Skip to content

Releases: aliyun/iac-code

Release v0.9.0

Choose a tag to compare

@guima-why guima-why released this 08 Jul 05:36
f369012

Highlights

  • Added an InfraGuard-backed review and repair workflow for generated ROS templates.
  • Added architecture diagram generation for ROS/IaC templates, including deterministic and LLM-optimized diagram views.
  • Added a session-scoped backup layout with restore support from a configured backup directory.
  • Improved A2A pipeline streaming performance with a new extreme performance mode.
  • Added the initial Rust workspace foundation for a future native implementation of IaC Code.
  • Added controls for enabling or disabling model thinking behavior.

New Features

InfraGuard Review Pipeline

IaC Code now includes an InfraGuard-powered review stage for ROS template workflows.

  • Added an infraguard_scan pipeline tool with structured scan results.
  • Added review and repair handling for generated ROS templates before later cost and deployment steps.
  • Added prerequisite handling for the infraguard CLI, including interactive install flow, configurable download URLs, mirror support, GitHub fallback, SHA-256 verification, and post-install policy update.
  • Added concise and expanded rendering for scan results.
  • Added deterministic error handling for InfraGuard CLI failures and scan timeouts.
  • Added localized REPL prerequisite UI with progress, cancellation, completion, and failure states.
  • Added telemetry, recovery, A2A event translation, and tool rendering support for resumable review workflows.
  • Updated PAC Alibaba Cloud InfraGuard documentation and mapped scan dimensions to explicit pack:aliyun policy packs.

Template Architecture Diagrams

Generated ROS/IaC templates can now be visualized through an architecture diagram workflow.

  • Added architecture metadata loading and resource inventory extraction.
  • Added rule-based facts, semantic planning, and Mermaid graph generation.
  • Added overview and focused detail diagram views.
  • Integrated diagrams into the interactive REPL candidate solution flow.
  • Added immediate deterministic diagram rendering, followed by asynchronous LLM-optimized diagram replacement.
  • Added tabbed diagram navigation inside candidate solutions.
  • Kept terminal Mermaid rendering optional so Python 3.10 environments do not require Python 3.11-only diagram dependencies.

Session Backup and Restore

This release introduces a new session-scoped backup layout.

  • Added v2 session layout helpers and SessionBackupService.
  • Added mirroring of recoverable session state to IAC_CODE_CONFIG_BACKUP_DIR.
  • Consolidated session-owned runtime state under the v2 session directory, including transcripts, usage, permission audit data, tool results, image cache data, pipeline sidecars, and A2A snapshots/artifacts.
  • Added backup triggers across REPL, headless, ACP, A2A, and pipeline flows.
  • Added critical checkpoint backup handling for input-required, waiting-input, handoff, terminal, and selected pipeline states.
  • Added restore support from the configured backup directory.
  • Preserved compatibility with legacy sessions.
  • Global credentials, settings, logs, telemetry, and shared A2A indexes are intentionally not mirrored.

A2A Pipeline Performance

A2A pipeline streaming now has a new performance mode for high-frequency event flows.

  • Added IAC_CODE_A2A_EXTREME_PERFORMANCE.
  • The mode defaults to enabled unless explicitly set to false.
  • High-frequency text_delta and thinking_delta sidecar writes are deferred and flushed in batches or on semantic events.
  • Added compact non-durable snapshot writes for the fast path.
  • Kept a reliability-first path available when the environment variable disables extreme performance mode.
  • Stabilized A2A pipeline executor and dispatcher stream tests.

Rust Foundation

This release adds the initial Rust implementation foundation for IaC Code.

  • Added the iac-code-rs Rust workspace.
  • Added foundational crates/modules for CLI, A2A, tools, providers, core logic, TUI, ACP, config, and execution.
  • Aligned the foundation with the existing Python CLI direction.
  • Added Rust formatting, linting, testing, and runtime verification coverage.
  • Updated rustls-webpki from 0.103.10 to 0.103.13.

