.shouldDifferentiateWithoutColor on macOS. <a
href="https://redirect.github.com/electron/electron/pull/50408">#50408</a>
<!-- raw HTML omitted -->(Also in <a
href="https://redirect.github.com/electron/electron/pull/50409">42</a>)<!--
raw HTML omitted --></li>
<li>Notes: Added support for the <code>urgency</code> option in
Notifications on Windows. <a
href="https://redirect.github.com/electron/electron/pull/50382">#50382</a>
<!-- raw HTML omitted -->(Also in <a
href="https://redirect.github.com/electron/electron/pull/50383">42</a>)<!--
raw HTML omitted --></li>
</ul>
<h2>Fixes</h2>
<ul>
<li>Fixed a bug where Windows notification icons could fail to save
because their temporary filenames contained invalid characters. <a
href="https://redirect.github.com/electron/electron/pull/50483">#50483</a>
<!-- raw HTML omitted -->(Also in <a
href="https://redirect.github.com/electron/electron/pull/50484">40</a>)<!--
raw HTML omitted --></li>
<li>Fixed a crash in <code>clipboard.readImage()</code> when the
clipboard contains malformed image data. <a
href="https://redirect.github.com/electron/electron/pull/50492">#50492</a>
<!-- raw HTML omitted -->(Also in <a
href="https://redirect.github.com/electron/electron/pull/50493">39</a>,
<a
href="https://redirect.github.com/electron/electron/pull/50491">40</a>,
<a
href="https://redirect.github.com/electron/electron/pull/50494">42</a>)<!--
raw HTML omitted --></li>
<li>Fixed a crash when calling an offscreen shared texture's
<code>release()</code> after the texture object was garbage collected.
<a
href="https://redirect.github.com/electron/electron/pull/50501">#50501</a>
<!-- raw HTML omitted -->(Also in <a
href="https://redirect.github.com/electron/electron/pull/50499">39</a>,
<a
href="https://redirect.github.com/electron/electron/pull/50500">40</a>,
<a
href="https://redirect.github.com/electron/electron/pull/50502">42</a>)<!--
raw HTML omitted --></li>
<li>Fixed an accessibility issue where the AXMenuOpened event was not
fired on menu creation. <a
href="https://redirect.github.com/electron/electron/pull/50506">#50506</a>
<!-- raw HTML omitted -->(Also in <a
href="https://redirect.github.com/electron/electron/pull/50505">40</a>,
<a
href="https://redirect.github.com/electron/electron/pull/50504">42</a>)<!--
raw HTML omitted --></li>
<li>Fixed an issue where an app shortcut may lose its icon after
auto-updating on Windows. <a
href="https://redirect.github.com/electron/electron/pull/50519">#50519</a>
<!-- raw HTML omitted -->(Also in <a
href="https://redirect.github.com/electron/electron/pull/50518">40</a>)<!--
raw HTML omitted --></li>
</ul>
<h2>Other Changes</h2>
<ul>
<li>Updated Chromium to 146.0.7680.166. <a
href="https://redirect.github.com/electron/electron/pull/50458">#50458</a></li>
</ul>
<h2>electron v41.0.4</h2>
<h1>Release Notes for v41.0.4</h1>
<h2>Fixes</h2>
<ul>
<li>Fixed crash when handling JavaScript dialogs from windows opened
with invalid or empty URLs. <a
href="https://redirect.github.com/electron/electron/pull/50399">#50399</a>
<!-- raw HTML omitted -->(Also in <a
href="https://redirect.github.com/electron/electron/pull/50400">39</a>,
<a
href="https://redirect.github.com/electron/electron/pull/50401">40</a>,
<a
href="https://redirect.github.com/electron/electron/pull/50398">42</a>)<!--
raw HTML omitted --></li>
<li>Fixed improper focus tracking in BaseWindow on MacOS. <a
href="https://redirect.github.com/electron/electron/pull/50340">#50340</a>
<!-- raw HTML omitted -->(Also in <a
href="https://redirect.github.com/electron/electron/pull/50338">39</a>,
<a
href="https://redirect.github.com/electron/electron/pull/50337">40</a>,
<a
href="https://redirect.github.com/electron/electron/pull/50339">42</a>)<!--
raw HTML omitted --></li>
<li>Fixed logic bug that rendered certain window types un-resizable on
MAS builds. <a
href="https://redirect.github.com/electron/electron/pull/50354">#50354</a>
<!-- raw HTML omitted -->(Also in <a
href="https://redirect.github.com/electron/electron/pull/50355">40</a>,
<a
href="https://redirect.github.com/electron/electron/pull/50356">42</a>)<!--
raw HTML omitted --></li>
<li>Fixed utilityProcess exit event reporting incorrect exit codes on
Windows when the exit code has the high bit. <a
href="https://redirect.github.com/electron/electron/pull/50386">#50386</a>
<!-- raw HTML omitted -->(Also in <a
href="https://redirect.github.com/electron/electron/pull/50387">40</a>,
<a
href="https://redirect.github.com/electron/electron/pull/50385">42</a>)<!--
raw HTML omitted --></li>
<li>Fixed window freeze when failing to enter/exit fullscreen on macOS.
<a
href="https://redirect.github.com/electron/electron/pull/50343">#50343</a>
<!-- raw HTML omitted -->(Also in <a
href="https://redirect.github.com/electron/electron/pull/50341">39</a>,
<a
href="https://redirect.github.com/electron/electron/pull/50344">40</a>,
<a
href="https://redirect.github.com/electron/electron/pull/50342">42</a>)<!--
raw HTML omitted --></li>
<li>Improved the appearance of shadows and borders on frameless windows
on Wayland. <a
href="https://redirect.github.com/electron/electron/pull/50213">#50213</a></li>
</ul>
<h2>Other Changes</h2>
<ul>
<li>Added support for using a proxy during yarn install. <a
href="https://redirect.github.com/electron/electron/pull/50350">#50350</a>
<!-- raw HTML omitted -->(Also in <a
href="https://redirect.github.com/electron/electron/pull/50349">39</a>,
<a
href="https://redirect.github.com/electron/electron/pull/50352">40</a>,
<a
href="https://redirect.github.com/electron/electron/pull/50351">42</a>)<!--
raw HTML omitted --></li>
<li>Updated Chromium to 146.0.7680.153. <a
href="https://redirect.github.com/electron/electron/pull/50346">#50346</a></li>
</ul>
<h2>electron v41.0.3</h2>
<h1>Release Notes for v41.0.3</h1>
<h2>Fixes</h2>
<ul>
<li>Added additional ASAR support to additional <code>fs</code> copy
methods. <a
href="https://redirect.github.com/electron/electron/pull/50286">#50286</a>
<!-- raw HTML omitted -->(Also in <a
href="https://redirect.github.com/electron/electron/pull/50284">39</a>,
<a
href="https://redirect.github.com/electron/electron/pull/50287">40</a>,
<a
href="https://redirect.github.com/electron/electron/pull/50285">42</a>)<!--
raw HTML omitted --></li>
<li>Fixed an issue where some DevTools functionality didn't work as
expected. <a
href="https://redirect.github.com/electron/electron/pull/50276">#50276</a>
<!-- raw HTML omitted -->(Also in <a
href="https://redirect.github.com/electron/electron/pull/50275">40</a>,
<a
href="https://redirect.github.com/electron/electron/pull/50274">42</a>)<!--
raw HTML omitted --></li>
<li>Fixed user resizing of transparent windows on win32 platform. <a
href="https://redirect.github.com/electron/electron/pull/50298">#50298</a>
<!-- raw HTML omitted -->(Also in <a
href="https://redirect.github.com/electron/electron/pull/50300">39</a>,
<a
href="https://redirect.github.com/electron/electron/pull/50301">40</a>,
<a
href="https://redirect.github.com/electron/electron/pull/50299">42</a>)<!--
raw HTML omitted --></li>
</ul>
<h2>Other Changes</h2>
<ul>
<li>Updated Chromium to 146.0.7680.80. <a
href="https://redirect.github.com/electron/electron/pull/50262">#50262</a></li>
</ul>
<h2>Documentation</h2>
<ul>
<li>Documentation changes: <a
href="https://redirect.github.com/electron/electron/pull/50293">#50293</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/electron/electron/commit/eb49ed962de29ab77ee824e5e13ae59a1ff95785"><code>eb49ed9</code></a>
fix: outdated execution path for COM activation (<a
href="https://redirect.github.com/electron/electron/issues/50519">#50519</a>)</li>
<li><a
href="https://github.com/electron/electron/commit/7e36ac67ce63337201b5b4514429ac053cced7a8"><code>7e36ac6</code></a>
chore: bump chromium to 146.0.7680.166 (41-x-y) (<a
href="https://redirect.github.com/electron/electron/issues/50458">#50458</a>)</li>
<li><a
href="https://github.com/electron/electron/commit/cbae32aac671963c01f14349bfc5c96fd315cfa2"><code>cbae32a</code></a>
fix: [a11y] fire AXMenuOpened event when ARIA menu is added to DOM (<a
href="https://redirect.github.com/electron/electron/issues/50506">#50506</a>)</li>
<li><a
href="https://github.com/electron/electron/commit/880b1e08e7227fddea9e50d488852d0fe7c68290"><code>880b1e0</code></a>
refactor: remove dead named-window lookup from guest-window-manager (<a
href="https://redirect.github.com/electron/electron/issues/50497">#50497</a>)</li>
<li><a
href="https://github.com/electron/electron/commit/aedea576da3cc603620c7dea290626c31d6222c8"><code>aedea57</code></a>
fix: hex-encode Windows notification icon temp filenames (<a
href="https://redirect.github.com/electron/electron/issues/50483">#50483</a>)</li>
<li><a
href="https://github.com/electron/electron/commit/707541d9b2697deb943ff15306710feaa581f0dd"><code>707541d</code></a>
fix: fall back to default DPI when GTK returns 0 on Linux (<a
href="https://redirect.github.com/electron/electron/issues/50489">#50489</a>)</li>
<li><a
href="https://github.com/electron/electron/commit/3dcb641a9957bfeec894f7de8b644621baaa2f6d"><code>3dcb641</code></a>
fix: crash calling OSR shared texture release() after texture GC'd (<a
href="https://redirect.github.com/electron/electron/issues/50501">#50501</a>)</li>
<li><a
href="https://github.com/electron/electron/commit/878a763344708d46329c788ab21db21e1bd74cae"><code>878a763</code></a>
fix: crash in clipboard.readImage() on malformed image data (<a
href="https://redirect.github.com/electron/electron/issues/50492">#50492</a>)</li>
<li><a
href="https://github.com/electron/electron/commit/6a8d187105d830ca863eef7b2bd2313078c140b4"><code>6a8d187</code></a>
feat: add accessibilityDisplayShouldDifferentiateWithoutColor on macOS
(<a
href="https://redirect.github.com/electron/electron/issues/50408">#50408</a>)</li>
<li><a
href="https://github.com/electron/electron/commit/29622930a0e8e377c66a949d8ef01dc31792706b"><code>2962293</code></a>
feat: support notification priority on Windows (<a
href="https://redirect.github.com/electron/electron/issues/50382">#50382</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/electron/electron/compare/v41.0.2...v41.1.0">compare
view</a></li>
</ul>
</details>
<br />

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
closes #3138, closes #2128

---------

Co-authored-by: sawka <mike@commandline.dev>
Co-authored-by: kilo-code-bot[bot] <240665456+kilo-code-bot[bot]@users.noreply.github.com>
Add two icon buttons (horizontal/vertical split) to every block's header
bar, gated behind a new `app:showsplitbuttons` setting (default false).
When enabled, the buttons appear before the settings cog.

