* add automatic OSC 7 support to bash and zsh
* add new wave OSC 16162 (planck length) to get up-to-date shell
information into blockrtinfo. currently implemented only for zsh. bash
will not support as rich of data as zsh, but we'll be able to do some.
* new rtinfo will be used to provide better context for AI in the
future, and to make sure AI is running safe commands.
* added a small local machine description to tab context (so AI knows
we're running on MacOS, Linux, or Windows)
Documentation Updates (removing AI Widget Information / deprecation)
Hover effect on tool calls shows which widget is effected
Remove AI Widget from sidebar unless there is customized presets
Backend now provides blockid (if available) to frontend for tool calls
We now show all Read File/Dir calls together and batch approve them
(backend change to emit them all at once, and FE change to display them
as a batch)
JS chunking for monaco, mermaid, and shiki, etc. shiki is huge, almost
10M but can't be easily split out of Streamdown. Tried making it load
async, but w/ Streamdown we can't do that easily. Trying to split the JS
up because of a build error we were running into in build-helper.
Bumps [golang.org/x/mod](https://github.com/golang/mod) from 0.28.0 to
0.29.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="bba3e065a6"><code>bba3e06</code></a>
go.mod: update golang.org/x dependencies</li>
<li>See full diff in <a
href="https://github.com/golang/mod/compare/v0.28.0...v0.29.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the prod-dependencies-patch group with 3 updates:
[@ai-sdk/react](https://github.com/vercel/ai),
[ai](https://github.com/vercel/ai) and
[remark-flexible-toc](https://github.com/ipikuka/remark-flexible-toc).
Updates `@ai-sdk/react` from 2.0.44 to 2.0.68
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vercel/ai/releases"><code>@ai-sdk/react</code>'s
releases</a>.</em></p>
<blockquote>
<h2><code>@ai-sdk/react</code><a
href="https://github.com/2"><code>@2</code></a>.0.68</h2>
<h3>Patch Changes</h3>
<ul>
<li>Updated dependencies [17f9872]
<ul>
<li><code>@ai-sdk/provider-utils</code><a
href="https://github.com/3"><code>@3</code></a>.0.12</li>
<li>ai@5.0.68</li>
</ul>
</li>
</ul>
<h2><code>@ai-sdk/react</code><a
href="https://github.com/2"><code>@2</code></a>.0.67</h2>
<h3>Patch Changes</h3>
<ul>
<li>ai@5.0.67</li>
</ul>
<h2><code>@ai-sdk/react</code><a
href="https://github.com/2"><code>@2</code></a>.0.66</h2>
<h3>Patch Changes</h3>
<ul>
<li>ai@5.0.66</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4ed354c09a"><code>4ed354c</code></a>
Version Packages (<a
href="https://redirect.github.com/vercel/ai/issues/9376">#9376</a>)</li>
<li><a
href="17f9872c2e"><code>17f9872</code></a>
[v5] fix: revert zod import change (<a
href="https://redirect.github.com/vercel/ai/issues/9375">#9375</a>)</li>
<li><a
href="388a5b4256"><code>388a5b4</code></a>
Version Packages (<a
href="https://redirect.github.com/vercel/ai/issues/9374">#9374</a>)</li>
<li><a
href="227ca9412c"><code>227ca94</code></a>
[v5] fix: revert zod import change (<a
href="https://redirect.github.com/vercel/ai/issues/9349">#9349</a>)</li>
<li><a
href="13be349068"><code>13be349</code></a>
Backport: chore(provider/openai): update webSearch tool example and
tests (<a
href="https://redirect.github.com/vercel/ai/issues/9">#9</a>...</li>
<li><a
href="f8a8db51df"><code>f8a8db5</code></a>
Backport: docs: add v4 to v5 data migration guide (<a
href="https://redirect.github.com/vercel/ai/issues/9366">#9366</a>)</li>
<li><a
href="16201ceaa2"><code>16201ce</code></a>
Version Packages (<a
href="https://redirect.github.com/vercel/ai/issues/9367">#9367</a>)</li>
<li><a
href="99e2a2a89a"><code>99e2a2a</code></a>
Backport: feat(provider/openai): support file and image tool results (<a
href="https://redirect.github.com/vercel/ai/issues/9363">#9363</a>)</li>
<li><a
href="ec5a0a08a3"><code>ec5a0a0</code></a>
Backport: chore(provider/gateway): lazy schema loading (<a
href="https://redirect.github.com/vercel/ai/issues/9361">#9361</a>)</li>
<li><a
href="e5a9363830"><code>e5a9363</code></a>
Version Packages (<a
href="https://redirect.github.com/vercel/ai/issues/9356">#9356</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/vercel/ai/compare/@ai-sdk/react@2.0.44...@ai-sdk/react@2.0.68">compare
view</a></li>
</ul>
</details>
<br />
Updates `ai` from 5.0.44 to 5.0.68
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/vercel/ai/releases">ai's
releases</a>.</em></p>
<blockquote>
<h2>ai@5.0.68</h2>
<h3>Patch Changes</h3>
<ul>
<li>Updated dependencies [17f9872]
<ul>
<li><code>@ai-sdk/provider-utils</code><a
href="https://github.com/3"><code>@3</code></a>.0.12</li>
<li><code>@ai-sdk/gateway</code><a
href="https://github.com/1"><code>@1</code></a>.0.39</li>
