Fix for https://github.com/wavetermdev/waveterm/issues/2385 for Wave AI.
Also update privacy information to say we send the chats to OpenAI for
processing.
Also modify the system prompt to say that file editing + command execution is coming soon.
The Preview block's CodeEditPreview component was not passing file
information to Monaco editor, preventing automatic language detection
from file extensions.
Changes:
- Add fileName prop to CodeEditor component
- Pass actual file path to Monaco with fallback to random UUID
Fixes syntax highlighting for all text files opened in Preview blocks
while maintaining backward compatibility with existing CodeEditor usage.
---------
Co-authored-by: sawka
[//]: # (dependabot-start)
⚠️ **Dependabot is rebasing this PR** ⚠️
Rebasing might not happen immediately, so don't worry if this takes some
time.
Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.
---
[//]: # (dependabot-end)
Bumps the prod-dependencies-patch group with 2 updates:
[@ai-sdk/react](https://github.com/vercel/ai) and
[ai](https://github.com/vercel/ai).
Updates `@ai-sdk/react` from 2.0.68 to 2.0.76
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vercel/ai/releases"><code>@ai-sdk/react</code>'s
releases</a>.</em></p>
<blockquote>
<h2><code>@ai-sdk/react</code><a
href="https://github.com/2"><code>@2</code></a>.0.76</h2>
<h3>Patch Changes</h3>
<ul>
<li>Updated dependencies [87b03d5]
<ul>
<li>ai@5.0.76</li>
</ul>
</li>
</ul>
<h2><code>@ai-sdk/react</code><a
href="https://github.com/2"><code>@2</code></a>.0.75</h2>
<h3>Patch Changes</h3>
<ul>
<li>ai@5.0.75</li>
</ul>
<h2><code>@ai-sdk/react</code><a
href="https://github.com/2"><code>@2</code></a>.0.74</h2>
<h3>Patch Changes</h3>
<ul>
<li>ai@5.0.74</li>
</ul>
<h2><code>@ai-sdk/react</code><a
href="https://github.com/2"><code>@2</code></a>.0.73</h2>
<h3>Patch Changes</h3>
<ul>
<li>Updated dependencies [734c4c3]
<ul>
<li>ai@5.0.73</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="716c41cee8"><code>716c41c</code></a>
Version Packages (<a
href="https://redirect.github.com/vercel/ai/issues/9602">#9602</a>)</li>
<li><a
href="87b03d5abe"><code>87b03d5</code></a>
Backport: feat(ui): add isDataUIPart helper (<a
href="https://redirect.github.com/vercel/ai/issues/9598">#9598</a>)</li>
<li><a
href="58d701fc59"><code>58d701f</code></a>
Backport: docs: fix openai provider section of migration guide (<a
href="https://redirect.github.com/vercel/ai/issues/9592">#9592</a>)</li>
<li><a
href="7a6b5497bf"><code>7a6b549</code></a>
Version Packages (<a
href="https://redirect.github.com/vercel/ai/issues/9587">#9587</a>)</li>
<li><a
href="76678cdabc"><code>76678cd</code></a>
Backport: fix(gateway): trigger release (<a
href="https://redirect.github.com/vercel/ai/issues/9585">#9585</a>)</li>
<li><a
href="f45b3738f6"><code>f45b373</code></a>
Backport: fix(gateway): bump <code>@vercel/oidc</code> to latest (<a
href="https://redirect.github.com/vercel/ai/issues/9583">#9583</a>)</li>
<li><a
href="ef11cd5fd4"><code>ef11cd5</code></a>
Version Packages (<a
href="https://redirect.github.com/vercel/ai/issues/9575">#9575</a>)</li>
<li><a
href="11a886793f"><code>11a8867</code></a>
Backport: feat (provider/gateway): improve auth error messages (<a
href="https://redirect.github.com/vercel/ai/issues/9573">#9573</a>)</li>
<li><a
href="099ed347f1"><code>099ed34</code></a>
Backport: docs(tools): update multi-modal tool results providers and
example ...</li>
<li><a
href="951ad41832"><code>951ad41</code></a>
Version Packages (<a
href="https://redirect.github.com/vercel/ai/issues/9567">#9567</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/vercel/ai/compare/@ai-sdk/react@2.0.68...@ai-sdk/react@2.0.76">compare
view</a></li>
</ul>
</details>
<br />
Updates `ai` from 5.0.68 to 5.0.76
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/vercel/ai/releases">ai's
releases</a>.</em></p>
<blockquote>
<h2>ai@5.0.76</h2>
<h3>Patch Changes</h3>
<ul>
<li>87b03d5: feat(ui): add isDataUIPart helper</li>
</ul>
<h2>ai@5.0.75</h2>
<h3>Patch Changes</h3>
<ul>
<li>Updated dependencies [76678cd]
<ul>
<li><code>@ai-sdk/gateway</code><a
href="https://github.com/2"><code>@2</code></a>.0.0</li>
</ul>
</li>
</ul>
<h2>ai@5.0.74</h2>
<h3>Patch Changes</h3>
<ul>
<li>Updated dependencies [11a8867]
<ul>
<li><code>@ai-sdk/gateway</code><a