Motivation: for users who split panes frequently, having the buttons
always visible speeds up the workflow vs. right-click > context menu.
The split functionality already exists — this just surfaces it more
conveniently.

- New setting `app:showsplitbuttons` (Go + TS + default config)
- Split buttons in `blockframe-header.tsx`, using existing
`createBlockSplitHorizontally`/`createBlockSplitVertically`
- New pane clones the current block's meta so terminals inherit
shell/connection config

---------

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Bumps [actions/deploy-pages](https://github.com/actions/deploy-pages)
from 4 to 5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/deploy-pages/releases">actions/deploy-pages's
releases</a>.</em></p>
<blockquote>
<h2>v5.0.0</h2>
<h1>Changelog</h1>
<ul>
<li>Update Node.js version to 24.x <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> (<a
href="https://redirect.github.com/actions/deploy-pages/issues/404">#404</a>)</li>
<li>Add workflow file for publishing releases to immutable action
package <a
href="https://github.com/Jcambass"><code>@​Jcambass</code></a> (<a
href="https://redirect.github.com/actions/deploy-pages/issues/374">#374</a>)</li>
<li>Bump braces from 3.0.2 to 3.0.3 in the npm_and_yarn group across 1
directory <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> (<a
href="https://redirect.github.com/actions/deploy-pages/issues/360">#360</a>)</li>
<li>Make the rebuild dist workflow work nicer with Dependabot <a
href="https://github.com/yoannchaudet"><code>@​yoannchaudet</code></a>
(<a
href="https://redirect.github.com/actions/deploy-pages/issues/361">#361</a>)</li>
<li>Bump the non-breaking-changes group across 1 directory with 3
updates <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> (<a
href="https://redirect.github.com/actions/deploy-pages/issues/358">#358</a>)</li>
<li>Delete repeated sentence <a
href="https://github.com/garethsb"><code>@​garethsb</code></a> (<a
href="https://redirect.github.com/actions/deploy-pages/issues/359">#359</a>)</li>
<li>Update README.md <a
href="https://github.com/tsusdere"><code>@​tsusdere</code></a> (<a
href="https://redirect.github.com/actions/deploy-pages/issues/348">#348</a>)</li>
<li>Bump the non-breaking-changes group with 4 updates <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> (<a
href="https://redirect.github.com/actions/deploy-pages/issues/341">#341</a>)</li>
<li>Remove error message for file permissions <a
href="https://github.com/TooManyBees"><code>@​TooManyBees</code></a> (<a
href="https://redirect.github.com/actions/deploy-pages/issues/340">#340</a>)</li>
</ul>
<hr />
<p>See details of <a
href="https://github.com/actions/deploy-pages/compare/v4.0.5...v4.0.6">all
code changes</a> since previous release.</p>
<p>:warning: For use with products other than GitHub.com, such as GitHub
Enterprise Server, please consult the <a
href="https://github.com/actions/deploy-pages/#compatibility">compatibility
table</a>.</p>
<h2>v4.0.5</h2>
<h1>Changelog</h1>
<ul>
<li>On API error, the error message will surface the API request ID <a
href="https://github.com/TooManyBees"><code>@​TooManyBees</code></a> (<a
href="https://redirect.github.com/actions/deploy-pages/issues/324">#324</a>)</li>
<li>Bump the non-breaking-changes group with 2 updates <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> (<a
href="https://redirect.github.com/actions/deploy-pages/issues/318">#318</a>)</li>
<li>Bump the non-breaking-changes group with 1 update <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> (<a
href="https://redirect.github.com/actions/deploy-pages/issues/316">#316</a>)</li>
<li>Bump the non-breaking-changes group with 3 updates <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> (<a
href="https://redirect.github.com/actions/deploy-pages/issues/314">#314</a>)</li>
<li>Bump release-drafter/release-drafter from 5.25.0 to 6.0.0 <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> (<a
href="https://redirect.github.com/actions/deploy-pages/issues/311">#311</a>)</li>
</ul>
<hr />
<p>See details of <a
href="https://github.com/actions/deploy-pages/compare/v4.0.4...v4.0.5">all
code changes</a> since previous release.</p>
<p>:warning: For use with products other than GitHub.com, such as GitHub
Enterprise Server, please consult the <a
href="https://github.com/actions/deploy-pages/#compatibility">compatibility
table</a>.</p>
<h2>v4.0.4</h2>
<h1>Changelog</h1>
<ul>
<li>Update api-client.js <a
href="https://github.com/lmammino"><code>@​lmammino</code></a> (<a
href="https://redirect.github.com/actions/deploy-pages/issues/295">#295</a>)</li>
<li>fix typo: compatibilty -&gt; compatibility <a
href="https://github.com/SimonSiefke"><code>@​SimonSiefke</code></a> (<a
href="https://redirect.github.com/actions/deploy-pages/issues/298">#298</a>)</li>
<li>Bump <code>@​actions/artifact</code> from 2.0.1 to 2.1.1 <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> (<a
href="https://redirect.github.com/actions/deploy-pages/issues/310">#310</a>)</li>
<li>Update Dependabot config to group non-breaking changes <a
href="https://github.com/JamesMGreene"><code>@​JamesMGreene</code></a>
(<a
href="https://redirect.github.com/actions/deploy-pages/issues/307">#307</a>)</li>
</ul>
<hr />
<p>See details of <a
href="https://github.com/actions/deploy-pages/compare/v4.0.3...v4.0.4">all
code changes</a> since previous release.</p>
<p>:warning: For use with products other than GitHub.com, such as GitHub
Enterprise Server, please consult the <a
href="https://github.com/actions/deploy-pages/#compatibility">compatibility
table</a>.</p>
<h2>v4.0.3</h2>
<h1>Changelog</h1>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/deploy-pages/commit/cd2ce8fcbc39b97be8ca5fce6e763baed58fa128"><code>cd2ce8f</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/deploy-pages/issues/404">#404</a>
from salmanmkc/node24</li>
<li><a
href="https://github.com/actions/deploy-pages/commit/bbe2a950ee52d4f5cbe74e6d9d6a8803676e91d5"><code>bbe2a95</code></a>
Update Node.js version to 24.x</li>
<li><a
href="https://github.com/actions/deploy-pages/commit/854d7aa1b99e4509c4d1b53d69b7ba4eaf39215a"><code>854d7aa</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/deploy-pages/issues/374">#374</a>
from actions/Jcambass-patch-1</li>
<li><a
href="https://github.com/actions/deploy-pages/commit/306bb814f29679fd12f0e4b0014bc1f3a7e7f4bc"><code>306bb81</code></a>
Add workflow file for publishing releases to immutable action
package</li>
<li><a
href="https://github.com/actions/deploy-pages/commit/b74272834adc04f971da4b0b055c49fa8d7f90c9"><code>b742728</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/deploy-pages/issues/360">#360</a>
from actions/dependabot/npm_and_yarn/npm_and_yarn-513...</li>
<li><a
href="https://github.com/actions/deploy-pages/commit/72732942c639e67ea3f70165fd2e012dd6d95027"><code>7273294</code></a>
Bump braces in the npm_and_yarn group across 1 directory</li>
<li><a
href="https://github.com/actions/deploy-pages/commit/963791f01c40ef3eff219c255dbfb97a6f2c9f87"><code>963791f</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/deploy-pages/issues/361">#361</a>
from actions/dependabot-friendly</li>
<li><a
href="https://github.com/actions/deploy-pages/commit/51bb29d9d7bfe15d731c4957ce1887b5ae8c6727"><code>51bb29d</code></a>
Make the rebuild dist workflow safer for Dependabot</li>
<li><a
href="https://github.com/actions/deploy-pages/commit/89f3d10406f57ee86e6517a982b3fb0438bd6dc5"><code>89f3d10</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/deploy-pages/issues/358">#358</a>
from actions/dependabot/npm_and_yarn/non-breaking-cha...</li>
<li><a
href="https://github.com/actions/deploy-pages/commit/bce735589bbbfa569f1d2ac003277b590d743e4c"><code>bce7355</code></a>
Merge branch 'main' into
dependabot/npm_and_yarn/non-breaking-changes-99c12deb21</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/deploy-pages/compare/v4...v5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/deploy-pages&package-manager=github_actions&previous-version=4&new-version=5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3)
from 1.14.37 to 1.14.40.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/mattn/go-sqlite3/commit/f92973809df03ae476bc981876fbc45da862921a"><code>f929738</code></a>
Merge pull request <a
href="https://redirect.github.com/mattn/go-sqlite3/issues/1384">#1384</a>
from mattn/raise-go121-cleanup</li>
<li><a
href="https://github.com/mattn/go-sqlite3/commit/efae5e768693f226337ffbc618b033c78c65c287"><code>efae5e7</code></a>
raise minimum Go version to 1.21</li>
<li><a
href="https://github.com/mattn/go-sqlite3/commit/b23d54cb764130e03474c8a7da2b38ed5207424f"><code>b23d54c</code></a>
Merge pull request <a
href="https://redirect.github.com/mattn/go-sqlite3/issues/1383">#1383</a>
from mattn/codex/next-row-batch-fetch</li>
<li><a
href="https://github.com/mattn/go-sqlite3/commit/e1557be6ce32a773d714bcf60a92b7ee89b173a0"><code>e1557be</code></a>
batch row column fetches in Next</li>
<li><a
href="https://github.com/mattn/go-sqlite3/commit/cc39db7160c9a30c621a0953da9f1385ea3efd2c"><code>cc39db7</code></a>
Merge pull request <a
href="https://redirect.github.com/mattn/go-sqlite3/issues/1382">#1382</a>
from mattn/codex/sqlite3-bind-fastpath</li>
<li><a
href="https://github.com/mattn/go-sqlite3/commit/9a908a9fd0ac26b20b237cf190e302a1fb0703fb"><code>9a908a9</code></a>
optimize sqlite bind fast path</li>
<li><a
href="https://github.com/mattn/go-sqlite3/commit/edadafaf6142acd975ed96557cad1cdeb712b707"><code>edadafa</code></a>
Merge pull request <a
href="https://redirect.github.com/mattn/go-sqlite3/issues/1381">#1381</a>
from mattn/eliminate-bounds-checks</li>
<li><a
href="https://github.com/mattn/go-sqlite3/commit/8f9f86ea433f211114f5a7e5d01b480ee8b1d7bb"><code>8f9f86e</code></a>
Eliminate unnecessary bounds checks in hot paths</li>
<li><a
href="https://github.com/mattn/go-sqlite3/commit/0d2388125f1ed562d751b4437b999692febaf710"><code>0d23881</code></a>