Thinking Controls

  • Added controls for enabling or disabling model thinking behavior.
  • Added command-level test coverage for the new thinking configuration behavior.

ROS Workflow Improvements

  • Added dedicated ROS template tools for the selling pipeline:
    • ros_validate_template
    • ros_preview_stack
    • ros_get_template_parameter_constraints
    • ros_deploy
  • Enforced TemplateURL usage for ROS pipeline calls.
  • Improved deployment safety around existing stack operations.
  • Added permission checks for continue-create and delete-and-create deployment paths.
  • Added ContinueCreateStack support with AutoRecreatingResources.
  • Added owned-stack safety checks.
  • Added a deployment fast path after successful preview validation.
  • Avoided unnecessary template directory pre-creation.
  • Added VSwitch CIDR overlap guardrails for existing VPC scenarios.
  • Improved ros_deploy result rendering with compact success/failure summaries by default and full JSON in verbose mode.
  • Fixed ROS deploy pipeline stack guard behavior.

Reliability, Compatibility, and Security

  • Improved public A2A event path sanitization.
  • Improved debugger timeline output for A2A flows.
  • Improved symlink-aware behavior for file reading, globbing, grep, and bundled selling references.
  • Fixed session restore issues involving symlinks.
  • Fixed Windows public path sanitization.
  • Improved backup safety by rejecting unsafe symlink/reparse entries and cleaning up stale mirrored destinations.
  • Fixed Python 3.10 InfraGuard scan timeout handling.
  • Fixed static termaid import behavior for lint/type-check compatibility.
  • Fixed tool render data handling by carrying serializable metadata instead of runtime objects.
  • Stabilized stdio transport tests and task-store runtime lock tests.

Documentation and Localization

  • Updated website documentation for backup and InfraGuard workflows.
  • Updated localized strings across supported languages.
  • Updated Alibaba Cloud PAC InfraGuard workflow guidance.
  • Added and updated tests for review, backup, architecture diagrams, ROS deployment, A2A behavior, permissions, and cross-platform path handling.

Migration Notes

  • Existing sessions remain compatible.
  • Newer sessions use the v2 session-scoped layout for recoverable runtime state.
  • To disable the new A2A extreme performance mode, set IAC_CODE_A2A_EXTREME_PERFORMANCE=false.
  • ROS pipeline deployment now prefers dedicated ROS pipeline tools and TemplateURL-based flows.
  • The Rust workspace is introduced as a foundation and does not remove the existing Python CLI implementation.

Full Changelog: v0.8.0...v0.9.0

Release v0.7.0

Choose a tag to compare

@guima-why guima-why released this 24 Jun 09:44
77a5baa

What's Changed

Highlights

  • This is a broad A2A and Pipeline Mode reliability release, not just a version bump.
  • Hardened A2A pipeline execution, recovery, snapshots, journals, rollback cleanup, persistence, and normal-chat handoff behavior.
  • Added a local selling pipeline console and substantially expanded debugger/E2E tooling for A2A pipeline scenarios.
  • Added pipeline image input support and better multimodal handling across A2A, REPL display, snapshots, and recovery paths.
  • Added A2A request-scoped runtime/cloud credential overrides.
  • Tightened the selling pipeline workflow around ROS stack deployment, candidate selection, cost/deployment parameters, memory policy, and completion guards.

A2A and Pipeline Runtime

  • Added structured PipelineUserInput handling for text, JSON, raw/file URL parts, and supported image MIME types (png, jpeg, webp, gif).
  • Added image resizing/downsampling and validation before entering pipeline execution.
  • Preserved recoverable task IDs and richer recoverable error data through JSON-RPC/A2A compatibility paths.
  • Improved task/context ownership checks for sidecars, waiting input, aliases, resubscribe flows, and recovery without an explicit taskId.
  • Made cancel handoff, interrupts, pending input, ask_user_question resume, and normal-chat follow-ups after pipeline handoff more consistent.
  • Added JSON-RPC passthrough coverage and improved dispatcher behavior for A2A transport flows.