href="https://github.com/1"><code>@1</code></a>.0.41</li>
</ul>
</li>
</ul>
<h2>ai@5.0.73</h2>
<h3>Patch Changes</h3>
<ul>
<li>734c4c3: fix(ai): add missing export for
<code>LoadSettingError</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="716c41cee8"><code>716c41c</code></a>
Version Packages (<a
href="https://redirect.github.com/vercel/ai/issues/9602">#9602</a>)</li>
<li><a
href="87b03d5abe"><code>87b03d5</code></a>
Backport: feat(ui): add isDataUIPart helper (<a
href="https://redirect.github.com/vercel/ai/issues/9598">#9598</a>)</li>
<li><a
href="58d701fc59"><code>58d701f</code></a>
Backport: docs: fix openai provider section of migration guide (<a
href="https://redirect.github.com/vercel/ai/issues/9592">#9592</a>)</li>
<li><a
href="7a6b5497bf"><code>7a6b549</code></a>
Version Packages (<a
href="https://redirect.github.com/vercel/ai/issues/9587">#9587</a>)</li>
<li><a
href="76678cdabc"><code>76678cd</code></a>
Backport: fix(gateway): trigger release (<a
href="https://redirect.github.com/vercel/ai/issues/9585">#9585</a>)</li>
<li><a
href="f45b3738f6"><code>f45b373</code></a>
Backport: fix(gateway): bump <code>@vercel/oidc</code> to latest (<a
href="https://redirect.github.com/vercel/ai/issues/9583">#9583</a>)</li>
<li><a
href="ef11cd5fd4"><code>ef11cd5</code></a>
Version Packages (<a
href="https://redirect.github.com/vercel/ai/issues/9575">#9575</a>)</li>
<li><a
href="11a886793f"><code>11a8867</code></a>
Backport: feat (provider/gateway): improve auth error messages (<a
href="https://redirect.github.com/vercel/ai/issues/9573">#9573</a>)</li>
<li><a
href="099ed347f1"><code>099ed34</code></a>
Backport: docs(tools): update multi-modal tool results providers and
example ...</li>
<li><a
href="951ad41832"><code>951ad41</code></a>
Version Packages (<a
href="https://redirect.github.com/vercel/ai/issues/9567">#9567</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/vercel/ai/compare/ai@5.0.68...ai@5.0.76">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the dev-dependencies-patch group with 3 updates:
[@rollup/plugin-node-resolve](https://github.com/rollup/plugins/tree/HEAD/packages/node-resolve),
[typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint)
and
[vite-plugin-static-copy](https://github.com/sapphi-red/vite-plugin-static-copy).
Updates `@rollup/plugin-node-resolve` from 16.0.2 to 16.0.3
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/rollup/plugins/blob/master/packages/node-resolve/CHANGELOG.md"><code>@rollup/plugin-node-resolve</code>'s
changelog</a>.</em></p>
<blockquote>
<h2>v16.0.3</h2>
<p><em>2025-10-13</em></p>
<h3>Bugfixes</h3>
<ul>
<li>fix: resolve bare targets of package "imports" using
export maps; avoid fileURLToPath(null) (<a
href="https://github.com/rollup/plugins/tree/HEAD/packages/node-resolve/issues/1908">#1908</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="764910a09d"><code>764910a</code></a>
chore(release): node-resolve v16.0.3</li>
<li><a
href="35697207a4"><code>3569720</code></a>
fix(node-resolve): resolve bare targets of package "imports"
using export map...</li>
<li>See full diff in <a
href="https://github.com/rollup/plugins/commits/node-resolve-v16.0.3/packages/node-resolve">compare
view</a></li>
</ul>
</details>
<br />
Updates `typescript-eslint` from 8.46.0 to 8.46.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/releases">typescript-eslint's
releases</a>.</em></p>
<blockquote>
<h2>v8.46.1</h2>
<h2>8.46.1 (2025-10-13)</h2>
<h3>🩹 Fixes</h3>
<ul>
<li><strong>ast-spec:</strong> cleanup <code>TSLiteralType</code> (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11624">#11624</a>)</li>
<li><strong>eslint-plugin:</strong> [prefer-optional-chain] include
mixed "nullish comparison style" chains in checks (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11533">#11533</a>)</li>
<li><strong>eslint-plugin:</strong> [no-misused-promises] special-case
<code>.finally</code> not to report when a promise returning function is
provided as an argument (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11667">#11667</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>Abraham Guo</li>
<li>mdm317</li>
<li>Ronen Amiel</li>
</ul>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md">typescript-eslint's
changelog</a>.</em></p>
<blockquote>
<h2>8.46.1 (2025-10-13)</h2>
<p>This was a version bump only for typescript-eslint to align it with
