[codex] Prepare v0.7.0 release

[guima-why]

Summary

• Bump the package version from 0.6.0 to 0.7.0.
• Refresh i18n catalog headers with make translate so locale metadata matches the release version.
• Update the legacy setup packaging assertion for the new version.

Release scope

v0.7.0 is a broad minor release. The changes from v0.6.0 to main span 255 files changed, 48392 insertions(+), 1772 deletions(-), with most of the functional work coming from the A2A/pipeline hardening branch in #129 plus request-scoped A2A runtime overrides, docs fixes, i18n, test coverage, and dependency updates.

Validation

• make translate
• make lint
• make test (7011 passed, 268 warnings)
• git diff --check

Draft GitHub release notes

## What's Changed

### Highlights

- This is a broad A2A and Pipeline Mode reliability release, not just a version bump.
- Hardened A2A pipeline execution, recovery, snapshots, journals, rollback cleanup, persistence, and normal-chat handoff behavior.
- Added a local selling pipeline console and substantially expanded debugger/E2E tooling for A2A pipeline scenarios.
- Added pipeline image input support and better multimodal handling across A2A, REPL display, snapshots, and recovery paths.
- Added A2A request-scoped runtime/cloud credential overrides.
- Tightened the selling pipeline workflow around ROS stack deployment, candidate selection, cost/deployment parameters, memory policy, and completion guards.

### A2A and Pipeline Runtime

- Added structured `PipelineUserInput` handling for text, JSON, raw/file URL parts, and supported image MIME types (`png`, `jpeg`, `webp`, `gif`).
- Added image resizing/downsampling and validation before entering pipeline execution, so unsupported media fails early and supported images survive through display/recovery surfaces.
- Added A2A request-scoped runtime overrides, including cloud credential override plumbing for A2A calls.
- Preserved recoverable task IDs and richer recoverable error data through JSON-RPC/A2A compatibility paths.
- Improved task/context ownership checks for active sidecars, terminal sidecars, waiting input, task aliases, resubscribe flows, and recovery without an explicit `taskId`.
- Made cancel handoff, active interrupts, pending input, `ask_user_question` resume, and normal-chat follow-ups after pipeline handoff more consistent.
- Added JSON-RPC passthrough coverage and improved dispatcher behavior for A2A transport flows.

### Durable Recovery and Persistence

- Added shared durable state-file helpers for atomic writes, locked JSONL appends, cross-device-safe replacement, parent-directory fsync where supported, Windows replace retries, and per-path process/thread locking.
- Moved recovery-critical sidecar/session/journal writes onto the durable helpers.
- Changed key pipeline persistence paths to fail closed instead of reporting successful progress when state could not be written.
- Preserved candidate/sub-pipeline execution state, failed candidate details, active attempt IDs, pending input resume data, transcripts, rollback metadata, and cleanup ledger state across restarts.
- Rebuilt and repaired A2A pipeline recovery state from snapshots and journals more defensively, including task/context filtering, schema catch-up, repaired tails, and sanitized public payloads.
- Marked terminal/cleared sidecars as non-resumable while preserving files for debugging.

### Rollback Cleanup and Cloud Resource Tracking

- Added cleanup tracking primitives (`CleanupLedger`, `CleanupObserver`, `CleanupResource`) for resources created during pipeline execution.
- Added ROS stack observation from both `ros_stack` and generic `aliyun_api CreateStack` paths.
- Added deploying-step hooks that record observed ROS stacks and mark only relevant deployment attempts for rollback cleanup.
- Generated hidden cleanup prompts for normal-chat handoff and preserved them through session save, context compaction, resume, prompt inspection, and A2A normal-chat startup.
- Published cleanup started/progress/failed/completed events and exposed sanitized cleanup state in A2A snapshots/recovery payloads.
- Rejected cleanup result mismatches instead of treating unrelated tool results as cleanup success, and sanitized mismatch/error details before user-visible or public A2A exposure.

### Pipeline Engine and Selling Workflow

- Added surface-specific step prompt overrides, including an A2A-specific confirm/select prompt.
- Added completion guard state rebuilt from tool results and resume messages, including guards that require a successful ROS stack result with matching stack ID/status.
- Added pre-validation for `complete_step` inputs before accepting restored/precompleted tool state.
- Added pipeline hooks for resource observation and rollback cleanup requirements.
- Removed static rollback rule parsing from loaded steps and moved rollback targeting into explicit runtime state.
- Passed pipeline mode, trusted-read-directory, and relative-read-directory context into step agent loops and tool execution.
- Refined selling pipeline prompts and skills for intent parsing, architecture planning, cost estimation, candidate selection, deployment parameters, and failed/successful deployment reporting.
- Improved support for explicit `StackName`, region, VPC/zone/CIDR constraints, non-Alibaba-Cloud requests, ambiguous deployment requests, and user-provided deployment parameter overrides.
- Restricted ROS template API calls in pipeline mode to `TemplateURL`, required unique ROS stack names, and enforced stack completion guards before declaring deployment success.