Merge pull request <a
href="https://redirect.github.com/mattn/go-sqlite3/issues/1379">#1379</a>
from theimpostor/pr-1322-missing-constraint-op-types</li>
<li><a
href="https://github.com/mattn/go-sqlite3/commit/84bdc43851d3523353b842201f8dec2bdba1b9e4"><code>84bdc43</code></a>
add missing index constraint op types</li>
<li>Additional commits viewable in <a
href="https://github.com/mattn/go-sqlite3/compare/v1.14.37...v1.14.40">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/mattn/go-sqlite3&package-manager=go_modules&previous-version=1.14.37&new-version=1.14.40)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[github.com/shirou/gopsutil/v4](https://github.com/shirou/gopsutil) from
4.26.2 to 4.26.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/shirou/gopsutil/releases">github.com/shirou/gopsutil/v4's
releases</a>.</em></p>
<blockquote>
<h2>v4.26.3</h2>
<!-- raw HTML omitted -->
<h2><em>Important Notice</em></h2>
<p>The temporary opt-out option
<code>WillBeDeletedOptOutMemAvailableCalc</code>, introduced in <a
href="https://github.com/shirou/gopsutil/releases/tag/v4.25.8">v4.25.8</a>,
has been removed in this release.</p>
<p>Code that relied on this option may fail to build. If so, please
update your code to work with the current
<code>VirtualMemoryStat.Used</code> calculation, as the opt-out
mechanism is no longer available.</p>
<h2>What's Changed</h2>
<h3>cpu</h3>
<ul>
<li>Use total stats for AIX CPU times by <a
href="https://github.com/pgimalac"><code>@​pgimalac</code></a> in <a
href="https://redirect.github.com/shirou/gopsutil/pull/2014">shirou/gopsutil#2014</a></li>
<li>Use provided description for CPU model name on AIX by <a
href="https://github.com/pgimalac"><code>@​pgimalac</code></a> in <a
href="https://redirect.github.com/shirou/gopsutil/pull/2015">shirou/gopsutil#2015</a></li>
<li>Fix logical cpu in CountsWithContext for AIX by <a
href="https://github.com/pgimalac"><code>@​pgimalac</code></a> in <a
href="https://redirect.github.com/shirou/gopsutil/pull/2017">shirou/gopsutil#2017</a></li>
<li>Fix SIGBUS/SIGSEGV crash in TemperaturesWithContext on macOS ARM64
by <a
href="https://github.com/lubeschanin"><code>@​lubeschanin</code></a> in
<a
href="https://redirect.github.com/shirou/gopsutil/pull/2063">shirou/gopsutil#2063</a></li>
</ul>
<h3>disk</h3>
<ul>
<li>Fix PartitionsWithContext on AIX to avoid returning empty structs by
<a href="https://github.com/pgimalac"><code>@​pgimalac</code></a> in <a
href="https://redirect.github.com/shirou/gopsutil/pull/2013">shirou/gopsutil#2013</a></li>
<li>Implement IOCountersWithContext for AIX with CGO by <a
href="https://github.com/pgimalac"><code>@​pgimalac</code></a> in <a
href="https://redirect.github.com/shirou/gopsutil/pull/2016">shirou/gopsutil#2016</a></li>
<li>disk: fix UsageWithContext unit conversions on AIX nocgo by <a
href="https://github.com/Dylan-M"><code>@​Dylan-M</code></a> in <a
href="https://redirect.github.com/shirou/gopsutil/pull/2032">shirou/gopsutil#2032</a></li>
<li>disk: implement IOCountersWithContext for AIX nocgo via iostat by <a
href="https://github.com/Dylan-M"><code>@​Dylan-M</code></a> in <a
href="https://redirect.github.com/shirou/gopsutil/pull/2033">shirou/gopsutil#2033</a></li>
</ul>
<h3>host</h3>
<ul>
<li>Fix host user parsing on AIX by <a
href="https://github.com/pgimalac"><code>@​pgimalac</code></a> in <a
href="https://redirect.github.com/shirou/gopsutil/pull/2021">shirou/gopsutil#2021</a></li>
<li>Add implementation of numProcs for AIX with cgo by <a
href="https://github.com/pgimalac"><code>@​pgimalac</code></a> in <a
href="https://redirect.github.com/shirou/gopsutil/pull/2022">shirou/gopsutil#2022</a></li>
</ul>
<h3>load</h3>
<ul>
<li>Fix running and blocked process count for AIX by <a
href="https://github.com/pgimalac"><code>@​pgimalac</code></a> in <a
href="https://redirect.github.com/shirou/gopsutil/pull/2019">shirou/gopsutil#2019</a></li>
</ul>
<h3>mem</h3>
<ul>
<li>mem: populate Cached from bcachestats on OpenBSD by <a
href="https://github.com/skartikey"><code>@​skartikey</code></a> in <a
href="https://redirect.github.com/shirou/gopsutil/pull/2029">shirou/gopsutil#2029</a></li>
<li>[mem][linux]: Remove deprecated opt-out for MemAvailable-based Used
by <a href="https://github.com/shirou"><code>@​shirou</code></a> in <a
href="https://redirect.github.com/shirou/gopsutil/pull/2012">shirou/gopsutil#2012</a></li>
</ul>
<h3>net</h3>
<ul>
<li>Fix AIX net iocounters error fields and add dropin field by <a
href="https://github.com/pgimalac"><code>@​pgimalac</code></a> in <a
href="https://redirect.github.com/shirou/gopsutil/pull/2020">shirou/gopsutil#2020</a></li>
<li>Fix netstat drop column parsing when address is empty on darwin by
<a href="https://github.com/pgimalac"><code>@​pgimalac</code></a> in <a
href="https://redirect.github.com/shirou/gopsutil/pull/2025">shirou/gopsutil#2025</a></li>
<li>[net][linux]: prevent incorrect deduplication of unnamed UNIX
sockets by <a href="https://github.com/shirou"><code>@​shirou</code></a>
in <a
href="https://redirect.github.com/shirou/gopsutil/pull/2031">shirou/gopsutil#2031</a></li>
</ul>
<h3>process</h3>
<ul>
<li>Fix golangci-lint linter jobs by <a
href="https://github.com/pgimalac"><code>@​pgimalac</code></a> in <a
href="https://redirect.github.com/shirou/gopsutil/pull/2018">shirou/gopsutil#2018</a></li>
<li>Fix effective gid on darwin by <a
href="https://github.com/pgimalac"><code>@​pgimalac</code></a> in <a
href="https://redirect.github.com/shirou/gopsutil/pull/2023">shirou/gopsutil#2023</a></li>
<li>Do not set swap field to an incorrect value on darwin by <a
href="https://github.com/pgimalac"><code>@​pgimalac</code></a> in <a
href="https://redirect.github.com/shirou/gopsutil/pull/2027">shirou/gopsutil#2027</a></li>
</ul>
<h3>sensors</h3>
<ul>
<li>Fix macos sensor data type field by <a
href="https://github.com/pgimalac"><code>@​pgimalac</code></a> in <a
href="https://redirect.github.com/shirou/gopsutil/pull/2026">shirou/gopsutil#2026</a></li>
<li>sensors(aix): remove orphaned VirtualizationWithContext by <a
href="https://github.com/Dylan-M"><code>@​Dylan-M</code></a> in <a
href="https://redirect.github.com/shirou/gopsutil/pull/2011">shirou/gopsutil#2011</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/lubeschanin"><code>@​lubeschanin</code></a>
made their first contribution in <a
href="https://redirect.github.com/shirou/gopsutil/pull/2063">shirou/gopsutil#2063</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/shirou/gopsutil/compare/v4.26.2...v4.26.3">https://github.com/shirou/gopsutil/compare/v4.26.2...v4.26.3</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/shirou/gopsutil/commit/c2a1624b9f3ed0b38ad67134b93397142ed67a23"><code>c2a1624</code></a>
Merge pull request <a
href="https://redirect.github.com/shirou/gopsutil/issues/2033">#2033</a>
from Dylan-M/dylanmyers/disk-3b-iocounters</li>
<li><a
href="https://github.com/shirou/gopsutil/commit/b32e3a1709f2f8c3cc7581b2aa0ef98f36779fa6"><code>b32e3a1</code></a>
Merge pull request <a
href="https://redirect.github.com/shirou/gopsutil/issues/2032">#2032</a>
from Dylan-M/dylanmyers/disk-3a-usage-fix</li>
<li><a
href="https://github.com/shirou/gopsutil/commit/730f763fbc7769dd14c64574db7ddcda65be4712"><code>730f763</code></a>
Merge pull request <a
href="https://redirect.github.com/shirou/gopsutil/issues/2063">#2063</a>
from lubeschanin/fix/sensors-darwin-arm64-crash</li>
<li><a
href="https://github.com/shirou/gopsutil/commit/76137fe32da76dad5b79e9a0bbeec0f495acb7e0"><code>76137fe</code></a>
Fix SIGBUS/SIGSEGV crash on macOS ARM64: keep libraries open, fix data
race</li>
<li><a
href="https://github.com/shirou/gopsutil/commit/be66821c93cd0e32ab0f262d513186d6a3327b42"><code>be66821</code></a>
disk: implement IOCountersWithContext for AIX nocgo via iostat</li>
<li><a
href="https://github.com/shirou/gopsutil/commit/416f4ed03b0eab07b786162da97064d3276c7770"><code>416f4ed</code></a>
disk: use unix.Statfs for fstype in UsageWithContext on AIX nocgo</li>
<li><a
href="https://github.com/shirou/gopsutil/commit/7661a67fd1999d980e8928e4e8baa95aa581dbbd"><code>7661a67</code></a>
Merge pull request <a
href="https://redirect.github.com/shirou/gopsutil/issues/2031">#2031</a>
from shirou/fix/net_linux_connection_unix_socket_dedup</li>
<li><a
href="https://github.com/shirou/gopsutil/commit/30959634e7f4c52c2fa427a259de81ac1388a1ca"><code>3095963</code></a>
Merge pull request <a
href="https://redirect.github.com/shirou/gopsutil/issues/2012">#2012</a>
from shirou/fix/revert_opt-outed_mem_used_calc</li>
<li><a
href="https://github.com/shirou/gopsutil/commit/bf942de635868e9f71e165aba2c253f6789edf1e"><code>bf942de</code></a>
[net][linux]: prevent incorrect deduplication of unnamed UNIX
sockets</li>
<li><a
href="https://github.com/shirou/gopsutil/commit/d7abb9a8b0ef96ef51bf7bf5b3af1f941e75dbc5"><code>d7abb9a</code></a>
Merge pull request <a
href="https://redirect.github.com/shirou/gopsutil/issues/2029">#2029</a>
from skartikey/fix/openbsd-mem-cached</li>
<li>Additional commits viewable in <a
href="https://github.com/shirou/gopsutil/compare/v4.26.2...v4.26.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/shirou/gopsutil/v4&package-manager=go_modules&previous-version=4.26.2&new-version=4.26.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[google.golang.org/api](https://github.com/googleapis/google-api-go-client)
from 0.273.0 to 0.274.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/googleapis/google-api-go-client/releases">google.golang.org/api's
releases</a>.</em></p>
<blockquote>
<h2>v0.274.0</h2>
<h2><a
href="https://github.com/googleapis/google-api-go-client/compare/v0.273.1...v0.274.0">0.274.0</a>
(2026-04-02)</h2>
<h3>Features</h3>
<ul>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3555">#3555</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/0e634ae13e626c6082c534eda8c03d5d3e673605">0e634ae</a>)</li>
</ul>
<h2>v0.273.1</h2>
<h2><a