Durable Recovery and Persistence

  • Added durable state-file helpers for atomic writes, locked JSONL appends, cross-device-safe replacement, parent-directory fsync, Windows replace retries, and path locking.
  • Moved recovery-critical sidecar/session/journal writes onto the durable helpers.
  • Changed key persistence paths to fail closed instead of reporting successful progress when state could not be written.
  • Preserved candidate/sub-pipeline state, failed candidate details, active attempt IDs, pending input resume data, transcripts, rollback metadata, and cleanup ledger state across restarts.
  • Rebuilt and repaired A2A pipeline recovery state from snapshots and journals more defensively.

Rollback Cleanup and Cloud Resource Tracking

  • Added cleanup tracking primitives for resources created during pipeline execution.
  • Added ROS stack observation from both ros_stack and generic aliyun_api CreateStack paths.
  • Added deploying-step hooks that record observed ROS stacks and mark only relevant deployment attempts for rollback cleanup.
  • Generated hidden cleanup prompts for normal-chat handoff and preserved them through session save, context compaction, resume, prompt inspection, and A2A normal-chat startup.
  • Published cleanup started/progress/failed/completed events and exposed sanitized cleanup state in A2A snapshots/recovery payloads.
  • Rejected cleanup result mismatches instead of treating unrelated tool results as cleanup success.

Pipeline Engine and Selling Workflow

  • Added surface-specific step prompt overrides, including an A2A-specific confirm/select prompt.
  • Added completion guard state rebuilt from tool results and resume messages, including guards that require a successful ROS stack result with matching stack ID/status.
  • Added pre-validation for complete_step inputs before accepting restored/precompleted tool state.
  • Added pipeline hooks for resource observation and rollback cleanup requirements.
  • Removed static rollback rule parsing from loaded steps and moved rollback targeting into explicit runtime state.
  • Refined selling pipeline prompts and skills for intent parsing, architecture planning, cost estimation, candidate selection, deployment parameters, and deployment reporting.
  • Improved support for explicit StackName, region, VPC/zone/CIDR constraints, non-Alibaba-Cloud requests, ambiguous deployment requests, and user-provided deployment parameter overrides.
  • Restricted ROS template API calls in pipeline mode to TemplateURL, required unique ROS stack names, and enforced stack completion guards before declaring deployment success.

REPL, Session, and UI Behavior

  • Added real pipeline-sidecar detection on REPL startup and /resume, including choices to resume or discard resumable sidecars.
  • Preserved normal chat history when sessions have terminal/non-resumable pipeline state.
  • Added replay-only notices for user-aborted terminal pipelines when resuming as normal chat.
  • Persisted the visible pipeline user turn into the root session so resumed terminal pipeline sessions do not appear empty.
  • Filtered hidden recalled-memory and cleanup prompts from session index metadata, resume picker previews, transcript rendering, and prompt summaries.
  • Added /prompt visibility for cleanup prompts, including a dedicated cleanup prompt tab.
  • Improved REPL image paste/render behavior for pipeline-visible user turns and image block display.

Developer Tooling, Debugger, Console, and Docs

  • Added a local A2A selling pipeline console server and static web UI.
  • Extended the A2A debugger with pipeline state/task state views, SSE proxy behavior, cwd validation notes, image uploads, and pipeline image-input limits.
  • Added a real PTY-driven REPL pipeline E2E runner and added pexpect to dev dependencies.
  • Extended A2A recovery E2E scenarios with static image fixtures and coverage for image waiting-input, selection, handoff, interrupt, and rollback cleanup recovery flows.
  • Added website navigation/footer entries for Pipeline Mode docs and test coverage for docs navigation labels.
  • Updated A2A docs, runtime configuration docs, environment/provider docs, and localized website navigation metadata.