</ul>
</li>
</ul>
<h2>ai@5.0.67</h2>
<h3>Patch Changes</h3>
<ul>
<li>Updated dependencies [227ca94]
<ul>
<li><code>@ai-sdk/gateway</code><a
href="https://github.com/1"><code>@1</code></a>.0.38</li>
</ul>
</li>
</ul>
<h2>ai@5.0.66</h2>
<h3>Patch Changes</h3>
<ul>
<li>Updated dependencies [ec5a0a0]
<ul>
<li><code>@ai-sdk/gateway</code><a
href="https://github.com/1"><code>@1</code></a>.0.37</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4ed354c09a"><code>4ed354c</code></a>
Version Packages (<a
href="https://redirect.github.com/vercel/ai/issues/9376">#9376</a>)</li>
<li><a
href="17f9872c2e"><code>17f9872</code></a>
[v5] fix: revert zod import change (<a
href="https://redirect.github.com/vercel/ai/issues/9375">#9375</a>)</li>
<li><a
href="388a5b4256"><code>388a5b4</code></a>
Version Packages (<a
href="https://redirect.github.com/vercel/ai/issues/9374">#9374</a>)</li>
<li><a
href="227ca9412c"><code>227ca94</code></a>
[v5] fix: revert zod import change (<a
href="https://redirect.github.com/vercel/ai/issues/9349">#9349</a>)</li>
<li><a
href="13be349068"><code>13be349</code></a>
Backport: chore(provider/openai): update webSearch tool example and
tests (<a
href="https://redirect.github.com/vercel/ai/issues/9">#9</a>...</li>
<li><a
href="f8a8db51df"><code>f8a8db5</code></a>
Backport: docs: add v4 to v5 data migration guide (<a
href="https://redirect.github.com/vercel/ai/issues/9366">#9366</a>)</li>
<li><a
href="16201ceaa2"><code>16201ce</code></a>
Version Packages (<a
href="https://redirect.github.com/vercel/ai/issues/9367">#9367</a>)</li>
<li><a
href="99e2a2a89a"><code>99e2a2a</code></a>
Backport: feat(provider/openai): support file and image tool results (<a
href="https://redirect.github.com/vercel/ai/issues/9363">#9363</a>)</li>
<li><a
href="ec5a0a08a3"><code>ec5a0a0</code></a>
Backport: chore(provider/gateway): lazy schema loading (<a
href="https://redirect.github.com/vercel/ai/issues/9361">#9361</a>)</li>
<li><a
href="e5a9363830"><code>e5a9363</code></a>
Version Packages (<a
href="https://redirect.github.com/vercel/ai/issues/9356">#9356</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/vercel/ai/compare/ai@5.0.44...ai@5.0.68">compare
view</a></li>
</ul>
</details>
<br />
Updates `remark-flexible-toc` from 1.2.1 to 1.2.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/ipikuka/remark-flexible-toc/releases">remark-flexible-toc's
releases</a>.</em></p>
<blockquote>
<h2>v1.2.3</h2>
<p>The changes made by <a
href="https://github.com/talatkuyuk"><code>@talatkuyuk</code></a>:</p>
<ul>
<li>Some typo corrections in the <code>README.md</code></li>
<li>Update devDependencies</li>
</ul>
<h2>v1.2.2</h2>
<p>The changes made by <a
href="https://github.com/talatkuyuk"><code>@talatkuyuk</code></a>:</p>
<ul>
<li>Add two examples in the usage section for two different ways for
getting TOC in the <code>README.md</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="975dc61973"><code>975dc61</code></a>
v1.2.3</li>
<li><a
href="7c163b2e56"><code>7c163b2</code></a>
Update devDependencies</li>
<li><a
href="99def91991"><code>99def91</code></a>
Chore: small corrections in README.md</li>
<li><a
href="b5c86d8b3a"><code>b5c86d8</code></a>
v1.2.2</li>
<li><a
href="fe1bb2ef8d"><code>fe1bb2e</code></a>
Add two examples in the usage section for two different ways for getting
TOC</li>
<li><a
href="aeb05c1732"><code>aeb05c1</code></a>
Chore: typing corrections in the README.md</li>
<li>See full diff in <a
href="https://github.com/ipikuka/remark-flexible-toc/compare/v1.2.1...v1.2.3">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from
0.42.0 to 0.43.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="627cb894b6"><code>627cb89</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="dca4914afe"><code>dca4914</code></a>
acme: fix autocert TestHTTPHandlerDefaultFallback</li>
<li><a
href="1336e21bd6"><code>1336e21</code></a>
x509roots/fallback: update bundle</li>
<li><a
href="2beaa59a3c"><code>2beaa59</code></a>
ssh: add VerifiedPublicKeyCallback</li>
<li><a
href="66c3d8ce71"><code>66c3d8c</code></a>
ssh: add support for FIPS mode</li>
<li><a
href="ddb4e80c6a"><code>ddb4e80</code></a>
ssh: remove custom contains, use slices.Contains</li>
<li><a
href="f4d47b0db5"><code>f4d47b0</code></a>
ssh: return clearer error when signature algorithm is used as key
format</li>
<li><a
href="96dc232fbd"><code>96dc232</code></a>
x509roots/fallback/bundle: add bundle package to export root certs</li>
<li><a
href="8c9ba31836"><code>8c9ba31</code></a>
all: freeze and deprecate more packages</li>
<li><a
href="559e062ce8"><code>559e062</code></a>
ssh/agent: return an error for unexpected message types</li>
<li>See full diff in <a