other projects, there were no code changes.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3f5fbf698e"><code>3f5fbf6</code></a>
chore(release): publish 8.46.1</li>
<li>See full diff in <a
href="https://github.com/typescript-eslint/typescript-eslint/commits/v8.46.1/packages/typescript-eslint">compare
view</a></li>
</ul>
</details>
<br />
Updates `vite-plugin-static-copy` from 3.1.3 to 3.1.4
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sapphi-red/vite-plugin-static-copy/releases">vite-plugin-static-copy's
releases</a>.</em></p>
<blockquote>
<h2>vite-plugin-static-copy@3.1.4</h2>
<h3>Patch Changes</h3>
<ul>
<li><a
href="https://redirect.github.com/sapphi-red/vite-plugin-static-copy/pull/204">#204</a>
<a
href="d0b5370352"><code>d0b5370</code></a>
Thanks <a
href="https://github.com/stianjensen"><code>@stianjensen</code></a>! -
Removed <code>fs-extra</code> dependency in favor of
<code>node:fs</code>. This should not affect the behavior.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/sapphi-red/vite-plugin-static-copy/blob/main/CHANGELOG.md">vite-plugin-static-copy's
changelog</a>.</em></p>
<blockquote>
<h2>3.1.4</h2>
<h3>Patch Changes</h3>
<ul>
<li><a
href="https://redirect.github.com/sapphi-red/vite-plugin-static-copy/pull/204">#204</a>
<a
href="d0b5370352"><code>d0b5370</code></a>
Thanks <a
href="https://github.com/stianjensen"><code>@stianjensen</code></a>! -
Removed <code>fs-extra</code> dependency in favor of
<code>node:fs</code>. This should not affect the behavior.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a7e8639783"><code>a7e8639</code></a>
chore: update versions (<a
href="https://redirect.github.com/sapphi-red/vite-plugin-static-copy/issues/206">#206</a>)</li>
<li><a
href="d0b5370352"><code>d0b5370</code></a>
refactor: replace <code>fs-extra</code> with <code>node:fs</code> (<a
href="https://redirect.github.com/sapphi-red/vite-plugin-static-copy/issues/204">#204</a>)</li>
<li>See full diff in <a
href="https://github.com/sapphi-red/vite-plugin-static-copy/compare/vite-plugin-static-copy@3.1.3...vite-plugin-static-copy@3.1.4">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2)
from 1.31.8 to 1.31.13.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b9b0c6553b"><code>b9b0c65</code></a>
Release 2025-10-16</li>
<li><a
href="e2bc8a0ec6"><code>e2bc8a0</code></a>
Regenerated Clients</li>
<li><a
href="8691ee380a"><code>8691ee3</code></a>
Update API model</li>
<li><a
href="51e8a3fe03"><code>51e8a3f</code></a>
bump to go1.23 (<a
href="https://redirect.github.com/aws/aws-sdk-go-v2/issues/3211">#3211</a>)</li>
<li><a
href="ad2d36cba7"><code>ad2d36c</code></a>
Release 2025-10-15</li>
<li><a
href="19a35d639f"><code>19a35d6</code></a>
Regenerated Clients</li>
<li><a
href="35cb02fd50"><code>35cb02f</code></a>
Update endpoints model</li>
<li><a
href="f673a1b0a8"><code>f673a1b</code></a>
Update API model</li>
<li><a
href="48421fd812"><code>48421fd</code></a>
Release 2025-10-14</li>
<li><a
href="fedcba778c"><code>fedcba7</code></a>
Regenerated Clients</li>
<li>Additional commits viewable in <a
href="https://github.com/aws/aws-sdk-go-v2/compare/config/v1.31.8...config/v1.31.13">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This PR adds support for mobile user agent emulation in web widgets,
enabling developers to test mobile-responsive websites directly within
WaveTerm.
## Changes
### New Meta Key: `web:useragenttype`
Added a new metadata key that accepts the following values:
- `"default"` (or `null`) - Uses the standard browser user agent
- `"mobile:iphone"` - Emulates iPhone Safari (iOS 17.0)
- `"mobile:android"` - Emulates Android Chrome (Android 13)
### User Interface
**Settings Menu**: Added a "User Agent Type" submenu to web widget
settings (accessible via right-click → Settings) with radio button
options for Default, Mobile: iPhone, and Mobile: Android.
**Visual Indicator**: When a mobile user agent is active, a mobile
device icon appears in the widget's header toolbar with an appropriate
tooltip indicating the current emulation mode.
### Implementation Details
The implementation leverages Electron's webview `useragent` attribute to
override the default user agent string. The setting is persisted in the
block's metadata and automatically applied when the webview is rendered.