Cross-Platform, Path Safety, and Security Hardening

  • Added Windows-aware and case-insensitive path handling where needed for safe path checks.
  • Added safer path-lock and state-write helpers for recovery-critical files.
  • Preserved trusted read directories for pipeline skills/tools without broadening general read permissions.
  • Kept non-pipeline ToolContext construction backward-compatible while adding pipeline-mode context fields.
  • Tightened public event/recovery sanitization for stack traces, cleanup mismatch details, path-like values, and sensitive failure text.

Internationalization, Tests, and Dependencies

  • Updated gettext catalogs for all supported locales: de, es, fr, ja, pt, and zh.
  • Added or expanded tests across A2A execution, pipeline engine recovery, rollback cleanup, REPL behavior, selling pipeline prompts/skills, session storage/indexing, path safety, tool execution, image input, website navigation, and E2E helper scripts.
  • Updated dependencies: aiohttp, starlette, website launch-editor, webpack-dev-server, ws, and undici.

Full Changelog: v0.6.0...v0.7.0

Release v0.6.0

Choose a tag to compare

@guima-why guima-why released this 15 Jun 12:22
c14207f

Highlights

This release introduces Pipeline mode, a new step-by-step execution mode for longer Alibaba Cloud infrastructure workflows.

The first built-in pipeline is selling, which can guide an Alibaba Cloud deployment request through intent clarification, architecture planning, ROS template generation, cost estimation, candidate selection, and deployment confirmation.

How to use Pipeline Mode

Pipeline mode currently runs in the interactive REPL and cannot be combined with --prompt.

On macOS or Linux:

IAC_CODE_MODE=pipeline iac-code

On PowerShell:

$env:IAC_CODE_MODE = "pipeline"
iac-code

The default pipeline is selling. To select it explicitly:

IAC_CODE_MODE=pipeline IAC_CODE_PIPELINE_NAME=selling iac-code

Example requests:

Select an existing VPC and create a VSwitch
Design a low-cost Alibaba Cloud web application deployment and generate a template

The selling pipeline walks through these stages:

  • Understand the infrastructure requirement and ask clarification questions when needed.
  • Propose candidate Alibaba Cloud architectures.
  • Generate ROS templates for candidate plans.
  • Estimate resource costs.
  • Show candidate details and ask the user to choose a plan.
  • Continue to deployment after confirmation.

Pipeline progress is saved with the session. If the process exits or is interrupted, return to the session with --resume to inspect previous progress and continue from a recoverable point.

What's New

  • Added a generic pipeline runtime with YAML-based pipeline loading, step execution, state transitions, rollback handling, sub-pipeline execution, session context, transcript storage, and recovery metadata.
  • Added the built-in selling pipeline for Alibaba Cloud infrastructure design and deployment assistance.
  • Added pipeline tools for completing steps, asking clarification questions, showing architecture diagrams, and inspecting candidate details.
  • Added terminal UI support for pipeline progress, candidate tabs, candidate selection, diagrams, interruptions, and recovered display replay.
  • Added A2A pipeline integration, including pipeline executor, event envelopes, streaming, snapshots, journals, recovery, and sanitized public metadata.
  • Added multilingual Pipeline mode documentation and website navigation updates.
  • Refreshed provider model registries and thinking-mode support for multiple providers.

Improvements

  • Preserved normal chat mode as the default behavior when Pipeline mode is not enabled.
  • Added explicit rejection for unsupported Pipeline mode paths in ACP and non-interactive mode.
  • Improved Windows console fallback behavior, status rendering, and cross-platform path/symlink handling.
  • Hardened pipeline packaging so prompts, skills, resources, scripts, and documentation are included in builds.
  • Added local observability/debugging utilities and A2A recovery scenario scripts for pipeline development.