href="https://github.com/golang/crypto/compare/v0.42.0...v0.43.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 3 to 4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.30.7</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.30.7 - 06 Oct 2025</h2>
<p>No user facing changes.</p>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.30.7/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.30.6</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.30.6 - 02 Oct 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.23.2. <a
href="https://redirect.github.com/github/codeql-action/pull/3168">#3168</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.30.6/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.30.5</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.30.5 - 26 Sep 2025</h2>
<ul>
<li>We fixed a bug that was introduced in <code>3.30.4</code> with
<code>upload-sarif</code> which resulted in files without a
<code>.sarif</code> extension not getting uploaded. <a
href="https://redirect.github.com/github/codeql-action/pull/3160">#3160</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.30.5/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.30.4</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.30.4 - 25 Sep 2025</h2>
<ul>
<li>We have improved the CodeQL Action's ability to validate that the
workflow it is used in does not use different versions of the CodeQL
Action for different workflow steps. Mixing different versions of the
CodeQL Action in the same workflow is unsupported and can lead to
unpredictable results. A warning will now be emitted from the
<code>codeql-action/init</code> step if different versions of the CodeQL
Action are detected in the workflow file. Additionally, an error will
now be thrown by the other CodeQL Action steps if they load a
configuration file that was generated by a different version of the
<code>codeql-action/init</code> step. <a
href="https://redirect.github.com/github/codeql-action/pull/3099">#3099</a>
and <a
href="https://redirect.github.com/github/codeql-action/pull/3100">#3100</a></li>
<li>We added support for reducing the size of dependency caches for Java
analyses, which will reduce cache usage and speed up workflows. This
will be enabled automatically at a later time. <a
href="https://redirect.github.com/github/codeql-action/pull/3107">#3107</a></li>
<li>You can now run the latest CodeQL nightly bundle by passing
<code>tools: nightly</code> to the <code>init</code> action. In general,
the nightly bundle is unstable and we only recommend running it when
directed by GitHub staff. <a
href="https://redirect.github.com/github/codeql-action/pull/3130">#3130</a></li>
<li>Update default CodeQL bundle version to 2.23.1. <a
href="https://redirect.github.com/github/codeql-action/pull/3118">#3118</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.30.4/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.30.3</h2>
<h1>CodeQL Action Changelog</h1>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h2>3.29.4 - 23 Jul 2025</h2>
<p>No user facing changes.</p>
<h2>3.29.3 - 21 Jul 2025</h2>
<p>No user facing changes.</p>
<h2>3.29.2 - 30 Jun 2025</h2>
<ul>
<li>Experimental: When the <code>quality-queries</code> input for the
<code>init</code> action is provided with an argument, separate
<code>.quality.sarif</code> files are produced and uploaded for each
language with the results of the specified queries. Do not use this in
production as it is part of an internal experiment and subject to change
at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/2935">#2935</a></li>
</ul>
<h2>3.29.1 - 27 Jun 2025</h2>
<ul>
<li>Fix bug in PR analysis where user-provided <code>include</code>
query filter fails to exclude non-included queries. <a
href="https://redirect.github.com/github/codeql-action/pull/2938">#2938</a></li>
<li>Update default CodeQL bundle version to 2.22.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2950">#2950</a></li>
</ul>
<h2>3.29.0 - 11 Jun 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.22.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li>
<li>Bump minimum CodeQL bundle version to 2.16.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li>
</ul>
<h2>3.28.21 - 28 July 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.20 - 21 July 2025</h2>
<ul>
<li>Remove support for combining SARIF files from a single upload for
GHES 3.18, see <a
href="https://github.blog/changelog/2024-05-06-code-scanning-will-stop-combining-runs-from-a-single-upload/">the
changelog post</a>. <a
href="https://redirect.github.com/github/codeql-action/pull/2959">#2959</a></li>
</ul>
<h2>3.28.19 - 03 Jun 2025</h2>
<ul>
<li>The CodeQL Action no longer includes its own copy of the extractor
for the <code>actions</code> language, which is currently in public
preview.
