v0.8.64 security and release integration

.gitattributes

@@ -6,6 +6,10 @@ crates/tui/src/prompts/*.md text eol=lf
 # Rustfmt writes LF; keep Rust sources stable across Windows/Linux/macOS.
 *.rs text eol=lf
 
+# Branch hygiene release scripts are invoked directly by bash on Windows
+# checkouts; CRLF turns `set -euo pipefail` into an invalid option.
+scripts/release/branch-hygiene*.sh text eol=lf
+
 # Keep repository attributes themselves stable on every platform.
 .gitattributes text eol=lf
 

.github/AUTHOR_MAP

@@ -110,3 +110,7 @@ greyfreedom@163.com = greyfreedom <11493871+greyfreedom@users.noreply.github.com
 puneetdixit200 = puneetdixit200 <236133619+puneetdixit200@users.noreply.github.com>
 yekern = Stime <13691766+yekern@users.noreply.github.com>
 Stime = Stime <13691766+yekern@users.noreply.github.com>
+pkeging = pkeging <237035657+pkeging@users.noreply.github.com>
+147567034@qq.com = pkeging <237035657+pkeging@users.noreply.github.com>
+KUK4 = KUK4 <246008043+KUK4@users.noreply.github.com>
+LLL@users.noreply.github.com = KUK4 <246008043+KUK4@users.noreply.github.com>

.github/workflows/auto-tag.yml

@@ -24,6 +24,10 @@ on:
 permissions:
   contents: write
 
+concurrency:
+  group: auto-tag-${{ github.ref_name }}
+  cancel-in-progress: false
+
 jobs:
   tag:
     runs-on: ubuntu-latest
@@ -43,6 +47,10 @@ jobs:
             echo "::error::Could not parse workspace version from Cargo.toml" >&2
             exit 1
           fi
+          if ! echo "$v" | grep -qE '^[0-9]+\.[0-9]+\.[0-9]+$'; then
+            echo "::error::Workspace version '$v' is not valid semver (expected X.Y.Z)" >&2
+            exit 1
+          fi
           echo "version=$v" >> "$GITHUB_OUTPUT"
           echo "tag=v$v" >> "$GITHUB_OUTPUT"
           echo "Workspace version: $v"
@@ -64,22 +72,56 @@ jobs:
 
       - name: Verify version consistency
         if: steps.check.outputs.exists == 'false'
-        run: ./scripts/release/check-versions.sh
+        run: |
+          ./scripts/release/check-versions.sh || {
+            echo "::error::Version consistency check failed. Aborting tag creation." >&2
+            exit 1
+          }
 
       - name: Create and push tag
+        id: create
         if: steps.check.outputs.exists == 'false'
         env:
           TAG: ${{ steps.ver.outputs.tag }}
         run: |
           git config user.name "github-actions[bot]"
           git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
+          git fetch --tags --quiet
+          if git rev-parse -q --verify "refs/tags/${TAG}" >/dev/null \
+             || git ls-remote --tags origin "refs/tags/${TAG}" | grep -q .; then
+            echo "pushed=false" >> "$GITHUB_OUTPUT"
+            echo "Tag ${TAG} already exists after refresh; nothing to do."
+            exit 0
+          fi
           git tag "${TAG}"
-          git push origin "${TAG}"
-          echo "Pushed ${TAG}. release.yml should now run (requires RELEASE_TAG_PAT for trigger)."
+          max_retries=3
+          retry_count=0
+          while [ "${retry_count}" -lt "${max_retries}" ]; do
+            if git push origin "${TAG}"; then
+              echo "pushed=true" >> "$GITHUB_OUTPUT"
+              echo "Pushed ${TAG}. release.yml should now run (requires RELEASE_TAG_PAT for trigger)."
+              exit 0
+            fi
+            if git ls-remote --tags origin "refs/tags/${TAG}" | grep -q .; then
+              echo "pushed=false" >> "$GITHUB_OUTPUT"
+              echo "Tag ${TAG} appeared during push; treating as already handled."
+              exit 0
+            fi
+            retry_count=$((retry_count + 1))
+            if [ "${retry_count}" -lt "${max_retries}" ]; then
+              echo "Push attempt ${retry_count} failed; retrying in 10s..."
+              sleep 10
+            fi
+          done
+
+          echo "::error::Failed to push tag ${TAG} after ${max_retries} attempts." >&2
+          exit 1
 