Fixes

  • Stabilized update-checker tests so they no longer depend on the package's real released version.
  • Improved Python 3.10 cancellation handling for the parallel key-reader cleanup path.
  • Added broad regression coverage for pipeline runtime, A2A recovery, UI rendering, model registry updates, and packaging.

Compatibility Notes

  • Pipeline mode requires the interactive REPL.
  • --prompt / non-interactive mode does not run Pipeline steps.
  • ACP does not currently support Pipeline mode.
  • The current release includes only the built-in selling pipeline.
  • Pipeline mode currently supports text input; pasted images are ignored while a pipeline is active.
  • Mid-pipeline shell escapes, skill triggers, and most slash commands are restricted unless allowed by the pipeline definition.

Full Changelog: v0.5.0...v0.6.0

Release v0.5.0

Choose a tag to compare

@guima-why guima-why released this 11 Jun 03:17

Highlights

  • Added a new Claude-style memory system with project/user AGENTS.md, auto-memory topic recall, and hidden recalled context injection.
  • Reworked /memory into an interactive memory selector for project memory, user memory, auto-memory settings, and memory file editing.
  • Added the bundled pac-aliyun skill for Alibaba Cloud Policy as Code workflows, including InfraGuard, Rego policy generation, policy lookup, validation, and ROS template compliance scanning.
  • Added a hidden /prompt export command to inspect the current prompt, provider messages, tools, metadata, and memory context.
  • Improved ACP and A2A reliability across cwd validation, HTTP/SSE transport, Redis Streams, push queues, and concurrent task handling.
  • Revamped the documentation homepage and added browser locale redirect support.

Improvements

  • Memory recall now runs as a side query and avoids repeatedly injecting the same surfaced or manually read memory topics.
  • Hidden recalled-memory messages are excluded from resume previews, history search, compaction prompts, ACP history replay, and turn counts.
  • Skill auto-triggering now keeps PAC workflows separate from general IaC template workflows.
  • Provider handling now supports cache policy control for side calls and improves DashScope and Anthropic message handling.
  • ACP HTTP transport now enforces request body limits and uses bounded SSE backpressure.
  • A2A push delivery now improves queue durability, secret handling, header redaction, retry behavior, and lease recovery.

Bug Fixes

  • Fixed auto-memory recall prefetch lifecycle and Python 3.10 timeout handling.
  • Fixed ACP cwd validation edge cases, including POSIX-style paths on Windows hosts.
  • Fixed Redis Streams and HTTP SSE transport-layer message loss.
  • Fixed A2A push queue data loss and persistence write races.
  • Fixed concurrency safety issues in the task store, app state, and agent tool.
  • Fixed PAC auto-trigger conflicts with the general Alibaba Cloud IaC skill.

Documentation and Maintenance

  • Updated documentation for /memory, AGENTS.md, auto-memory, runtime memory paths, and debug status output.
  • Refreshed localized documentation and translations.
  • Added .rego files to package data for Policy as Code resources.
  • Bumped website shell-quote from 1.8.3 to 1.8.4.

Full Changelog: v0.4.1...v0.5.0

Release v0.4.1

Choose a tag to compare

@guima-why guima-why released this 05 Jun 09:49
018ca4f

Highlights

  • Added a new iac-code update command for self-updating the CLI.

    • Supports checking for available updates without installing them.
    • Improves update feedback for up-to-date, available, successful, and failed update states.
  • Added queued input support while the assistant is streaming.

    • Users can type the next message before the current response finishes.
    • Queued messages are submitted safely at tool-call boundaries.
    • Draft input is preserved across streaming output.
    • Command-style input and shell escapes remain handled at the normal top-level prompt.
  • Added per-task user_id override support for the A2A server.

    • A2A tasks can now provide user identity through task metadata.
    • Improves telemetry attribution and multi-user task handling.

Safety and Permissions

  • Hardened Bash command safety analysis.