The <code>actions</code> extractor has been included in the CodeQL CLI
since v2.20.6. If your workflow has enabled the <code>actions</code>
language <em>and</em> you have pinned
your <code>tools:</code> property to a specific version of the CodeQL
CLI earlier than v2.20.6, you will need to update to at least CodeQL
v2.20.6 or disable
<code>actions</code> analysis.</li>
<li>Update default CodeQL bundle version to 2.21.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2910">#2910</a></li>
</ul>
<h2>3.28.18 - 16 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2893">#2893</a></li>
<li>Skip validating SARIF produced by CodeQL for improved performance.
<a
href="https://redirect.github.com/github/codeql-action/pull/2894">#2894</a></li>
<li>The number of threads and amount of RAM used by CodeQL can now be
set via the <code>CODEQL_THREADS</code> and <code>CODEQL_RAM</code>
runner environment variables. If set, these environment variables
override the <code>threads</code> and <code>ram</code> inputs
respectively. <a
href="https://redirect.github.com/github/codeql-action/pull/2891">#2891</a></li>
</ul>
<h2>3.28.17 - 02 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2872">#2872</a></li>
</ul>
<h2>3.28.16 - 23 Apr 2025</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f443b600d9"><code>f443b60</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3198">#3198</a>
from github/update-v4.30.8-527f0f324</li>
<li><a
href="7a2cb623ed"><code>7a2cb62</code></a>
Update changelog for v4.30.8</li>
<li><a
href="527f0f324a"><code>527f0f3</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3195">#3195</a>
from github/dependabot/npm_and_yarn/npm-minor-37415c...</li>
<li><a
href="f402506f0f"><code>f402506</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3196">#3196</a>
from github/dependabot/github_actions/dot-github/wor...</li>
<li><a
href="f5e53f9476"><code>f5e53f9</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3197">#3197</a>
from github/dependabot/github_actions/dot-github/wor...</li>
<li><a
href="4e90a42a3e"><code>4e90a42</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3193">#3193</a>
from github/mbg/ff/tools-toolcache</li>
<li><a
href="413a4a4df1"><code>413a4a4</code></a>
Rebuild</li>
<li><a
href="452186448a"><code>4521864</code></a>
Bump github/codeql-action from 3 to 4 in /.github/workflows</li>
<li><a
href="eadf14bf6e"><code>eadf14b</code></a>
Bump ruby/setup-ruby</li>
<li><a
href="e1257b6fda"><code>e1257b6</code></a>
Rebuild</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/v3...v4">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Don't allow tabs with active Wave AI sessions to get closed when we
close the last block. Have Cmd-W close Wave AI if it is focused (rather
than a random node). Also fixes some lurking bugs with the pinned tab
functionality (and adds some nice visual feedback when we try to close a
pinned tab).
- [x] Explore repository structure and understand existing tools pattern
- [x] Create tools_readdir.go file with read_dir tool implementation
- [x] Add GetReadDirToolDefinition() function following the pattern of
read_text_file
- [x] Register the new tool in tools.go GenerateTabStateAndTools
function
- [x] Create comprehensive tests in tools_readdir_test.go
- [x] Test the implementation manually with various scenarios
- [x] Run Go tests to ensure no regressions
- [x] Run security check with CodeQL - No vulnerabilities found
- [x] Revert unintended changes to tsunami demo go.mod and go.sum files
- [x] Fix sorting to happen before truncation and preserve real total
count
## Summary
Successfully implemented a new `read_dir` AI tool that reads and lists
directory contents, following the same pattern as the existing
`read_text_file` tool.