href="https://github.com/googleapis/google-api-go-client/compare/v0.273.0...v0.273.1">0.273.1</a>
(2026-03-31)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>Merge duplicate x-goog-request-params header (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3547">#3547</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/2008108eb50215407a945afc2db9c45998c42bbe">2008108</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md">google.golang.org/api's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/googleapis/google-api-go-client/compare/v0.273.1...v0.274.0">0.274.0</a>
(2026-04-02)</h2>
<h3>Features</h3>
<ul>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3555">#3555</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/0e634ae13e626c6082c534eda8c03d5d3e673605">0e634ae</a>)</li>
</ul>
<h2><a
href="https://github.com/googleapis/google-api-go-client/compare/v0.273.0...v0.273.1">0.273.1</a>
(2026-03-31)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>Merge duplicate x-goog-request-params header (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3547">#3547</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/2008108eb50215407a945afc2db9c45998c42bbe">2008108</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/6c759a2bb66da9db49027475e4e76301b8d063df"><code>6c759a2</code></a>
chore(main): release 0.274.0 (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3556">#3556</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/0e634ae13e626c6082c534eda8c03d5d3e673605"><code>0e634ae</code></a>
feat(all): auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3555">#3555</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/0f75259689c5e80bd73e6e7018dbb9ec0dfd7d48"><code>0f75259</code></a>
chore: embargo aiplatform:v1beta1 temporarily (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3554">#3554</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/550f00c8f854c300c59f266cc0ddd60568ccfe20"><code>550f00c</code></a>
chore(main): release 0.273.1 (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3551">#3551</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/da01f6aec8d3dd7914c6be434ce3bf26c1903396"><code>da01f6a</code></a>
chore(deps): bump github.com/go-git/go-git/v5 (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3552">#3552</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/2008108eb50215407a945afc2db9c45998c42bbe"><code>2008108</code></a>
fix: merge duplicate x-goog-request-params header (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3547">#3547</a>)</li>
<li>See full diff in <a
href="https://github.com/googleapis/google-api-go-client/compare/v0.273.0...v0.274.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google.golang.org/api&package-manager=go_modules&previous-version=0.273.0&new-version=0.274.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite)
from 6.4.1 to 6.4.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/releases">vite's
releases</a>.</em></p>
<blockquote>
<h2>v6.4.2</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md">vite's
changelog</a>.</em></p>
<blockquote>
<h2><!-- raw HTML omitted -->6.4.2 (2026-04-06)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: apply server.fs check to env transport (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159">#22159</a>)
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22163">#22163</a>)
(<a
href="https://github.com/vitejs/vite/commit/fe28e47e9463e4c9619f94bfa06d2f8f1411b44b">fe28e47</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/22159">#22159</a>
<a
href="https://redirect.github.com/vitejs/vite/issues/22163">#22163</a></li>
<li>fix: avoid path traversal with optimize deps sourcemap handler (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161">#22161</a>)
(<a
href="https://github.com/vitejs/vite/commit/ca4da5d1fb45c9cfdce606aa30825095791b164b">ca4da5d</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/22161">#22161</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/vitejs/vite/commit/6b3fad02abd550bd7b79934ff92c58dbd7f33045"><code>6b3fad0</code></a>
release: v6.4.2</li>
<li><a
href="https://github.com/vitejs/vite/commit/ca4da5d1fb45c9cfdce606aa30825095791b164b"><code>ca4da5d</code></a>
fix: avoid path traversal with optimize deps sourcemap handler (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161">#22161</a>)</li>
<li><a
href="https://github.com/vitejs/vite/commit/fe28e47e9463e4c9619f94bfa06d2f8f1411b44b"><code>fe28e47</code></a>
fix: apply server.fs check to env transport (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159">#22159</a>)
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22163">#22163</a>)</li>
<li><a
href="https://github.com/vitejs/vite/commit/5487f4f641f70c47ea05fd101a4319897df048b3"><code>5487f4f</code></a>
release: v6.4.1</li>
<li><a
href="https://github.com/vitejs/vite/commit/1114b5d7ea03e26572708715343bec69db4536e8"><code>1114b5d</code></a>
fix(dev): trim trailing slash before <code>server.fs.deny</code> check
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968">#20968</a>)
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20969">#20969</a>)</li>
<li><a
href="https://github.com/vitejs/vite/commit/f12697c0f64b9a37196b9ab218a0911829d5b103"><code>f12697c</code></a>
release: v6.4.0</li>
<li><a
href="https://github.com/vitejs/vite/commit/ca6455ee9eb6111a9caa9810506a1b9ac96a520a"><code>ca6455e</code></a>
feat: allow passing down resolved config to vite's createServer (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20932">#20932</a>)</li>
<li><a
href="https://github.com/vitejs/vite/commit/0e173d83681daa31be10fa8a62d56b1ec84690af"><code>0e173d8</code></a>
release: v6.3.7</li>
<li><a
href="https://github.com/vitejs/vite/commit/c59a222aa584c087cfe710173de1b9ecb597a3ff"><code>c59a222</code></a>
fix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20940">#20940</a>)</li>
<li><a
href="https://github.com/vitejs/vite/commit/3f337c5e24504e51188d29c970de1416ee523dbb"><code>3f337c5</code></a>
release: v6.3.6</li>
<li>Additional commits viewable in <a
href="https://github.com/vitejs/vite/commits/v6.4.2/packages/vite">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=vite&package-manager=npm_and_yarn&previous-version=6.4.1&new-version=6.4.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/wavetermdev/waveterm/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.42.0 to
0.43.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/golang/sys/commit/f33a730cd0c449cfd6f7106780c73052e96cc33d"><code>f33a730</code></a>
windows: support nil security descriptor on GetNamedSecurityInfo</li>
<li><a
href="https://github.com/golang/sys/commit/493d1725989a7a3f3582adfa68faf7207aec666b"><code>493d172</code></a>
cpu: add runtime import in cpu_darwin_arm64_other.go</li>
<li><a
href="https://github.com/golang/sys/commit/2c2be756b97dee6d15aba69839acfbd4e0f3ccc5"><code>2c2be75</code></a>
windows: use syscall.SyscallN in Proc.Call</li>
<li><a
href="https://github.com/golang/sys/commit/a76ec62d6c5389e4fe51c659ba926bf71e471a67"><code>a76ec62</code></a>
cpu: roll back &quot;use IsProcessorFeaturePresent to calculate ARM64 on
windows&quot;</li>
<li>See full diff in <a
href="https://github.com/golang/sys/compare/v0.42.0...v0.43.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/sys&package-manager=go_modules&previous-version=0.42.0&new-version=0.43.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
frontend was removed in the last release. cleaning up the backend code.
remove wsapi host (cloud service is also getting removed)
Bumps
[google.golang.org/api](https://github.com/googleapis/google-api-go-client)
from 0.274.0 to 0.275.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/googleapis/google-api-go-client/releases">google.golang.org/api's
releases</a>.</em></p>
<blockquote>
<h2>v0.275.0</h2>
<h2><a
href="https://github.com/googleapis/google-api-go-client/compare/v0.274.0...v0.275.0">0.275.0</a>
(2026-04-07)</h2>
<h3>Features</h3>
<ul>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3557">#3557</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/2b2ef99cb9f245743690a4d26e4fdc65287253e0">2b2ef99</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3560">#3560</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/9437d4d741a6ae9e1c20a6f727b9c8f64e1bc19e">9437d4d</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md">google.golang.org/api's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/googleapis/google-api-go-client/compare/v0.274.0...v0.275.0">0.275.0</a>
(2026-04-07)</h2>
<h3>Features</h3>
<ul>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3557">#3557</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/2b2ef99cb9f245743690a4d26e4fdc65287253e0">2b2ef99</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3560">#3560</a>)
(<a
href="https://github.com/googleapis/google-api-go-client/commit/9437d4d741a6ae9e1c20a6f727b9c8f64e1bc19e">9437d4d</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/d43aa15bdf02279f1beaa366b551587391355265"><code>d43aa15</code></a>
chore(main): release 0.275.0 (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3558">#3558</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/9437d4d741a6ae9e1c20a6f727b9c8f64e1bc19e"><code>9437d4d</code></a>
feat(all): auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3560">#3560</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/0a62c64ae95b23c6ecb9fc71db89f09c479b0442"><code>0a62c64</code></a>
chore(all): update cloud.google.com/go/auth to v0.20.0 (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3559">#3559</a>)</li>
<li><a
href="https://github.com/googleapis/google-api-go-client/commit/2b2ef99cb9f245743690a4d26e4fdc65287253e0"><code>2b2ef99</code></a>
feat(all): auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/3557">#3557</a>)</li>
<li>See full diff in <a
href="https://github.com/googleapis/google-api-go-client/compare/v0.274.0...v0.275.0">compare
view</a></li>
</ul>
</details>
<br />