### REPL, Session, and UI Behavior

- Added real pipeline-sidecar detection on REPL startup and `/resume`, including choices to resume or discard resumable sidecars.
- Preserved normal chat history when sessions have terminal/non-resumable pipeline state.
- Added replay-only notices for user-aborted terminal pipelines when resuming as normal chat.
- Persisted the visible pipeline user turn into the root session so resumed terminal pipeline sessions do not appear empty.
- Filtered hidden recalled-memory and cleanup prompts from session index metadata, resume picker previews, transcript rendering, and prompt summaries where appropriate.
- Added `/prompt` visibility for cleanup prompts, including a dedicated cleanup prompt tab when present.
- Improved REPL image paste/render behavior for pipeline-visible user turns and image block display.
- Improved read-memory errors by listing available memories when a requested memory name is missing.

### Developer Tooling, Debugger, Console, and Docs

- Added a local A2A selling pipeline console server and static web UI under `scripts/a2a/selling_console.py` and `scripts/a2a/selling_console_web/`.
- Extended the A2A debugger with pipeline state/task state views, SSE proxy behavior, cwd validation notes, image uploads, and pipeline image-input limits.
- Added a real PTY-driven REPL pipeline E2E runner under `scripts/repl/e2e/` and added `pexpect` to dev dependencies.
- Extended A2A recovery E2E scenarios with static image fixtures and coverage for image waiting-input, selection, handoff, interrupt, and rollback cleanup recovery flows.
- Added website navigation/footer entries for Pipeline Mode docs and test coverage for docs navigation labels.
- Updated A2A docs, runtime configuration docs, environment/provider docs, and localized website navigation metadata.

### Cross-Platform, Path Safety, and Security Hardening

- Added Windows-aware and case-insensitive path handling where needed for safe path checks.
- Added safer path-lock and state-write helpers for recovery-critical files.
- Preserved trusted read directories for pipeline skills/tools without broadening general read permissions.
- Kept non-pipeline `ToolContext` construction backward-compatible while adding pipeline-mode context fields.
- Tightened public event/recovery sanitization for stack traces, cleanup mismatch details, path-like values, and sensitive failure text.

### Internationalization, Tests, and Dependencies

- Updated gettext catalogs for all supported locales: `de`, `es`, `fr`, `ja`, `pt`, and `zh`.
- Added or expanded tests across A2A execution, pipeline engine recovery, rollback cleanup, REPL behavior, selling pipeline prompts/skills, session storage/indexing, path safety, tool execution, image input, website navigation, and E2E helper scripts.
- Updated dependencies: `aiohttp`, `starlette`, website `launch-editor`, `webpack-dev-server`, `ws`, and `undici`.

## Pull Requests

- fix: align A2A route preview command docs by @xiao201208 in https://github.com/aliyun/iac-code/pull/116
- feat: support A2A request-scoped cloud credentials by @ruanzhengxin-zhuxing in https://github.com/aliyun/iac-code/pull/117
- build(deps): bump aiohttp from 3.14.0 to 3.14.1 by @dependabot[bot] in https://github.com/aliyun/iac-code/pull/121
- build(deps): bump starlette from 1.0.1 to 1.3.1 by @dependabot[bot] in https://github.com/aliyun/iac-code/pull/122
- build(deps): bump launch-editor from 2.13.2 to 2.14.1 in /website by @dependabot[bot] in https://github.com/aliyun/iac-code/pull/123
- build(deps): bump webpack-dev-server from 5.2.4 to 5.2.5 in /website by @dependabot[bot] in https://github.com/aliyun/iac-code/pull/124
- build(deps): bump ws in /website by @dependabot[bot] in https://github.com/aliyun/iac-code/pull/125
- build(deps): bump undici from 7.26.0 to 7.28.0 in /website by @dependabot[bot] in https://github.com/aliyun/iac-code/pull/127
- Harden A2A pipeline recovery, cleanup, and multimodal flows by @guima-why in https://github.com/aliyun/iac-code/pull/129

**Full Changelog**: https://github.com/aliyun/iac-code/compare/v0.6.0...v0.7.0