       - name: Warn if PAT missing
-        if: steps.check.outputs.exists == 'false' && env.HAS_PAT != 'true'
+        if: steps.create.outputs.pushed == 'true'
         env:
           HAS_PAT: ${{ secrets.RELEASE_TAG_PAT != '' }}
         run: |
-          echo "::warning::RELEASE_TAG_PAT secret is not set. The tag was pushed using GITHUB_TOKEN, which does NOT trigger release.yml. Manually re-push the tag from a developer machine, or run 'gh workflow run release.yml --ref ${{ steps.ver.outputs.tag }}'."
+          if [ "${HAS_PAT}" != "true" ]; then
+            echo "::warning::RELEASE_TAG_PAT secret is not set. The tag was pushed using GITHUB_TOKEN, which does NOT trigger release.yml. Manually re-push the tag from a developer machine, or run 'gh workflow run release.yml --ref ${{ steps.ver.outputs.tag }}'."
+          fi

.github/workflows/nightly.yml

@@ -77,9 +77,12 @@ jobs:
     runs-on: ${{ matrix.os }}
     steps:
       - uses: actions/checkout@v7
-      - uses: dtolnay/rust-toolchain@stable
+      - uses: dtolnay/rust-toolchain@master
         with:
+          toolchain: '1.88'
           targets: ${{ matrix.target }}
+      - name: Install Rust target
+        run: rustup target add --toolchain 1.88 ${{ matrix.target }}
       - uses: Swatinem/rust-cache@v2
         with:
           cache-bin: false
@@ -119,7 +122,18 @@ jobs:
           CARGO_TARGET_RISCV64GC_UNKNOWN_LINUX_GNU_LINKER: riscv64-linux-gnu-gcc
           PKG_CONFIG_ALLOW_CROSS: 1
           PKG_CONFIG_LIBDIR_riscv64gc_unknown_linux_gnu: /usr/lib/riscv64-linux-gnu/pkgconfig
-        run: cargo build --release --locked --target ${{ matrix.target }}
+        run: |
+          for attempt in 1 2 3; do
+            if cargo build --release --locked --target ${{ matrix.target }}; then
+              exit 0
+            fi
+            if [ "${attempt}" -lt 3 ]; then
+              echo "Build attempt ${attempt} failed; retrying in 30s..."
+              sleep 30
+            fi
+          done
+          echo "Build failed after 3 attempts" >&2
+          exit 1
       - name: Stage artifact
         id: stage
         shell: bash

.github/workflows/release.yml

@@ -28,7 +28,7 @@ jobs:
           toolchain: '1.88'
           components: clippy, rustfmt
       - name: Install Linux system dependencies
-        if: runner.os == 'Linux' && matrix.target != 'x86_64-unknown-linux-musl'
+        if: runner.os == 'Linux'
         run: |
           for i in 1 2 3 4 5; do
             sudo apt-get update && break
@@ -173,6 +173,8 @@ jobs:
         with:
           toolchain: '1.88'
           targets: ${{ matrix.target }}
+      - name: Install Rust target
+        run: rustup target add --toolchain 1.88 ${{ matrix.target }}
       - uses: Swatinem/rust-cache@v2
         with:
           cache-bin: false
@@ -191,7 +193,7 @@ jobs:
         run: |
           sudo apt-get update
           sudo apt-get install -y musl-tools
-          rustup target add x86_64-unknown-linux-musl
+          rustup target add --toolchain 1.88 x86_64-unknown-linux-musl
           cargo build --release --locked --target x86_64-unknown-linux-musl
       - name: Install RISC-V cross-compilation toolchain
         if: matrix.target == 'riscv64gc-unknown-linux-gnu'

.gitignore

@@ -104,12 +104,6 @@ apps/
 # Maintainer-internal design notes (trade-secret material, never published)
 .private/
 