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Fixes #2778.

## Problem

`xterm.js`'s `getSelection()` returns lines padded to the full terminal
column width. Every copy path passed this directly to
`navigator.clipboard.writeText()`, so pasting into Slack, editors, etc.
included hundreds of trailing spaces.

## Solution

Adds a `term:trimtrailingwhitespace` setting (default `true`) that
strips trailing whitespace from each line before writing to the
clipboard. Applied to all three copy paths:

- copy-on-select (`termwrap.ts`)
- `Ctrl+Shift+C` (`term-model.ts`)
- right-click Copy context menu (`term-model.ts`)

OSC 52 is intentionally excluded — that path copies program-provided
text, not grid content.

The trim itself uses the same per-line `trimEnd()` approach already
present in `bufferLinesToText` via `translateToString(true)`.

Setting to `false` restores the previous behaviour.

## Files changed

- `pkg/wconfig/settingsconfig.go` — new `TermTrimTrailingWhitespace
*bool` field
- `pkg/wconfig/defaultconfig/settings.json` — default `true`
- `frontend/app/view/term/termutil.ts` — `trimTerminalSelection` helper
- `frontend/app/view/term/termwrap.ts` — copy-on-select path
- `frontend/app/view/term/term-model.ts` — Ctrl+Shift+C and right-click
paths
- Generated: `pkg/wconfig/metaconsts.go`, `frontend/types/gotypes.d.ts`,
`schema/settings.json`

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Bumps [@xmldom/xmldom](https://github.com/xmldom/xmldom) from 0.8.11 to
0.8.12.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/xmldom/xmldom/releases"><code>@​xmldom/xmldom</code>'s
releases</a>.</em></p>
<blockquote>
<h2>0.8.12</h2>
<p><a
href="https://github.com/xmldom/xmldom/compare/0.8.11...0.8.12">Commits</a></p>
<h3>Fixed</h3>
<ul>
<li>preserve trailing whitespace in ProcessingInstruction data <a
href="https://redirect.github.com/xmldom/xmldom/pull/962"><code>[#962](https://github.com/xmldom/xmldom/issues/962)</code></a>
/ <a
href="https://redirect.github.com/xmldom/xmldom/issues/42"><code>[#42](https://github.com/xmldom/xmldom/issues/42)</code></a></li>
<li>Security: <code>createCDATASection</code> now throws
<code>InvalidCharacterError</code> when <code>data</code> contains
<code>&quot;]]&gt;&quot;</code>, as required by the <a
href="https://dom.spec.whatwg.org/#dom-document-createcdatasection">WHATWG
DOM spec</a>. <a
href="https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp"><code>GHSA-wh4c-j3r5-mjhp</code></a></li>
<li>Security: <code>XMLSerializer</code> now splits CDATASection nodes
whose data contains <code>&quot;]]&gt;&quot;</code> into adjacent CDATA
sections at serialization time, preventing XML injection via mutation
methods (<code>appendData</code>, <code>replaceData</code>, <code>.data
=</code>, <code>.textContent =</code>). <a
href="https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp"><code>GHSA-wh4c-j3r5-mjhp</code></a></li>
</ul>
<p>Code that passes a string containing <code>&quot;]]&gt;&quot;</code>
to <code>createCDATASection</code> and relied on the previously unsafe
behavior will now receive <code>InvalidCharacterError</code>. Use a
mutation method such as <code>appendData</code> if you intentionally
need <code>&quot;]]&gt;&quot;</code> in a CDATASection node's data.</p>
<p>Thank you,
<a
href="https://github.com/thesmartshadow"><code>@​thesmartshadow</code></a>,
<a
href="https://github.com/stevenobiajulu"><code>@​stevenobiajulu</code></a>,
for your contributions</p>
<p><a
href="https://github.com/xmldom/xmldom/discussions/357">https://github.com/xmldom/xmldom/discussions/357</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/xmldom/xmldom/blob/master/CHANGELOG.md"><code>@​xmldom/xmldom</code>'s
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/xmldom/xmldom/compare/0.8.11...0.8.12">0.8.12</a></h2>
<h3>Fixed</h3>
<ul>
<li>preserve trailing whitespace in ProcessingInstruction data <a
href="https://redirect.github.com/xmldom/xmldom/pull/962"><code>[#962](https://github.com/xmldom/xmldom/issues/962)</code></a>
/ <a
href="https://redirect.github.com/xmldom/xmldom/issues/42"><code>[#42](https://github.com/xmldom/xmldom/issues/42)</code></a></li>
<li>Security: <code>createCDATASection</code> now throws
<code>InvalidCharacterError</code> when <code>data</code> contains
<code>&quot;]]&gt;&quot;</code>, as required by the <a
href="https://dom.spec.whatwg.org/#dom-document-createcdatasection">WHATWG
DOM spec</a>. <a
href="https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp"><code>GHSA-wh4c-j3r5-mjhp</code></a></li>
<li>Security: <code>XMLSerializer</code> now splits CDATASection nodes
whose data contains <code>&quot;]]&gt;&quot;</code> into adjacent CDATA
sections at serialization time, preventing XML injection via mutation
methods (<code>appendData</code>, <code>replaceData</code>, <code>.data
=</code>, <code>.textContent =</code>). <a
href="https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp"><code>GHSA-wh4c-j3r5-mjhp</code></a></li>
</ul>
<p>Code that passes a string containing <code>&quot;]]&gt;&quot;</code>
to <code>createCDATASection</code> and relied on the previously unsafe
behavior will now receive <code>InvalidCharacterError</code>. Use a
mutation method such as <code>appendData</code> if you intentionally
need <code>&quot;]]&gt;&quot;</code> in a CDATASection node's data.</p>
<p>Thank you,
<a
href="https://github.com/thesmartshadow"><code>@​thesmartshadow</code></a>,
<a
href="https://github.com/stevenobiajulu"><code>@​stevenobiajulu</code></a>,
for your contributions</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/xmldom/xmldom/commit/189cb78a83e81e1515880988a399e863a8be85ac"><code>189cb78</code></a>
0.8.12</li>
<li><a
href="https://github.com/xmldom/xmldom/commit/ed08df7572f4236d4fd88d16063c3fd8f59c7884"><code>ed08df7</code></a>
fix: XML injection via unsafe CDATA serialization (GHSA-wh4c-j3r5-mjhp)
(<a
href="https://redirect.github.com/xmldom/xmldom/issues/968">#968</a>)</li>
<li><a
href="https://github.com/xmldom/xmldom/commit/a5b929ba008f067eeabb427c38de008e36a92796"><code>a5b929b</code></a>
chore: clean up generated test artefacts before running ci-local</li>
<li><a
href="https://github.com/xmldom/xmldom/commit/4e37a205627a08eb64365b13c4e4cce5e86278cb"><code>4e37a20</code></a>
ci: run format:check in lint job</li>
<li><a
href="https://github.com/xmldom/xmldom/commit/ac0ac7714f0e5a7bd7aff5c30f7733666cf03982"><code>ac0ac77</code></a>
chore: ignore generated files when checking formatting</li>
<li><a
href="https://github.com/xmldom/xmldom/commit/968c8939438eec2eca1d003b333cd0fc4595c72d"><code>968c893</code></a>
chore: add local CI script and format:check script</li>
<li><a
href="https://github.com/xmldom/xmldom/commit/ac40424adfa49429811095bcdaf6598255a81a39"><code>ac40424</code></a>
fix: preserve trailing whitespace in ProcessingInstruction data (<a
href="https://redirect.github.com/xmldom/xmldom/issues/962">#962</a>)</li>
<li><a
href="https://github.com/xmldom/xmldom/commit/cece7521a3c77da7a10f3fc66521e3e077c9974c"><code>cece752</code></a>
chore: add .nvmrc pointing to node version 18</li>
<li><a
href="https://github.com/xmldom/xmldom/commit/cbf44d90a40703237d217598fa0bcd88770bfa0b"><code>cbf44d9</code></a>
docs: improve links to changes in most recent release</li>
<li>See full diff in <a
href="https://github.com/xmldom/xmldom/compare/0.8.11...0.8.12">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a
href="https://www.npmjs.com/~karfau">karfau</a>, a new releaser for
<code>@​xmldom/xmldom</code> since your current version.</p>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@xmldom/xmldom&package-manager=npm_and_yarn&previous-version=0.8.11&new-version=0.8.12)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/wavetermdev/waveterm/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
… (#3224)

The big fix is not spawning a goroutine per process. other fixes are
more minor, but improve the quality and clean up some edge cases.
Bumps [golang.org/x/term](https://github.com/golang/term) from 0.41.0 to
0.42.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/golang/term/commit/52b71d3344c86b384ed34ebf73f1e6f37044fe79"><code>52b71d3</code></a>
go.mod: update golang.org/x dependencies</li>
<li>See full diff in <a
href="https://github.com/golang/term/compare/v0.41.0...v0.42.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/term&package-manager=go_modules&previous-version=0.41.0&new-version=0.42.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from
0.49.0 to 0.50.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/golang/crypto/commit/03ca0dcccbd37ba6be80adf74dde8d78a4d72817"><code>03ca0dc</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/crypto/commit/8400f4a938077a7a7817ab7d163d148e371b320b"><code>8400f4a</code></a>
ssh: respect signer's algorithm preference in
pickSignatureAlgorithm</li>
<li><a
href="https://github.com/golang/crypto/commit/81c6cb34a8fc386ed53293cd79e3c0c232ee7366"><code>81c6cb3</code></a>
ssh: swap cbcMinPaddingSize to cbcMinPacketSize to get encLength</li>
<li>See full diff in <a
href="https://github.com/golang/crypto/compare/v0.49.0...v0.50.0">compare
view</a></li>
</ul>
</details>
<br />

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
lots of updates for tsunami and builder window:
* jsfuncs
* devtools windows
* devtools proper cleanup (fixes crashes)
* scrollbar fixes
* lock AI models -- gpt-5.4, builder prompts, etc
Jason-Shen2 and others added 25 commits May 13, 2026 10:08
…tokens

ANSI 16-color palette (--ansi-*) now matches warp's DARK_MODE_NORMAL_COLORS
and DARK_MODE_BRIGHT_COLORS (app/src/themes/default_themes.rs:11-30).
Glyph colors emitted by terminal apps' SGR sequences are the single
biggest driver of terminal output appearance, so matching them is
high-leverage for visual parity.