    • Added detection for dangerous arguments in otherwise read-only commands.
    • Improved handling for commands such as find, fd, sed, rg, and sort.
    • Added stricter checks for write redirects, read redirects, path-value options, and unresolved shell expansions.
  • Improved tool permission enforcement.

    • Added sticky ask behavior for complex commands, parse errors, path constraints, and safety-sensitive arguments.
    • Prevented broad allow rules from bypassing safety checks.
    • Improved trusted read-root handling for session-specific tool result and image cache directories.
  • Improved path safety across file and shell tools.

    • Strengthened checks for sensitive paths.
    • Reduced edge cases in file read/write/edit, glob, grep, list, and web fetch behavior.

Provider and Runtime Improvements

  • Improved LLM provider streaming reliability.

    • Added safer idle timeout handling for streaming responses.
    • Added fallback behavior from streaming to non-streaming responses.
    • Preserved better runtime state when fallback providers are used.
    • Improved cancellation and stream error handling.
  • Improved provider configuration robustness.

    • Fixed custom API base URL preservation during model switching.
    • Improved OpenAI/OpenRouter provider error handling.
    • Prevented provider configuration errors from exiting the process unexpectedly.
  • Improved agent runtime stability.

    • Fixed several lifecycle and message handling edge cases.
    • Improved handling when streaming ends unexpectedly.
    • Improved context/tool definition synchronization across turns.

Alibaba Cloud and ROS

  • Stabilized Alibaba Cloud ROS stack operations.

    • Moved blocking ROS SDK calls into async-safe execution.
    • Improved terminal status handling for create, update, and delete actions.
    • Improved polling behavior for terminal states.
    • Improved cleanup behavior for cancellation and error paths.
    • Improved deployment telemetry collection.
  • Improved Alibaba Cloud provider operations.

    • Fixed provider client lifecycle handling.
    • Improved Alibaba Cloud CLI config validation.
    • Tightened success status handling for stack operations.

Bug Fixes

  • Fixed duplicate startup update notices.
  • Fixed session trusted-root config lookup.
  • Fixed state/config persistence by making writes atomic.
  • Fixed portable UTF-8 limit behavior in read_file tests.
  • Fixed multiple tool implementation edge cases.
  • Fixed skill renderer shell execution isolation.
  • Fixed status history, model handling, and i18n-related issues.

Dependencies and Maintenance

  • Bumped aiohttp from 3.13.5 to 3.14.0.
  • Bumped starlette from 1.0.0 to 1.0.1.
  • Refreshed translations.
  • Stopped tracking ignored generated artifacts.
  • Updated documentation for:
    • Provider streaming integration.
    • Tool safety permissions.
    • Skill renderer shell isolation.

Full Changelog: v0.4.0...v0.4.1

Release v0.4.0

Choose a tag to compare

@guima-why guima-why released this 03 Jun 06:35
d1f7930

Highlights

  • Added Alibaba Cloud OAuth browser login through /auth, with China/International site selection, PKCE callback handling, and automatic OAuth/STS refresh.
  • Added named sessions with /rename; sessions can now be resumed by exact ID, unique ID prefix, or unique name via /resume and --resume.
  • Added /status to show the current session, provider, model, Alibaba Cloud region, recorded token usage, turn count, and context utilization.
  • Added /memory to list, view, search, and delete persistent memories.
  • Added /skills to manage discovered skills interactively, including enabling/disabling user and project skills.
  • Added ROS template parameter recommendation guidance for existing deployable ROS and ROS Terraform templates, with PreviewStack validation before CreateStack.

New Features

  • Added support for qwen3.7-plus.
  • Added session metadata files and a directory-based session storage format while keeping legacy session files readable.
  • Added session usage sidecar files to persist provider-reported token usage across resumes.
  • Added skill disable settings in settings.yml; disabled skills are hidden from model-visible listings and rejected by direct skill tool calls.
  • Added memory argument autocomplete for /memory, including saved memory names and subcommands.
  • Added ACP support for memory and rename slash commands, session listing, named session resolution, and improved resume/fork flows.