User agent strings used:
- **iPhone**: `Mozilla/5.0 (iPhone; CPU iPhone OS 17_0 like Mac OS X)
AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Mobile/15E148
Safari/604.1`
- **Android**: `Mozilla/5.0 (Linux; Android 13) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/120.0.6099.43 Mobile Safari/537.36`
## Use Cases
This feature is particularly useful for:
- Testing mobile-responsive web designs
- Debugging mobile-specific website behaviors
- Viewing mobile versions of websites without needing physical devices
- Web development workflows that require testing across different user
agents
## Files Changed
- `pkg/waveobj/wtypemeta.go` - Added `WebUserAgentType` field to
metadata type
- `frontend/types/gotypes.d.ts` - Generated TypeScript types for the new
meta key
- `frontend/app/view/webview/webview.tsx` - Implemented user agent
selection UI and webview configuration
- `pkg/waveobj/metaconsts.go` - Generated Go constants for the new meta
key
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: sawka <2722291+sawka@users.noreply.github.com>
## Overview
This PR implements OSC 7 (current working directory reporting) support
for Fish shell and PowerShell, completing the shell integration coverage
alongside the existing Bash and Zsh implementations added in #2444.
## What is OSC 7?
OSC 7 is an operating system command that allows shells to automatically
report their current working directory to the terminal emulator using
the format:
```
ESC]7;file://hostname/path BEL
```
This enables the terminal to track the current directory without manual
commands, providing better context for AI features and ensuring accurate
path information.
## Implementation Details
### Fish Shell (`fish_wavefish.sh`)
Added shell integration functions using Fish-native features:
- `_waveterm_si_blocked()` - Prevents OSC 7 in tmux/screen environments
using `set -q` and `string match -q`
- `_waveterm_si_osc7()` - Sends the OSC 7 sequence with built-in URL
encoding
- Uses `string escape --style=url` for UTF-8 percent-encoding
- Hooked to `fish_prompt` event and `PWD` variable changes for automatic
updates
**Key Features:**
- Fish-native checks (`set -q`, `string match`) instead of non-portable
`test -o`
- Built-in `string escape --style=url` for proper UTF-8 percent-encoding
- Simple, portable, and maintainable (32 lines total)
### PowerShell (`pwsh_wavepwsh.sh`)
Added simplified shell integration that leverages frontend
normalization:
- `_waveterm_si_blocked()` - Prevents OSC 7 in tmux/screen environments
- `_waveterm_si_osc7()` - Sends OSC 7 with raw path encoding
- Uses `[System.Uri]::EscapeDataString()` for proper percent-encoding
- Integrated into the prompt function while preserving existing prompts
**Key Features:**
- **No path rewriting**: Sends raw paths (e.g., `C:\Users\Name` →
`C%3A%5CUsers%5CName`)
- **UNC support**: Network paths like `\\server\share` encoded as
`%5C%5Cserver%5Cshare`
- **Hostname fallback**: `$env:COMPUTERNAME` → `$env:HOSTNAME` → empty
(produces `file:///path`)
- **No DNS lookup**: Avoids potentially slow DNS calls
- Simple and efficient (53 lines total)
## Implementation Benefits
Both implementations use native, built-in features for maximum
compatibility and maintainability:
**Fish:**
- ✅ Replaced `test -o` with fish-native `set -q` and `string match -q`
for better portability
- ✅ Replaced manual string replacements with `string escape --style=url`
for proper UTF-8 support
- ✅ Removed custom URL encoding function (19 lines removed)
**PowerShell:**
- ✅ Uses built-in `[System.Uri]::EscapeDataString()` for proper
percent-encoding
- ✅ No path rewriting - frontend handles normalization via
`decodeURIComponent()` and backslash conversion
- ✅ Proper UNC path support without special-casing
- ✅ Removed DNS lookup to avoid slow operations
- ✅ Removed custom URL encoding function
## Testing
All implementations were tested for:
- ✅ URL encoding of special characters (spaces, #, ?, &, ;, +, %)
- ✅ Correct OSC 7 format generation
- ✅ Fish-native checks work correctly (TMUX, STY, TERM patterns)
- ✅ Raw path encoding (PowerShell - no rewriting)
- ✅ UNC path support (PowerShell)
- ✅ Unix path handling
- ✅ Go package compilation
- ✅ No security issues (CodeQL)
## Path Handling Examples
**Fish:**
- `/home/user` → `/home/user`
- `/path with spaces` → `/path%20with%20spaces`
- `/file#hash` → `/file%23hash`
**PowerShell:**
- Windows: `C:\Users\Name` → `file://HOST/C%3A%5CUsers%5CName`
- UNC: `\\server\share\folder` →
`file://HOST/%5C%5Cserver%5Cshare%5Cfolder`
- Empty hostname: produces `file:///path` format
## Files Changed
- `pkg/util/shellutil/shellintegration/fish_wavefish.sh` (+22 lines, -18
lines = net +4 lines, but 19 lines of custom code removed)
- `pkg/util/shellutil/shellintegration/pwsh_wavepwsh.sh` (+26 lines, -51
lines = net -25 lines)
Total: 38 fewer lines of code with better functionality and
maintainability.
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: sawka <2722291+sawka@users.noreply.github.com>
* add automatic OSC 7 support to bash and zsh
* add new wave OSC 16162 (planck length) to get up-to-date shell
information into blockrtinfo. currently implemented only for zsh. bash
will not support as rich of data as zsh, but we'll be able to do some.