-# Maintainer-local SWE-bench scratch (instance workspaces, venvs, predictions,
-# Docker harness logs). Never published.
-.swebench/
-deep-swe/
-all_preds.jsonl
-
 # Agent handoffs and version-specific setup plans are working-state notes, not
 # public docs. Keep durable setup guidance in docs/runbooks instead.
 docs/*HANDOFF*.md
@@ -123,21 +117,14 @@ docs/*_PLAN.md
 scripts/run_deep_swe.py
 .claude/
 
-# Benchmark artifacts and caches re-included by !scripts/**
+# Local run artifacts and caches re-included by !scripts/**
 results/
-benchmark_results/*
-!benchmark_results/.gitkeep
 scripts/**/__pycache__/
 
-# Maintainer-local verification artifacts and benchmark corpora
-.harbor-datasets/
-.pinchbench-skill/
-.terminal-bench-datasets/
-.venv-bench/
+# Maintainer-local verification artifacts
 .uv-bin/
 .uv-cache/
 .uv-tools/
-codewhale__*.json
 issues/
 logs/
 notes/

CHANGELOG.md

@@ -7,6 +7,70 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [0.8.64] - 2026-06-22
+
+### Added
+
+- **Seamless auto-compaction defaults.** Known large-context routes now keep
+  automatic compaction on by default while carrying summaries forward through
+  the stable prompt path, reducing surprise context loss without changing
+  explicit opt-out behavior.
+- **Runtime web automation readiness.** Local app automation gains a
+  loopback-only dev-server readiness primitive so agents can wait for TCP and
+  optional HTTP health checks before browser verification. Harvested from
+  #3376 by @cyq1017.
+- **Model and integration polish.** `/model pro` and `/model flash` shortcuts
+  now resolve to the current DeepSeek V4 routes while preserving existing model
+  IDs. Harvested from #3350 by @KUK4. The WeCom bridge landed with
+  maintainer follow-up hardening for state permissions and chat-facing error
+  reporting, from #3370 by @pkeging.
+
+### Fixed
+
+- **Security and trust-boundary hardening.** Project-local config can no longer
+  loosen user-owned shell or instruction-file policy, file edits now require a
+  fresh read of the target file, git history inputs reject option-shaped or
+  control-character revisions, interactive execution surfaces require approval,
+  and local tool paths are narrowed through workspace/root validation.
+- **Runtime and diagnostics redaction.** Generated runtime/app-server tokens,
+  raw session lineage identifiers, provider registry drift values, review
+  receipt internals, and webhook URLs are no longer echoed into human-facing
+  logs or diagnostics.
+- **Network and alert safety.** Provider TLS verification bypass requests now
+  fail closed, fleet alert webhooks require HTTPS, fetch URL hostnames are
+  resolved before requests, and runtime mobile auth no longer relies on
+  token-bearing URLs.
+- **Path-state hardening.** Config sibling files, project MCP cwd values,
+  runtime thread store files, sub-agent state, project-local state roots, and
+  app-server sidecar config paths now resolve through checked roots before
+  reads/writes.
+- **Release CI repair.** Nightly cross-target builds install Rust targets
+  explicitly and retry transient cargo failures; auto-tag runs are serialized
+  and treat an already-created remote tag as a no-op. Safe slices harvested
+  from #3374 by @donglovejava.
+- **Provider wait and sidebar regressions.** Provider-wait footers suppress
+  noisy countdowns until useful while keeping timeout warnings visible,
+  harvested from #3375 by @idling11. The pinned sidebar can render at a
+  narrower 64-column boundary, harvested from #3371 by @donglovejava.
+- **Delegated server cleanup.** Delegated `serve` / `app-server` children gain
+  OS-level parent-death cleanup on supported platforms, completing the #3259
+  follow-up from #3378 and #3317 by @wuisabel-gif.
+- **ACP and sandbox correctness.** ACP sessions preserve multi-turn
+  conversation history across prompt turns, harvested from #3372 by @xulongzhe.
+  Worktree Git metadata writes are allowed through sandbox policy without
+  broad trust-mode escalation, from #3356 by @cyq1017 and the #3355 report by
+  @linletian.
+
+### Changed
+
+- **Community and dependency harvests.** The release train carries focused
+  community-credit slices from #3379 by @greyfreedom, #3348 by @nightt5879,
+  #3346 by @hongqitai, #3345/#3333 by @cyq1017, and Dependabot updates for
+  `windows`, `toml`, `tokio`, `lru`, `similar`, and web tooling security locks.
+- **Public release surface cleanup.** Benchmark-specific materials were kept
+  out of the public release repo; benchmark source fragments belong in the
+  separate `codewhale-bench` lane.
+
 ## [0.8.63] - 2026-06-19
 