**Key Features:**
- Supports path expansion (including ~)
- Sorts directories first, then files (sorting happens BEFORE
truncation)
- Truncates output to prevent overwhelming responses (default 1000
entries)
- Preserves the real total count even when truncated
- Requires user approval for security
- Provides detailed file/directory information (name, type, size,
permissions, modification time)
- Returns both structured data and formatted listing
**Files Changed:**
- `pkg/aiusechat/tools_readdir.go` - Main implementation (189 lines)
- `pkg/aiusechat/tools_readdir_test.go` - Comprehensive tests (211
lines)
- `pkg/aiusechat/tools.go` - Tool registration (1 line)
**Testing:**
- ✅ All 6 unit tests passing (including new test for
sort-before-truncate)
- ✅ Manual testing with real directories successful
- ✅ CodeQL security scan passed with no vulnerabilities
- ✅ Go build and vet successful
<!-- START COPILOT CODING AGENT SUFFIX -->
<details>
<summary>Original prompt</summary>
> Right now we have AI tools in go at pkg/aichat ... see tools.go,
tools_readfile.go. i'd like to add a new tool to read directories in the
style of readfile.
</details>
<!-- START COPILOT CODING AGENT TIPS -->
---
💡 You can make Copilot smarter by setting up custom instructions,
customizing its development environment and configuring Model Context
Protocol (MCP) servers. Learn more [Copilot coding agent
tips](https://gh.io/copilot-coding-agent-tips) in the docs.
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: sawka <2722291+sawka@users.noreply.github.com>
Co-authored-by: sawka <mike@commandline.dev>
### What This Does
Adds a new `wsh blocks list` subcommand that lists all blocks in all or
specified workspace, window, or tab. Includes filtering options and JSON
output for automation.
### Motivation
Wave users had no simple way to programmatically discover block IDs for
scripting and automation. This feature:
- Enables workflows like syncing Preview widgets with `cd` changes.
- Simplifies debugging and introspection.
- Provides a foundation for future CLI enhancements (focus/close
blocks).
### Usage
```wsh blocks [list|ls|get] [--workspace=<workspace-id>] [--window=<window-id>] [--tab=<tab-id>] [--view=<view-type>] [--json]```
Where `<view-type>` can be one of: term, terminal, shell, console, web, browser, url, preview, edit, sysinfo, sys, system, waveai, ai, or assistant.
### Notes
- Fully backward compatible.
- Code follows existing CLI patterns.
Bumps
[github.com/sashabaranov/go-openai](https://github.com/sashabaranov/go-openai)
from 1.41.1 to 1.41.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sashabaranov/go-openai/releases">github.com/sashabaranov/go-openai's
releases</a>.</em></p>
<blockquote>
<h2>v1.41.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Add Verbosity parameter to Chat Completion Request by <a
href="https://github.com/azdaev"><code>@azdaev</code></a> in <a
href="https://redirect.github.com/sashabaranov/go-openai/pull/1064">sashabaranov/go-openai#1064</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/azdaev"><code>@azdaev</code></a> made
their first contribution in <a
href="https://redirect.github.com/sashabaranov/go-openai/pull/1064">sashabaranov/go-openai#1064</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sashabaranov/go-openai/compare/v1.41.1...v1.41.2">https://github.com/sashabaranov/go-openai/compare/v1.41.1...v1.41.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="8e5611cc5e"><code>8e5611c</code></a>
Add Verbosity parameter to Chat Completion Request (<a
href="https://redirect.github.com/sashabaranov/go-openai/issues/1064">#1064</a>)</li>
<li>See full diff in <a
href="https://github.com/sashabaranov/go-openai/compare/v1.41.1...v1.41.2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the electron-patch group with 1 update:
[electron-vite](https://github.com/alex8088/electron-vite).
Updates `electron-vite` from 4.0.0 to 4.0.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/alex8088/electron-vite/releases">electron-vite's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.1</h2>
<p>Please refer to <a
href="https://github.com/alex8088/electron-vite/blob/v4.0.1/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/alex8088/electron-vite/blob/master/CHANGELOG.md">electron-vite's
changelog</a>.</em></p>
<blockquote>
<h3>v4.0.1 (<em>2025-09-21</em>)</h3>
<ul>
<li>perf: build compatibility target for Electron 38</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ad50cba495"><code>ad50cba</code></a>
release: 4.0.1</li>
<li><a
href="b55eb725c4"><code>b55eb72</code></a>
perf: build compatibility target for Electron 38</li>
<li>See full diff in <a
href="https://github.com/alex8088/electron-vite/compare/v4.0.0...v4.0.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Mike Sawka