* new rtinfo will be used to provide better context for AI in the
future, and to make sure AI is running safe commands.
* added a small local machine description to tab context (so AI knows
we're running on MacOS, Linux, or Windows)
Documentation Updates (removing AI Widget Information / deprecation)
Hover effect on tool calls shows which widget is effected
Remove AI Widget from sidebar unless there is customized presets
Backend now provides blockid (if available) to frontend for tool calls
We now show all Read File/Dir calls together and batch approve them
(backend change to emit them all at once, and FE change to display them
as a batch)
JS chunking for monaco, mermaid, and shiki, etc. shiki is huge, almost
10M but can't be easily split out of Streamdown. Tried making it load
async, but w/ Streamdown we can't do that easily. Trying to split the JS
up because of a build error we were running into in build-helper.
Bumps [golang.org/x/mod](https://github.com/golang/mod) from 0.28.0 to
0.29.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="bba3e065a6"><code>bba3e06</code></a>
go.mod: update golang.org/x dependencies</li>
<li>See full diff in <a
href="https://github.com/golang/mod/compare/v0.28.0...v0.29.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the prod-dependencies-patch group with 3 updates:
[@ai-sdk/react](https://github.com/vercel/ai),
[ai](https://github.com/vercel/ai) and
[remark-flexible-toc](https://github.com/ipikuka/remark-flexible-toc).
Updates `@ai-sdk/react` from 2.0.44 to 2.0.68
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vercel/ai/releases"><code>@ai-sdk/react</code>'s
releases</a>.</em></p>
<blockquote>
<h2><code>@ai-sdk/react</code><a
href="https://github.com/2"><code>@2</code></a>.0.68</h2>
<h3>Patch Changes</h3>
<ul>
<li>Updated dependencies [17f9872]
<ul>
<li><code>@ai-sdk/provider-utils</code><a
href="https://github.com/3"><code>@3</code></a>.0.12</li>
<li>ai@5.0.68</li>
</ul>
</li>
</ul>
<h2><code>@ai-sdk/react</code><a
href="https://github.com/2"><code>@2</code></a>.0.67</h2>
<h3>Patch Changes</h3>
<ul>
<li>ai@5.0.67</li>
</ul>
<h2><code>@ai-sdk/react</code><a
href="https://github.com/2"><code>@2</code></a>.0.66</h2>
<h3>Patch Changes</h3>
<ul>
<li>ai@5.0.66</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4ed354c09a"><code>4ed354c</code></a>
Version Packages (<a
href="https://redirect.github.com/vercel/ai/issues/9376">#9376</a>)</li>
<li><a
href="17f9872c2e"><code>17f9872</code></a>
[v5] fix: revert zod import change (<a
href="https://redirect.github.com/vercel/ai/issues/9375">#9375</a>)</li>
<li><a
href="388a5b4256"><code>388a5b4</code></a>
Version Packages (<a
href="https://redirect.github.com/vercel/ai/issues/9374">#9374</a>)</li>
<li><a
href="227ca9412c"><code>227ca94</code></a>
[v5] fix: revert zod import change (<a
href="https://redirect.github.com/vercel/ai/issues/9349">#9349</a>)</li>
<li><a
href="13be349068"><code>13be349</code></a>
Backport: chore(provider/openai): update webSearch tool example and
tests (<a
href="https://redirect.github.com/vercel/ai/issues/9">#9</a>...</li>
<li><a
href="f8a8db51df"><code>f8a8db5</code></a>
Backport: docs: add v4 to v5 data migration guide (<a
href="https://redirect.github.com/vercel/ai/issues/9366">#9366</a>)</li>
<li><a
href="16201ceaa2"><code>16201ce</code></a>
Version Packages (<a
href="https://redirect.github.com/vercel/ai/issues/9367">#9367</a>)</li>
<li><a
href="99e2a2a89a"><code>99e2a2a</code></a>
Backport: feat(provider/openai): support file and image tool results (<a
href="https://redirect.github.com/vercel/ai/issues/9363">#9363</a>)</li>
<li><a
href="ec5a0a08a3"><code>ec5a0a0</code></a>
Backport: chore(provider/gateway): lazy schema loading (<a
href="https://redirect.github.com/vercel/ai/issues/9361">#9361</a>)</li>
<li><a
href="e5a9363830"><code>e5a9363</code></a>
Version Packages (<a
href="https://redirect.github.com/vercel/ai/issues/9356">#9356</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/vercel/ai/compare/@ai-sdk/react@2.0.44...@ai-sdk/react@2.0.68">compare
view</a></li>
</ul>
</details>
<br />
Updates `ai` from 5.0.44 to 5.0.68
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/vercel/ai/releases">ai's
releases</a>.</em></p>
<blockquote>
<h2>ai@5.0.68</h2>
<h3>Patch Changes</h3>
<ul>
<li>Updated dependencies [17f9872]
<ul>
<li><code>@ai-sdk/provider-utils</code><a
href="https://github.com/3"><code>@3</code></a>.0.12</li>
<li><code>@ai-sdk/gateway</code><a
href="https://github.com/1"><code>@1</code></a>.0.39</li>
</ul>
</li>
</ul>
<h2>ai@5.0.67</h2>
<h3>Patch Changes</h3>
<ul>
<li>Updated dependencies [227ca94]
<ul>
<li><code>@ai-sdk/gateway</code><a