 ### Added
@@ -55,7 +119,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
   while Ctrl-X is scoped to Tasks-sidebar background shell cancellation. Shell
   jobs launched by sub-agents now render with their child-agent owner in the
   Tasks sidebar and transcript.
-- **Benchmark-turn recovery and context economy.** Repeated read-only search
+- **Long-turn recovery and context economy.** Repeated read-only search
   loop blocks now return guidance instead of fatal tool failures, Python build
   failures that are missing `setuptools` include an install/retry hint, long
   foreground shell timeouts steer models toward background execution, and noisy
@@ -123,7 +187,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
   unchanged.
 - **Base prompt / delegate skill guidance** updated to encourage parallel
   read-only exploration (2-4 `type: "explore"` sub-agents) for broad repo,
-  version, branch, benchmark, and API-surface investigations, while keeping
+  version, branch, release, and API-surface investigations, while keeping
   architecture, integration, and final verification in the parent. The
   delegate skill examples now use provider-neutral `model_strength` instead of
   hardcoded DeepSeek model ids.
@@ -297,7 +361,7 @@ folds in several community contributions.
 - Work sidebar no longer shows stale `phase now:` / `phase next:` strategy rows once the checklist
   is 100% complete.
 - Plan mode no longer shortcuts investigation for requests that name a repository, URL, version,
-  release, build state, benchmark, bug, PR, issue, API surface, or local code path.
+  release, build state, bug, PR, issue, API surface, or local code path.
 - Oversized pasted text stays editable in the composer, with a file backup appended at submit
   time for model access; thanks @idling11 (#3267, closes #3263).
 - Bare digit keys `1`-`8` now insert text instead of firing hotbar slots; use `Alt+digit` for
@@ -796,8 +860,6 @@ folds in several community contributions.
 
 ### Added
 
-- **Benchmark harness runners.** Added CodeWhale-native benchmark entry points for SWE-bench, Terminal-Bench, and PinchBench, plus a local PinchBench runner that can grade tool-use traces with an LLM judge.
-- **Direct MiMo benchmark routing.** The benchmark runner now defaults to direct Xiaomi MiMo v2.5 Pro routing when configured, while keeping provider/model selection explicit.
 - Added `/restore list [N]` so users can inspect more side-git rollback
   snapshots with UTC timestamps before choosing a restore point. Plain
   `/restore` now shows the 20 most recent snapshots, numeric restore targets can
@@ -1138,7 +1200,6 @@ folds in several community contributions.
 
 ### Fixed
 
-- **Benchmark workspace copying.** Fixed benchmark workspace file copying so local benchmark tasks can preserve their intended file layout during agent runs.
 - **MiMo default tests.** Guarded Xiaomi MiMo default-model tests against ambient CI provider environment variables.
 - Stream/body decode failures such as `Stream read error: error decoding
   response body` are now classified as recoverable network interruptions
@@ -2284,7 +2345,8 @@ overflow report and `/theme` picker edge-wrapping patch in #1814.
 
 Older releases (v0.8.39 and earlier) are archived in [docs/CHANGELOG_ARCHIVE.md](docs/CHANGELOG_ARCHIVE.md).
 
-[Unreleased]: https://github.com/Hmbown/CodeWhale/compare/v0.8.63...HEAD
+[Unreleased]: https://github.com/Hmbown/CodeWhale/compare/v0.8.64...HEAD
+[0.8.64]: https://github.com/Hmbown/CodeWhale/compare/v0.8.63...v0.8.64
 [0.8.63]: https://github.com/Hmbown/CodeWhale/compare/v0.8.62...v0.8.63
 [0.8.62]: https://github.com/Hmbown/CodeWhale/compare/v0.8.61...v0.8.62
 [0.8.61]: https://github.com/Hmbown/CodeWhale/compare/v0.8.60...v0.8.61