Add terminal-scoped accent / selection / status tokens kept distinct
from crest's brand `--color-accent` (green):

  --color-term-accent       #19aad8  (warp Dark accent, default_themes.rs:266)
  --color-term-accent-25/10           (overlay alphas — used by find pills)
  --color-term-selection             (118,167,250 @ 40% — color.rs:303-304)
  --color-term-success      #1ca05a  (ui_green,   color.rs:138-152)
  --color-term-error        #bc362a  (ui_error)
  --color-term-warning      #c28000  (ui_warning)
  --color-term-yellow       #e5a01a

Downstream:
  - cursor-overlay: cursor falls back to --color-term-accent when no
    OSC 12 override (color.rs:134-136 — accent is cursor fallback).
  - selection-layer: text selection uses periwinkle blue, distinct
    from the sky-blue accent so users can tell text selection apart
    from block highlights.
  - find-bar / find-highlight-layer: active toggles + match ring
    both use --color-term-accent-25 so a highlighted hit reads as
    the same hue as the toggle that produced it.
  - cmdblock-status: success/failure/background glyphs use the new
    status tokens instead of Tailwind emerald/rose/sky stock colors.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
…o-bottom

cmdblock-header: two-row prompt strip — env/cwd/branch/(duration) on
row 1 with the persistent toolbelt floating on the right, then the
command text on row 2 in ANSI yellow.  No `>_` sigil, no chip-style
git-branch box, no success ✓ glyph — warp inlines everything as
muted text with a 1px bottom divider as the only demarcation.

cmdblock-toolbelt: persistent (not hover-revealed) action icons sat
directly in the header row.  Background is transparent so it feels
like part of the prompt strip, not a separate chip.  Drops the
chip's backdrop / border / shadow.  Icon size 11, button size 5×5
to match warp's compact rhythm.

block-element: selected blocks get a 2px left-edge marker in
--color-term-accent-25 (block_list_element.rs:119-130).  Failed
blocks get the same edge tinted with --ansi-red so the failure
signal survives even when the block is selected.  Output body
padding tightened to pt-2/pb-3 — approximates warp's 0.5-line top
gap + 1.0-line bottom margin (settings/mod.rs:548-549).  Toolbelt
moves into the header's rightSlot prop instead of floating
absolutely over it.

block-list-element: jump-to-bottom is now icon-only (h-7 w-7)
instead of the previous pill with inline text.  Mirrors
view.rs:599-604 (icon_size=20, padding=4, corner_radius=4) — keeps
the button compact and out of the way of the output's bottom-right.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
…+ fine-tuned ONNX tier-2

Add an NLD module under frontend/app/term/nld/ that classifies the
input buffer as shell-command or natural-language so the input bar
can auto-route between terminal and agent modes.  Architecture mirrors
warp's input_classifier crate (HeuristicClassifier + OnnxClassifier,
chained in that order):

  tier-1 — synchronous heuristic short-circuits:
    - 7 strong-shell keywords (sudo, ssh, scp, kubectl, …)
    - 11 strong-NL phrase openers (what is, how do I, …)
    - isLikelyShellCommand density check (shell-syntax token ratio)
    Strict port of warp's natural_language_detection/lib.rs and
    heuristic_classifier/mod.rs.  When the cheap signal is strong,
    we commit immediately and skip tier-2 — no worker round-trip.

  tier-2 — fine-tuned end-to-end ONNX classifier:
    - paraphrase-multilingual-MiniLM-L12-v2 + 2-class head, fused
      into a single graph (~113 MB INT8-quantized).
    - Tokenizer + model run in a Web Worker via edgeFlow.js.
    - Main thread proxies via EdgeFlowNldClassifier — see
      embedder-edgeflow.ts.  Worker path: tokenize → input_ids +
      attention_mask → runInferenceNamed → softmax(logits) → pAI/pShell.
    - When the model is still loading or load failed, the composer
      falls back to warp's natural_language_words_score path
      (heuristic-word-score.ts) — port of
      input_classifier/heuristic_classifier/mod.rs:96-143 — so the
      input bar always commits to a verdict.  Uses Porter2 stemming
      + bundled English-stem and known-commands word lists
      generated from Google 10K English (build_word_lists.py).

The composer (classifier.ts) owns the abort semantics and the
"neutral margin" dead zone; per-pane state (mode atom, effective-mode
atom, debounce, in-flight abort, cooldown, auto-enable) lives on
NLDModel.  Each terminal pane gets its own instance via the
useNLDModel hook in terminal-view.tsx, lifecycle-paired with
TerminalModel.

terminal-model: add a 200-entry in-memory commandHistoryAtom pushed
on submitInput (bash HISTCONTROL=ignoredups semantics).  Feeds the
classifier's context so prior-command signals (e.g. last input was
AI, recent shell pattern) can influence the verdict.  Mirrors warp's
BlocklistAIHistoryModel — kept in-memory for now, can persist via
wshrpc later.

terminal-view: useNLDModel + a mode-setter callback that fires a
one-shot classifier run when Auto is toggled on with existing buffer
content (otherwise stale effective mode would persist until the next
keystroke).  onInputTextChange propagates each keystroke to the
classifier with abort + debounce handled inside the model.

wave.ts: register an EdgeFlowEmbedder singleton at startup so the
classifier is ready before the user types.  Fire-and-forget — tier-1
heuristics carry the input bar during the few hundred ms before
tier-2 reports ready.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
…to-mode toggle

Rebuild the cmdblock input strip to match warp's actual rendered
layout (universal_developer_input.rs).  Top-to-bottom structure:

  help row    ↵ submit · ⇧↵ newline · /commands · ⌘F find · [topRight]
  ─────────
  editor      placeholder or typed text
  ─────────
  button bar  [cwd]  [Term|Agt|Auto]  [/] [@] [+]  [Default ⌄]

Source citations (warp):
  - composition order        terminal/input/universal.rs:36
  - button bar               universal_developer_input.rs:790-885
  - prompt chip              prompt_render_helper.rs:669
  - UDIButton sizing         action_button.rs:1313-1340
  - cloud-mode constants     agent.rs:43-67

Auto mode (InputToggleMode::AutoDetection,
universal_developer_input.rs:440) is the third pill in the mode
segmented control.  When selected, the NLD model's effective-mode
atom drives whether the buffer routes to the shell or the agent on
⌘+Enter / ↵.  Pass currentText alongside the new mode via
onModeChange so the parent can fire a one-shot classifier run when
Auto is toggled on with existing buffer content.

Additional surface added by the redesign (independent of NLD but
landed in the same refactor):
  - banner / promptAlert slots for inline notices above the editor
  - onFilesDropped for drag-drop attachments
  - onPromptContextMenu for right-click on the prompt chip
  - hideHelpRow for hosts that surface their own keybind list
  - topRight slot at the far right of the help row (warp uses this
    for the "free cloud agent credits" pill — crest leaves it null)
  - fontSize prop applied to the editor only; chrome (chips, buttons,
    help row) stays at fixed UI sizes for legibility, mirroring warp's
    ui_font_family / monospace_ui_scalar split.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
End-to-end pipeline that produces public/nld-model/{model_quantized.onnx,
tokenizer.json,...} from a synthetic corpus.  Not source-coupled to
the frontend — the frontend consumes the artifacts; this directory
regenerates them when the corpus or base model changes.

Files:
  - requirements.txt       — sentence-transformers, scikit-learn,
                             optimum, transformers, torch
  - generate_v0.py         — synthetic mixed EN+ZH corpus (~5K samples)
                             of shell-vs-NL pairs; outputs data.jsonl
  - data.jsonl             — committed corpus snapshot used for the
                             current shipped model (5190 lines)
  - finetune_classifier.py — 3-epoch fine-tune of
                             paraphrase-multilingual-MiniLM-L12-v2
                             with a 384→2 head; exports ONNX via optimum.
                             Class weight rebalancing (~13× shell)
                             biases the boundary toward NL since the
                             synthetic corpus over-represents shell.
  - train_classifier.py    — older linear-head training script kept
                             for reference; superseded by the end-to-end
                             approach in finetune_classifier.py.
  - quantize_onnx.py       — dynamic INT8 quant (baseline path).
  - quantize_aggressive.py — failed static-quant attempt; preserved
                             so the next visitor knows fused
                             Attention/SkipLayerNorm ops can't be
                             statically quantized.
  - quantize_optimum.py    — optimum-based quant that lands at 113 MB,
                             the theoretical floor for INT8 of this
                             multilingual-MiniLM-L12 model class
                             (Xenova's published variant is the same).
  - build_word_lists.py    — fetch Google 10K English, stem with
                             Porter2, emit the english-stems.txt and
                             known-commands.txt that ship with the
                             tier-1.5 heuristic-word-score classifier.
  - evaluate.py            — progressive-typing evaluator (port of
                             warp's evaluate.rs).  For each input in
                             a curated eval set, generate every prefix,
                             classify each, then surface (1) flicker
                             count, (2) convergence point, (3) final
                             accuracy.  Catches what an offline probe
                             set can't: mid-typing instability.

Outputs (.venv, onnx_model/, finetuned_model/, optimum_tmp/,
augmented_model.onnx, eval_results.json) are gitignored.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The NLD module depends on a sibling-cloned edgeFlow.js library;
friction during integration (missing APIs, bundler quirks, workarounds)
should be journalled in ../edgeFlow.js/docs/INTEGRATION_LOG.md so the
library catches up rather than letting consumer-side patches rot.
Adds the policy + workaround-tagging convention to CLAUDE.md so the
loop survives across sessions.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
… tools

Three warp-derived agent additions landed together since they share
type/RPC plumbing that's hard to split cleanly:

P1 — Typed citations across web_fetch / search / cmd_history.
Citation { Kind, URL, Title, LineStart, LineEnd } on UIMessageDataToolUse
and ToolAuditEvent; AddCitation helper with dedup; usechat copies
citations into the audit row at finalize and now passes string outputs
from ToolAnyCallback through raw (no JSON quoting) so plain-text tools
can migrate from ToolTextCallback without losing wire format. Mirrors
warp's AIAgentCitation (crates/ai/src/agent/citation.rs:5-11); adds
file/history kinds + line range for crest's search/cmd_history use
cases (warp's three-kind enum doesn't cover them).

P2 — ask_user_question tool (Go side).
Multi-choice card with nested AskUserQuestionType discriminator
(matches warp action/mod.rs:611-657 after audit). ApprovalRequest
extended to carry user answers; UpdateToolApprovalWithAnswers +
WaitForToolApproval(approval, answers) bridge into toolusedata.
CommandWaveAIToolApproveData.AskAnswers field on the wire.

P4 — Long-running command tools: read / write / transfer.
Strict ports of warp's ReadShellCommandOutput, WriteToLongRunning-
ShellCommand (raw/line/block modes via decorate_bytes), and
TransferShellCommandControlToUser. ShellCommandDelay nested with
duration / oncompletion kinds. shell_exec's readBlockTail refactored
to readBlockTailN(n) + readBlockTotalBytes for sharing.

Registry + mode lists updated; ask/plan/do get ask_user_question; do +
bench get long-running tools; transfer_to_user is do-only.

47 Go test cases pass across pkg/aiusechat/uctypes, pkg/agent/tools.

Bundling note: wshrpc/wshrpctypes.go, wshrpc/wshserver/wshserver.go,
and the auto-generated wshrpc/wshclient/wshclient.go +
frontend/types/gotypes.d.ts + frontend/app/store/wshclientapi.ts
inevitably carry adjacent edits from a parallel wconfig refactor
(AI config moved into uctypes.AIUserConfig + vtab settings) since
their diffs interleave in the same files. Split via rebase if you
want finer history.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
FE companions to the backend warp-port work in 45b5deb.