href="https://github.com/1"><code>@1</code></a>.0.38</li>
</ul>
</li>
</ul>
<h2>ai@5.0.66</h2>
<h3>Patch Changes</h3>
<ul>
<li>Updated dependencies [ec5a0a0]
<ul>
<li><code>@ai-sdk/gateway</code><a
href="https://github.com/1"><code>@1</code></a>.0.37</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4ed354c09a"><code>4ed354c</code></a>
Version Packages (<a
href="https://redirect.github.com/vercel/ai/issues/9376">#9376</a>)</li>
<li><a
href="17f9872c2e"><code>17f9872</code></a>
[v5] fix: revert zod import change (<a
href="https://redirect.github.com/vercel/ai/issues/9375">#9375</a>)</li>
<li><a
href="388a5b4256"><code>388a5b4</code></a>
Version Packages (<a
href="https://redirect.github.com/vercel/ai/issues/9374">#9374</a>)</li>
<li><a
href="227ca9412c"><code>227ca94</code></a>
[v5] fix: revert zod import change (<a
href="https://redirect.github.com/vercel/ai/issues/9349">#9349</a>)</li>
<li><a
href="13be349068"><code>13be349</code></a>
Backport: chore(provider/openai): update webSearch tool example and
tests (<a
href="https://redirect.github.com/vercel/ai/issues/9">#9</a>...</li>
<li><a
href="f8a8db51df"><code>f8a8db5</code></a>
Backport: docs: add v4 to v5 data migration guide (<a
href="https://redirect.github.com/vercel/ai/issues/9366">#9366</a>)</li>
<li><a
href="16201ceaa2"><code>16201ce</code></a>
Version Packages (<a
href="https://redirect.github.com/vercel/ai/issues/9367">#9367</a>)</li>
<li><a
href="99e2a2a89a"><code>99e2a2a</code></a>
Backport: feat(provider/openai): support file and image tool results (<a
href="https://redirect.github.com/vercel/ai/issues/9363">#9363</a>)</li>
<li><a
href="ec5a0a08a3"><code>ec5a0a0</code></a>
Backport: chore(provider/gateway): lazy schema loading (<a
href="https://redirect.github.com/vercel/ai/issues/9361">#9361</a>)</li>
<li><a
href="e5a9363830"><code>e5a9363</code></a>
Version Packages (<a
href="https://redirect.github.com/vercel/ai/issues/9356">#9356</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/vercel/ai/compare/ai@5.0.44...ai@5.0.68">compare
view</a></li>
</ul>
</details>
<br />
Updates `remark-flexible-toc` from 1.2.1 to 1.2.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/ipikuka/remark-flexible-toc/releases">remark-flexible-toc's
releases</a>.</em></p>
<blockquote>
<h2>v1.2.3</h2>
<p>The changes made by <a
href="https://github.com/talatkuyuk"><code>@talatkuyuk</code></a>:</p>
<ul>
<li>Some typo corrections in the <code>README.md</code></li>
<li>Update devDependencies</li>
</ul>
<h2>v1.2.2</h2>
<p>The changes made by <a
href="https://github.com/talatkuyuk"><code>@talatkuyuk</code></a>:</p>
<ul>
<li>Add two examples in the usage section for two different ways for
getting TOC in the <code>README.md</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="975dc61973"><code>975dc61</code></a>
v1.2.3</li>
<li><a
href="7c163b2e56"><code>7c163b2</code></a>
Update devDependencies</li>
<li><a
href="99def91991"><code>99def91</code></a>
Chore: small corrections in README.md</li>
<li><a
href="b5c86d8b3a"><code>b5c86d8</code></a>
v1.2.2</li>
<li><a
href="fe1bb2ef8d"><code>fe1bb2e</code></a>
Add two examples in the usage section for two different ways for getting
TOC</li>
<li><a
href="aeb05c1732"><code>aeb05c1</code></a>
Chore: typing corrections in the README.md</li>
<li>See full diff in <a
href="https://github.com/ipikuka/remark-flexible-toc/compare/v1.2.1...v1.2.3">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from
0.42.0 to 0.43.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="627cb894b6"><code>627cb89</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="dca4914afe"><code>dca4914</code></a>
acme: fix autocert TestHTTPHandlerDefaultFallback</li>
<li><a
href="1336e21bd6"><code>1336e21</code></a>
x509roots/fallback: update bundle</li>
<li><a
href="2beaa59a3c"><code>2beaa59</code></a>
ssh: add VerifiedPublicKeyCallback</li>
<li><a
href="66c3d8ce71"><code>66c3d8c</code></a>
ssh: add support for FIPS mode</li>
<li><a
href="ddb4e80c6a"><code>ddb4e80</code></a>
ssh: remove custom contains, use slices.Contains</li>
<li><a
href="f4d47b0db5"><code>f4d47b0</code></a>
ssh: return clearer error when signature algorithm is used as key
format</li>
<li><a
href="96dc232fbd"><code>96dc232</code></a>
x509roots/fallback/bundle: add bundle package to export root certs</li>
<li><a
href="8c9ba31836"><code>8c9ba31</code></a>
all: freeze and deprecate more packages</li>
<li><a
href="559e062ce8"><code>559e062</code></a>
ssh/agent: return an error for unexpected message types</li>
<li>See full diff in <a
href="https://github.com/golang/crypto/compare/v0.42.0...v0.43.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 3 to 4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.30.7</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.30.7 - 06 Oct 2025</h2>