Improvements

  • Improved the resume picker to display session names, short IDs, branches, and better search matching.
  • Improved welcome and exit hints to show session names when available.
  • Improved cross-project resume messages with copy-paste-safe commands, including Windows-compatible cd /d formatting.
  • Refreshed Alibaba Cloud tools after credential changes so newly configured cloud access is available immediately.
  • Treated ROS PreviewStack as read-only for permission handling.
  • Improved provider status reporting without forcing provider creation.

Bug Fixes

  • Fixed Windows resume compatibility for path comparison and generated resume commands.
  • Fixed usage tracking to skip zero-usage events and tolerate corrupt usage rows.
  • Fixed session indexing so usage sidecar files are not mistaken for conversations.
  • Fixed /clear banner refresh to preserve the active session ID and name.
  • Fixed disabled skill handling across REPL autocomplete, auto-triggering, and model skill calls.
  • Fixed OAuth cancellation and credential display details, including local expiration time formatting.
  • Stabilized update-checker version fixtures and Windows session/auth test coverage.

Documentation

  • Updated command, session, interactive mode, skills, and Alibaba Cloud credential documentation.
  • Localized website documentation updates across supported languages.

Maintenance

  • Added extensive tests for OAuth, sessions, status, memory, skills management, ACP session flows, Alibaba Cloud tools, usage tracking, and Windows path handling.
  • Bumped package version to 0.4.0.

Full Changelog: v0.3.1...v0.4.0

Release v0.3.1

Choose a tag to compare

@guima-why guima-why released this 02 Jun 02:23
712be64

Highlights

  • Added an interactive update checker that can detect newer releases, show release notes, and let users update now, skip once, or skip until the next version.
  • Added the iac-code version to the welcome banner.
  • Added a $ skill-only trigger with autocomplete, making it easier to invoke skills without mixing them with slash commands.
  • Added automatic activation for the bundled iac-aliyun skill when Alibaba Cloud ROS/Terraform IaC prompts are detected.
  • Added REPL shell escapes with !<command>, routed through the normal tool permission flow.

Improvements

  • Added --verbose support in headless mode to print human-readable tool and stack progress to stderr.
  • Improved REPL history search and prompt insertion behavior, including better multiline input support.
  • Improved streaming tool headers so file paths can appear before the full tool input has finished streaming.
  • Set an iac-code/<version> User-Agent on Alibaba Cloud OpenAPI and ROS clients.
  • Tightened skill discovery behavior so bundled skills remain authoritative and accidental top-level Markdown files are not treated as skills.

Bug Fixes

  • Fixed the qwen3.7-max provider metadata so it no longer uses the wrong multimodal input path.
  • Fixed A2A response text extraction from task status and history payloads.
  • Fixed A2A transport validation, config error handling, route resolution, and default cwd handling.
  • Fixed invalid --output-format and --permission-mode handling in headless mode.
  • Fixed synthetic max_turns events so they do not overwrite real token usage in JSON output.
  • Fixed local development telemetry behavior by disabling reporting when __release_date__ is empty.
  • Hardened config, session, memory, telemetry fallback, and tool-result file permissions.
  • Sanitized memory names and externalized tool-result filenames to avoid unsafe paths.
  • Improved git worktree/root detection without spawning git, avoiding Windows hang scenarios.

Documentation

  • Added documentation for sessions, skill usage, interactive shell escapes, and contributing.
  • Added contributing instructions to the README and docs website.
  • Updated localized documentation pages and translation catalogs.

Maintenance

  • Added tests across update checking, skills, REPL behavior, headless CLI, A2A, permissions, telemetry, file security, and project path handling.
  • Added packaging as a dependency for version comparison.
  • Updated tree-sitter dependency constraints.