ToolAskCard (frontend/app/term/render/tool-ask-card.tsx, new) — interactive
multi-choice card consuming UIMessageDataToolUse.AskQuestion.  Keyboard
1-9 toggles options, ← → moves between questions (warp ask_user_question_-
view.rs:1400-1401), ⌘↵ submits, Esc cancels (Esc vs warp's Ctrl-C is
deliberate — Electron vs terminal-host convention).  Recommended option
gets a ★ highlight; "Other" inline-expands a textarea when
questiontype.supportsother.  ToolAskSummary in the same file renders
the resolved state as read-only chips (mirrors warp render_completed_-
answers at ask_user_question_view.rs:1251-1310).

tool-use-card.tsx — dispatches by needsApproval between ToolAskCard
(interactive) and ToolAskSummary (resolved); submit signature gains
askAnswers so the parent can post answers back via WaveAIToolApprove-
Command.

aitypes.ts — TS mirrors for Citation and AskUserQuestion* types
matching the nested-discriminator shape (post-audit).

terminal-model.test.ts (new) — 8 unit tests covering submitAgent-
Message id stability, applyAgentDelta accumulation, applyAgentText
snapshot semantics, applyAgentStatus mirror onto agentChatStatusAtom,
getRecentCommands slicing.

cmdblock-status.tsx — exports AgentWatchingBadge + TakeOverButton as
standalone components; wiring into the block header is deferred to a
separate design pass.

Bundling note: tool-use-card.tsx and cmdblock-status.tsx had
pre-session content authored elsewhere; the diffs here are my
additions layered on top.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Records the warp-derived agent work landed across 45b5deb + d101bc5.
Four artifacts:

docs/warp-agent-analysis.md (new) — source-grounded read of warp's
agent system: top-level architecture map, capability-by-capability
port/adapt/skip evaluation, prioritized recommendations for crest,
anti-patterns to avoid, open questions.  Anchor doc; everything else
in this commit references it.

docs/warp-agent-improvement-plan.md (new) — execution plan with five
phases (P0 Track C agent UI reconnection, P1 typed citations, P2
ask_user_question, P3 markdown delta — deferred pending profile, P4
long-running command tools).  Per-phase subtask checklist, warp source
references, port-strategy notes (literal vs idiomatic), C-class
divergences with justifications, and the post-audit findings showing
which strict-port fixes were applied (A1-A4) and which deviations were
kept deliberately.

docs/agent-architecture.md — appended §20–§23 in the existing five-
section format (problem / approach / files / data flow / trade-offs):
§20 Track C agent UI, §21 typed citations, §22 ask_user_question,
§23 long-running command tools.  Doc went 499 → 596 lines.

docs/overnight-status-2026-05-20.md (new) — overnight work log:
NOTICES.md drafting, task generate refresh, the three npm install
attempts hitting electron-builder postinstall + APFS read-empty, and
the morning recovery that got FE tests to 23/23 pass.  Also documents
that the wconfig refactor "blocker" I diagnosed overnight was based
on stale state and turned out not to be a blocker after wshclient.go
was regenerated.

NOTICES.md (already in 45b5deb) carries the MIT copyright notice +
the inventory of crest files derived from warp source.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Replaces the dual legacy `ai:*` global settings + `waveai@*` mode dict
system with a four-layer architecture: in-repo catalog of known
providers/models, user-edited `~/.config/crest/ai.json` for credentials
+ default + profiles + overrides, per-pane `agent:selection` meta, and
a resolver that produces the wire shape the backend ingests.

Design choice notes locked in §12 of the doc — TS-only catalog (no
backend service), inline selection triple (not profile reference),
empty-state UI over seeded defaults with fake keys, no migration
script (POC stage).

- docs/ai-config-architecture.md: 15-section design + §16 implementation
  appendix noting what diverged from the original plan
- docs/examples/ai.json.example: full ai.json with every section populated
- docs/examples/README.md: minimal-vs-full guide + schema rules

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
…g IO

Pure additions; nothing else in the codebase consumes these yet (the
cutover that wires them in lands in the follow-up commit).

- pkg/aiusechat/aiconfig.go — AIConfigRequest struct (mirrors the
  frontend ResolvedAIConfig wire shape) + BuildAIOptsFromConfig that
  ingests it into the existing AIOptsType. Token resolution: literal
  Token > secretstore.GetSecret(TokenSecretName) > empty (unauthed
  local endpoint). secretLookup is a package var so tests can inject
  a fake without touching the OS keychain.
- pkg/aiusechat/userconfig.go — ReadAIUserConfig / WriteAIUserConfig
  for ~/.config/crest/ai.json with shape validation + typed sentinel
  errors (ErrAIUserConfigMissing, ErrAIUserConfigMalformed) so the
  frontend can distinguish first-run from corrupt-file.
- pkg/aiusechat/uctypes/userconfig.go — AIUserConfig + supporting
  types (ProviderCredentials, AISelectionConfig, UserCustomModel,
  UserCustomEndpoint). In uctypes (leaf package) so wshrpc can
  reference without an import cycle.
- aiconfig_test.go (13 tests) + aiconfig_roundtrip_test.go (5 tests
  exercising cross-language JSON contracts) + userconfig_test.go
  (10 parse/validation tests) + userconfig_example_test.go (guards
  the shipped docs/examples/ai.json.example against schema drift).

Design: docs/ai-config-architecture.md §§3-6.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
…picker

Pure additions; the existing model chip / picker call sites continue
to use the legacy `fullConfig.waveai` path until the cutover commit
wires these in.

- frontend/app/store/ai-catalog.ts — static in-repo catalog of known
  providers (OpenAI, Anthropic, Google Gemini, OpenRouter) + their
  popular models with endpoint, apitype, capabilities, context window,
  reasoning support. The "what models exist" source of truth, owned
  by crest maintainers via PR. Decision rationale in design doc §3.
- frontend/app/store/ai-types.ts — AgentSelection, AIConfigRequest,
  ResolvedAIConfig, ResolveError, plus a UserConfig alias for the
  gen'd AIUserConfig so callers stay vocabulary-neutral.
- frontend/app/store/ai-resolver.ts — resolveAIConfig(selection,
  userConfig, catalog) returns a discriminated-union ResolveResult.
  Handles catalog vs custom_endpoints vs custom_models lookup,
  {model} endpoint template substitution, reasoning-capability
  gating, and credential precedence (literal token > tokensecretname).
- ai-resolver.test.ts: 20+ vitest cases covering every branch.
  ai-resolver-smoke.ts: tsx-runnable variant for envs where vitest
  is broken (this env's node_modules hits an oxc-resolver / picomatch
  filesystem race; smoke gives 26/26 deterministic results).
- frontend/app/store/ai-user-config.ts — jotai atom + loader for
  ~/.config/crest/ai.json via the GetAIUserConfigCommand wshrpc
  (lands in the cutover commit). State machine: loading → ok |
  missing | malformed | rpc_error.
- frontend/app/view/cmdblock/model-picker-popover.tsx — sectioned
  picker (Profiles / per-provider / Custom) with inline reasoning
  mini-row, empty-state banner for missing/malformed ai.json,
  per-row "Add key" affordance when a provider lacks credentials.
  Replaces the earlier V1 picker; written from scratch against the
  new catalog/userConfig data model.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Cutover: removes the dual ai:* global settings / waveai@* mode dict
system and switches the agent + chat panel handlers to consume the
fully-resolved AIConfigRequest the frontend now sends. Settings split
cleanly between "user-edited credentials/model selection" (ai.json,
not in repo defaults) and "wconfig generic" (ai:mcpservers,
ai:permissions stay).

Legacy delete:
- pkg/aiusechat/usechat-mode.go (whole file) + usechat_mode_test.go
- pkg/aiusechat/usechat.go: getWaveAISettings / GetWaveAISettings /
  AIMode propagation through WaveChatMetrics → telemetry
- pkg/agent/http.go: buildAIOptsFromSettings + detectAPIType + the
  if-aimode-else-buildFromSettings branch — now always
  BuildAIOptsFromConfig(req.AIConfig)
- pkg/wconfig/settingsconfig.go: SettingsType.{AiApiType, AiBaseURL,
  AiApiToken, AiApiTokenSecretName, AiModel, AiMaxTokens, AiTimeoutMs}
- pkg/wconfig/defaultconfig/{settings.json, waveai.json}: ai:preset,
  ai:model, ai:maxtokens, ai:timeoutms, waveai:defaultmode,
  waveai:showcloudmodes keys + the entire embedded waveai.json
- pkg/telemetry/telemetrydata/telemetrydata.go: WaveAIMode field
- pkg/tsgen/tsgen.go + cmd/generateschema: stop generating the
  AIModeConfigUpdate TS shape + the schema/waveai.json file
- pkg/waveobj/objrtinfo.go: ObjRTInfo.WaveAIMode
- schema/waveai.json deleted
- frontend/app/view/waveconfig/waveaivisual.tsx (whole file, 540 LOC)
- frontend/app/store/global-atoms.ts:hasCustomAIPresetsAtom +
  consumers (custom.d.ts, widgets.tsx, mockwaveenv.ts)
- frontend/app/monaco/schemaendpoints.ts: waveai.json schema endpoint
- frontend/app/view/waveconfig/waveconfig-model.ts: validateWaveAiJson
  + WaveAIVisualContent reference (replaced with plain json view
  pointing at ai.json)
- frontend/preview/mock/defaultconfig.ts: waveai field

New / replaced:
- pkg/waveobj/wtypemeta.go: MetaTSType.AgentSelection +
  AgentSelectionMeta struct (per-pane selection persisted to
  block.meta["agent:selection"])
- pkg/agent/http.go: PostAgentMessageRequest.AIConfig field +
  TestHandler_MissingAIConfig guarding the 400 path
- generated: pkg/waveobj/metaconsts.go (MetaKey_AgentSelection),
  schema/settings.json (ai:* keys gone)

FE wiring (entangled — these files also carry the P0 agent UI
restoration work from earlier in the same session since they share
the same files):
- frontend/app/term/render/terminal-view.tsx: drops fullConfig.waveai
  derivation, derives activeSelection from block.meta + ai.json
  default, runs resolveAIConfig for the display label, writes back
  via UpdateObjectMeta. Threads resolvedAIConfig down to AgentChatHost.
- frontend/app/term/render/agent-chat-host.tsx: aimode prop → aiConfig
  prop; refuses to submit when null (surfaces a toast instead of a
  silent 400).
- frontend/app/view/cmdblock/cmdblock-input.tsx: model chip props
  swapped to catalog / userConfig / selection / onSelectionChange
  shape that the new popover expects.
- frontend/wave.ts: initAIUserConfig() at boot to hydrate the atom.