<p>No user facing changes.</p>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.30.7/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.30.6</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.30.6 - 02 Oct 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.23.2. <a
href="https://redirect.github.com/github/codeql-action/pull/3168">#3168</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.30.6/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.30.5</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.30.5 - 26 Sep 2025</h2>
<ul>
<li>We fixed a bug that was introduced in <code>3.30.4</code> with
<code>upload-sarif</code> which resulted in files without a
<code>.sarif</code> extension not getting uploaded. <a
href="https://redirect.github.com/github/codeql-action/pull/3160">#3160</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.30.5/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.30.4</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.30.4 - 25 Sep 2025</h2>
<ul>
<li>We have improved the CodeQL Action's ability to validate that the
workflow it is used in does not use different versions of the CodeQL
Action for different workflow steps. Mixing different versions of the
CodeQL Action in the same workflow is unsupported and can lead to
unpredictable results. A warning will now be emitted from the
<code>codeql-action/init</code> step if different versions of the CodeQL
Action are detected in the workflow file. Additionally, an error will
now be thrown by the other CodeQL Action steps if they load a
configuration file that was generated by a different version of the
<code>codeql-action/init</code> step. <a
href="https://redirect.github.com/github/codeql-action/pull/3099">#3099</a>
and <a
href="https://redirect.github.com/github/codeql-action/pull/3100">#3100</a></li>
<li>We added support for reducing the size of dependency caches for Java
analyses, which will reduce cache usage and speed up workflows. This
will be enabled automatically at a later time. <a
href="https://redirect.github.com/github/codeql-action/pull/3107">#3107</a></li>
<li>You can now run the latest CodeQL nightly bundle by passing
<code>tools: nightly</code> to the <code>init</code> action. In general,
the nightly bundle is unstable and we only recommend running it when
directed by GitHub staff. <a
href="https://redirect.github.com/github/codeql-action/pull/3130">#3130</a></li>
<li>Update default CodeQL bundle version to 2.23.1. <a
href="https://redirect.github.com/github/codeql-action/pull/3118">#3118</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.30.4/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.30.3</h2>
<h1>CodeQL Action Changelog</h1>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h2>3.29.4 - 23 Jul 2025</h2>
<p>No user facing changes.</p>
<h2>3.29.3 - 21 Jul 2025</h2>
<p>No user facing changes.</p>
<h2>3.29.2 - 30 Jun 2025</h2>
<ul>
<li>Experimental: When the <code>quality-queries</code> input for the
<code>init</code> action is provided with an argument, separate
<code>.quality.sarif</code> files are produced and uploaded for each
language with the results of the specified queries. Do not use this in
production as it is part of an internal experiment and subject to change
at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/2935">#2935</a></li>
</ul>
<h2>3.29.1 - 27 Jun 2025</h2>
<ul>
<li>Fix bug in PR analysis where user-provided <code>include</code>
query filter fails to exclude non-included queries. <a
href="https://redirect.github.com/github/codeql-action/pull/2938">#2938</a></li>
<li>Update default CodeQL bundle version to 2.22.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2950">#2950</a></li>
</ul>
<h2>3.29.0 - 11 Jun 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.22.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li>
<li>Bump minimum CodeQL bundle version to 2.16.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li>
</ul>
<h2>3.28.21 - 28 July 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.20 - 21 July 2025</h2>
<ul>
<li>Remove support for combining SARIF files from a single upload for
GHES 3.18, see <a
href="https://github.blog/changelog/2024-05-06-code-scanning-will-stop-combining-runs-from-a-single-upload/">the
changelog post</a>. <a
href="https://redirect.github.com/github/codeql-action/pull/2959">#2959</a></li>
</ul>
<h2>3.28.19 - 03 Jun 2025</h2>
<ul>
<li>The CodeQL Action no longer includes its own copy of the extractor
for the <code>actions</code> language, which is currently in public
preview.