Full Changelog: v0.3.0...v0.3.1

Release v0.3.0

Choose a tag to compare

@guima-why guima-why released this 29 May 09:53
3f30a5d

Highlights

🖥️ Full Windows Support

This release brings comprehensive Windows platform compatibility — iac-code now runs natively on Windows:

  • Git Bash auto-discovery: Automatically detects installed Git for Windows (bash.exe) from common locations; supports manual override via IAC_CODE_GIT_BASH_PATH environment variable
  • iac-code install-git-bash subcommand (Windows only): One-command installation of Git for Windows via the npmmirror mirror — no access to github.com required
  • Pure-Python git HEAD reading: Reads current branch info on Windows without shelling out to the git CLI
  • Native Windows terminal input: Added raw_input_win.py providing full keystroke handling for Windows console
  • Cross-platform tool layer: Bash tool and file operation tools (glob/grep/read/write/edit/list) now correctly handle path separators and shell differences on Windows
  • Platform detection utility (utils/platform.py): Unified OS detection, shell path discovery, and signal handling across platforms
  • Windows CI: Added Windows to the GitHub Actions test matrix for continuous compatibility assurance

Installation note: Windows users need Git for Windows installed. Use winget install --id Git.Git or run iac-code install-git-bash (downloads via npmmirror mirror) to set it up.


New Features

  • A2A Thinking Exposure: Support exposing agent thinking process (raw thinking) and tool call traces (tool trace) in the A2A protocol. Configurable via the --a2a-exposure flag (#27)

Bug Fixes

  • A2A/ACP session ID isolation: Fixed an issue where multiple A2A contexts / ACP sessions within the same process shared a single gen_ai.session.id, causing distinct conversations to appear as one session in telemetry (#23)

Documentation & CI

  • Added GitHub Issue templates (Bug Report / Feature Request)
  • Website documentation update: comprehensive provider list, search functionality, and UI improvements
  • CI fix: set official npm registry for docs build
  • Added permissions declaration to CodeQL workflow

Full Changelog: v0.2.3...v0.3.0

Release v0.2.3

Choose a tag to compare

@guima-why guima-why released this 25 May 07:27
68d57f2

What's Changed

Features

  • ROS template hooks enhancement — Added a dedicated ROS YAML loader with intrinsic function tag support (!Ref, !GetAtt, etc.), layered template validation (syntax + structure) for 13 ROS APIs, and automatic Parameters dict-to-flat expansion for 9 ROS APIs. Updated bundled skill to document dict Parameters format. (#22)
  • A2A/ACP telemetry integration — Wired telemetry lifecycle (init/flush/shutdown) into A2A and ACP server startup and shutdown, and propagated exception type and message into error telemetry events for better observability. (#21)

Bug Fixes

  • Terminal input line duplication — Fixed input line duplication that occurred when text wraps beyond terminal width.

Full Changelog: v0.2.2...v0.2.3

Release v0.2.2

Choose a tag to compare

@guima-why guima-why released this 22 May 07:14
94dbb5e

Features

  • Upgrade default models — Default model updated to qwen3.7-max (DashScope) and gemini-3.5-flash (Gemini)
  • Case-insensitive product resolution — Aliyun API now handles LLM output variations with case-insensitive product code matching
  • API hooks framework — Introduce decorator-based api_hooks with auto-discovery; add ROS ValidateTemplate hook for resource type validation before API calls

Bug Fixes

  • Fix paste lag — Resolve multi-second paste lag by skipping expensive clipboard image probe
  • Fix input history behavior
    • Exclude /exit from history
    • Scope /auth and similar commands to session-only history
    • Fix arrow key navigation freezing when hitting session-only commands
  • Fix ErrorEvent rendering — Fix rendering loss when refreshing /auth and /model commands
  • Fix Chinese translation — Correct translation issues in bash tool rules

Other Changes

  • Update observability endpoint to new Alibaba Cloud account
  • Update i18n translation references

Full Changelog: v0.2.1...v0.2.2