Acceptance: go build ./... clean; go test ./pkg/aiusechat/
./pkg/agent/... green (including TestHandler_MissingAIConfig); 0
straggler refs to AIModeConfig / WaveAIMode / hasCustomAIPresetsAtom
in tracked source.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Top-level "AI Provider Configuration" section before "Modes" since
the agent refuses to start without a configured provider. Covers:

- Minimal vs full ai.json shape with one example each (matches the
  full-form shipped at docs/examples/ai.json.example).
- tokensecretname (OS keychain, preferred) vs token (plaintext,
  testing only) precedence.
- Built-in providers in the catalog (OpenAI, Anthropic, Google Gemini,
  OpenRouter) and what's not (Azure / Groq / NanoGPT — via
  custom_endpoints).
- Profiles, custom_models, custom_endpoints with concrete examples.
- Picker layout (sectioned, dimmed-when-no-key, reasoning sub-row).
- How reasoning level fits into selection (folded into the triple,
  silently dropped on unsupported models).

Also rewrites the "Switching Models" section: the :model slash
command is gone, the model chip + picker replaces it.

Pointers added to docs/ai-config-architecture.md for the four-layer
design rationale.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The shared vitest.config.ts pulls in electron.vite.config.ts which
imports @tailwindcss/vite. In environments where node_modules has
gone partially-corrupt (oxc-resolver / picomatch / @tailwindcss/node
short-reads — a recurring macOS APFS-with-com.apple.provenance race)
the tailwind plugin fails to load and vitest can't even start.

This slim config doesn't go through the renderer config; just sets
the @/* path alias against the frontend tree and a Node test
environment. Usage: npx vitest run --config vitest.slim.config.ts <path>.

Suitable for pure-logic tests (engine, resolver, parsers); component
tests that need Tailwind classes still want the main config.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
crest is no longer packaged via electron-builder; the icon set and
deb post-install template were dead weight.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Required by the tsunami frontend's terminal preview surface.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
ThemeModel applies the user's selected term theme to :root as CSS
variables (ported from warp's WarpTheme). app.scss routes body bg
through --color-background with --bg-gradient riding on top so
gradient themes paint over the solid. Tooltip switches from a
hard-coded zinc-800 to --color-tooltip-bg / --color-on-tooltip.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Adds a sidecar detail panel, a settings popover, and a richer
context menu for vertical tabs; tab color utils centralize chip
accents. Workspace gains a resize handle and the layout model is
refactored. Topbar updated for the new tab affordances.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
New AISetupWizard modal registered with the modal registry, and
the cmdblock model picker now closes itself before opening the
wizard so its z-index doesn't paint over the modal. Command
palette is rebound to Cmd+P (was Cmd+Shift+P) and gets the
companion UI tweaks.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Sets worker.format='es' in electron.vite.config so edgeFlow.js's
ORT backend can resolve its dynamic onnxruntime-web/wasm import
inside the worker; the IIFE default silently dropped it in dev
and failed the production build outright. embedder.worker.ts now
injects the statically-imported ORT module via setOnnxModule so
we don't rely on the dynamic import succeeding. embedder-edgeflow
classify() catches inference failures and resolves null so the
composer falls back to tier-1 instead of stalling.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
- pkg/contextchip: port of warp's context_chips framework — fetcher,
  cache, generator, builtins (git branch, diff stats, GH PR, k8s ctx).
- Shell precmd hooks (bash/fish/pwsh/zsh) emit cwd/git/venv/conda/
  node_version via OSC 133 P so block-handler can populate chips.
- frontend/app/term/contextchip/chip-model: per-block ContextChipModel
  with fingerprint cache, invalidate-on-command counter, and in-flight
  dedup, mirroring warp's ChipState.
- Block model gains kind="agent" + agentPayload; AgentBlockElement
  renders agent blocks bypassing the ANSI grid. BlockHandler guards
  every grid mutator against agent blocks, parses git_diff_stats
  shortstat, and routes CSI 3J to clearPriorBlocks() so `clear` wipes
  scrollback in our block model (skipped on alt-screen).
- BlockElement / BlockListElement adopt warp's draw_block_background
  rules (failed-block tint + flag-pole, selected fg-overlay-2),
  flush command-to-output background, sticky compact header with the
  toolbelt fading in on hover. cmdblock-header rows collapse when
  empty so bare command blocks stay tight.
- New tool-action / tool-command / tool-diff cards + citation-chips
  for agent tool calls; agent-flow / block-handler / blocks tests.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The AI subsystem had a 'configured but unsendable' bug where the picker
showed live /models entries that the resolver had no fallback for —
selecting any non-catalog model produced a silent 3.5s toast and a
dropped message. This commit fixes the failure mode end-to-end and adds
several adjacent improvements that share the same edit surface.

Resolver (frontend/app/store/ai-resolver.ts)
  - New fallback: when the catalog has the provider but not the model,
    synthesize a ResolvedModelView from provider defaults so live-picked
    ids resolve cleanly. Removes the workaround root cause.
  - 2 new tests cover the synth path + the aggregator path.

Catalog (frontend/app/store/ai-catalog.ts)
  - Add ProviderKind = 'direct' | 'aggregator' (default 'direct').
  - OpenRouter switched to aggregator with empty models[] — its 300+
    upstream models are authoritative via live /models, not curated.

LiteLLM sync (scripts/sync-ai-models.mjs, Taskfile.yml)
  - 'task sync:models' pulls
    https://raw.githubusercontent.com/BerriAI/litellm/main/model_prices_and_context_window.json
    and writes ai-catalog-models.gen.ts with the model-level data per
    provider (OpenAI/Anthropic/Google). Provider-level facts
    (endpoint/apitype/secretname/kind) stay curated in ai-catalog.ts.
  - Heuristics for displayName cleanup ('gpt-5' → 'GPT-5',
    'claude-opus-4-7' → 'Claude Opus 4.7') and filters out
    audio/realtime/embedding/etc. variants.
  - First sync: OpenAI 37 / Anthropic 14 / Google 36 models, replacing
    the 9 hand-maintained entries.

Persistent chatId (frontend/app/term/render/terminal-view.tsx)
  - block.meta['agent:chatid'] minted lazily on first send (gated on
    block load completion so a stale undefined meta read can't clobber
    an existing id). Backend chatstore history now survives pane
    remount / reload / app restart instead of orphaning every session.
  - New AgentChatID field on the Go wstore meta type + regenerated TS.

Structured errors (frontend/app/term/render/agent-chat-host.tsx)
  - Replace the 3.5s self-dismissing toast with an inline error agent
    block carrying the resolver's specific error.message. Preserves the
    user's message in the timeline and surfaces an actionable reason
    ('no API key for X', 'unknown model Y') instead of a generic
    'configure ai.json'.
  - terminal-view threads aiConfigError alongside aiConfig.

Architecture eval (docs/ai-sdk-provider-migration-eval.md)
  - 254-line decision doc capturing why the original 'use ai-sdk
    providers' framing produced a stuck FE-vs-BE tradeoff, why
    the dominant pattern is Electron-main-owns-agent (Cursor, Claude
    Desktop, ChatGPT Desktop, Continue, Cline) and what the migration
    work actually looks like.

User picker work (cmdblock-input, model-picker-popover, ai-setup-wizard,
listmodels, wshrpc types, uctypes) — already in the working tree before
this hardening pass; bundled here to keep the related changes
co-located in one history entry.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Starting point for the Option D rearchitecture: move the agent loop
out of Go wavesrv into the Electron main process, replace the four
hand-rolled pkg/aiusechat backends with a unified upstream library.
See docs/ai-sdk-provider-migration-eval.md §5 for the design.

What landed
  - emain/agent/  (27 files, ~8k LOC) — derived from pi/packages/agent
  - emain/ai/     (39 files, ~25k LOC after trim) — derived from
    pi/packages/ai
  Both are MIT-licensed by Mario Zechner / earendil-works; treated as
  in-tree crest code going forward, not vendored upstream. No
  UPSTREAM.md, no sync ceremony — divergence is expected and welcome.
  Upstream LICENSE preserved at emain/agent/LICENSE.pi; per-file
  copyright headers untouched; NOTICE updated.

Trimmed providers (delete from pi-ai before importing here):
  amazon-bedrock, azure-openai-responses, cloudflare provider,
  google-vertex, mistral, openai-codex-responses, faux, image
  generation. Crest only routes through openai-responses /
  openai-completions / anthropic-messages / google-generative-ai;
  OpenRouter rides on openai-completions with a baseURL override.
  cloudflare.ts kept as a 35-line utility because the surviving
  providers reference it.

Local modifications to imported source (search 'crest-local' in
the tree for the rationale comments):
  - emain/agent/harness/types.ts:6  Result<T,E> flattened from a
    discriminated union to {ok, value?, error?}. Crest's tsconfig has
    strict:false; TS could not reliably narrow .error after .ok in
    ~25 sites, and the discriminate flavor cost us dozens of
    false-positive errors with no runtime benefit.
  - emain/agent/harness/env/nodejs.ts:251       single-site cast
    consequence of the Result flatten.
  - emain/agent/harness/session/jsonl-storage.ts:83
  - emain/ai/utils/oauth/github-copilot.ts:139
    Two narrow casts where the upstream code relied on narrowing
    'unknown' after typeof guards — strict:false doesn't propagate.
  - emain/ai/providers/register-builtins.ts  Rewritten end-to-end
    to register only the 4 providers we keep; clearer than carrying
    the dead branches.
  - emain/ai/index.ts  Re-exports trimmed to match the surviving
    surface.

Project-wide adjustments
  - tsconfig.json: target/lib bumped es6 → es2022. pi uses Set
    iteration / Object.hasOwn / AggregateError natively; the old lib
    couldn't see them. Runtime targets (Node 22 main, Chrome 140
    renderer) already support es2022 so this is a no-op at runtime.
  - package.json: 8 new deps (typebox, @anthropic-ai/sdk,
    @google/genai, openai, partial-json, ignore, http-proxy-agent,
    https-proxy-agent). All required by the surviving pi-ai
    providers.

Spike (emain/agent/_spike.ts)
  Smoke test: imports the integrated Agent + getModel, constructs an
  agent, subscribes to events, calls prompt(). Runs cleanly when an
  ANTHROPIC_API_KEY / OPENAI_API_KEY / GEMINI_API_KEY env var is
  present; falls through to a clear error otherwise. Delete once the
  Electron main runtime + IPC wiring is in place.

Verification
  - tsc --noEmit -p tsconfig.json: 0 errors in emain/agent + emain/ai
    (58 pre-existing project errors unchanged).
  - npx tsx emain/agent/_spike.ts: imports resolve, Agent
    instantiates, providers register, fails at the env-var guard as
    expected without a key.

Not in this commit (next tasks)
  - emain/agent/runtime.ts (per-pane Agent instances, JSONL sessions)
  - IPC bridge to renderer
  - 24 crest-specific tools ported to TS
  - Simple permissions hook (replaces pkg/agent/permissions/)
  - usePiChat React hook + drop of @ai-sdk/react
  - Deletion of pkg/agent/ + pkg/aiusechat/

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4 to 8.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](actions/download-artifact@v4...v8)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-version: '8'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels May 23, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

5 participants