The <code>actions</code> extractor has been included in the CodeQL CLI
since v2.20.6. If your workflow has enabled the <code>actions</code>
language <em>and</em> you have pinned
your <code>tools:</code> property to a specific version of the CodeQL
CLI earlier than v2.20.6, you will need to update to at least CodeQL
v2.20.6 or disable
<code>actions</code> analysis.</li>
<li>Update default CodeQL bundle version to 2.21.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2910">#2910</a></li>
</ul>
<h2>3.28.18 - 16 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2893">#2893</a></li>
<li>Skip validating SARIF produced by CodeQL for improved performance.
<a
href="https://redirect.github.com/github/codeql-action/pull/2894">#2894</a></li>
<li>The number of threads and amount of RAM used by CodeQL can now be
set via the <code>CODEQL_THREADS</code> and <code>CODEQL_RAM</code>
runner environment variables. If set, these environment variables
override the <code>threads</code> and <code>ram</code> inputs
respectively. <a
href="https://redirect.github.com/github/codeql-action/pull/2891">#2891</a></li>
</ul>
<h2>3.28.17 - 02 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2872">#2872</a></li>
</ul>
<h2>3.28.16 - 23 Apr 2025</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f443b600d9"><code>f443b60</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3198">#3198</a>
from github/update-v4.30.8-527f0f324</li>
<li><a
href="7a2cb623ed"><code>7a2cb62</code></a>
Update changelog for v4.30.8</li>
<li><a
href="527f0f324a"><code>527f0f3</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3195">#3195</a>
from github/dependabot/npm_and_yarn/npm-minor-37415c...</li>
<li><a
href="f402506f0f"><code>f402506</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3196">#3196</a>
from github/dependabot/github_actions/dot-github/wor...</li>
<li><a
href="f5e53f9476"><code>f5e53f9</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3197">#3197</a>
from github/dependabot/github_actions/dot-github/wor...</li>
<li><a
href="4e90a42a3e"><code>4e90a42</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3193">#3193</a>
from github/mbg/ff/tools-toolcache</li>
<li><a
href="413a4a4df1"><code>413a4a4</code></a>
Rebuild</li>
<li><a
href="452186448a"><code>4521864</code></a>
Bump github/codeql-action from 3 to 4 in /.github/workflows</li>
<li><a
href="eadf14bf6e"><code>eadf14b</code></a>
Bump ruby/setup-ruby</li>
<li><a
href="e1257b6fda"><code>e1257b6</code></a>
Rebuild</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/v3...v4">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Don't allow tabs with active Wave AI sessions to get closed when we
close the last block. Have Cmd-W close Wave AI if it is focused (rather
than a random node). Also fixes some lurking bugs with the pinned tab
functionality (and adds some nice visual feedback when we try to close a
pinned tab).
- [x] Explore repository structure and understand existing tools pattern
- [x] Create tools_readdir.go file with read_dir tool implementation
- [x] Add GetReadDirToolDefinition() function following the pattern of
read_text_file
- [x] Register the new tool in tools.go GenerateTabStateAndTools
function
- [x] Create comprehensive tests in tools_readdir_test.go
- [x] Test the implementation manually with various scenarios
- [x] Run Go tests to ensure no regressions
- [x] Run security check with CodeQL - No vulnerabilities found
- [x] Revert unintended changes to tsunami demo go.mod and go.sum files
- [x] Fix sorting to happen before truncation and preserve real total
count
## Summary
Successfully implemented a new `read_dir` AI tool that reads and lists
directory contents, following the same pattern as the existing
`read_text_file` tool.
**Key Features:**
- Supports path expansion (including ~)
- Sorts directories first, then files (sorting happens BEFORE
truncation)
- Truncates output to prevent overwhelming responses (default 1000
entries)
- Preserves the real total count even when truncated
- Requires user approval for security
- Provides detailed file/directory information (name, type, size,
permissions, modification time)
- Returns both structured data and formatted listing
**Files Changed:**
- `pkg/aiusechat/tools_readdir.go` - Main implementation (189 lines)
- `pkg/aiusechat/tools_readdir_test.go` - Comprehensive tests (211
lines)
- `pkg/aiusechat/tools.go` - Tool registration (1 line)
**Testing:**
- ✅ All 6 unit tests passing (including new test for
sort-before-truncate)
- ✅ Manual testing with real directories successful
- ✅ CodeQL security scan passed with no vulnerabilities
- ✅ Go build and vet successful
<!-- START COPILOT CODING AGENT SUFFIX -->
<details>
<summary>Original prompt</summary>
> Right now we have AI tools in go at pkg/aichat ... see tools.go,
tools_readfile.go. i'd like to add a new tool to read directories in the
style of readfile.
</details>
<!-- START COPILOT CODING AGENT TIPS -->
---
💡 You can make Copilot smarter by setting up custom instructions,
customizing its development environment and configuring Model Context
Protocol (MCP) servers. Learn more [Copilot coding agent
tips](https://gh.io/copilot-coding-agent-tips) in the docs.
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: sawka <2722291+sawka@users.noreply.github.com>
Co-authored-by: sawka <mike@commandline.dev>
Mike Sawka