What's Changed

✨ Added

Desktop & IDE

Tauri 2.x Desktop App: New Tauri-based native desktop app for macOS and Windows (#3813)
Coding Mode: New Web IDE with a three-panel layout — file tree, tabbed editor with inline diff review, and a Git panel for branching, staging, and committing (#4578, #4671)

Skills & Providers

Skill Market: Browse and install skills from multiple providers (Aliyun, ClawHub, ModelScope) via a new Skill Market page with cross-provider search (#4518, #4623)
OpenCode Go Provider: OpenCode and OpenCode Go now share a single provider with switchable API endpoints (#4536, #4549)
Browser Headless Warning: Headless browser launches now include a warning with instructions to switch to headed mode if verification pages appear (#4603)

Agent System

Background Task Timeout: submit_to_agent now accepts a task_timeout parameter, also available via the CLI --task-timeout flag (#4547)
File Block Context: File blocks in message content are now processed and token-counted alongside image, audio, and video blocks (#4567)
Tool Guard Deny Feedback: When a user denies a tool call, the agent receives explicit instructions not to retry or attempt alternatives (#4569)
Isolated Cron Sessions: Non-shared cron jobs now execute with clean context while history accumulates in a unified per-job session (#4602)

Chat & Console

File Download on Desktop: Clicking file cards in chat now works correctly in the pywebview desktop app (#4566)
Chat Input Draft Persistence: Chat input text and cursor position are saved and restored across page navigation (#4598)
Memory Summary in Chat History: Chat history now includes the memory summary (#4658)

Channels

Unified Access Control: Per-channel whitelist / blacklist / pending-approval system with a console UI for managing user access across all channels (#4565)
QQ Tool Guard Approval Card: Interactive keyboard-button cards for approve / deny actions in QQ channel (#4667)

Plugin Manager UI: Redesigned plugin manager page with i18n-aware descriptions, kind filters, name search, and auto-reload after install / uninstall (#4545, #4588)
Skill Content Validation: Skills imported from zip or saved via the editor are now validated before being accepted (#4591)
Console UI Refresh: Updated header navigation layout and Environments & Security settings pages (#4654, #4657)

Channels

WeChat Message Reliability: Added content-based dedup to catch duplicates across polls; skip sends on expired context_token; report accurate failures for API-initiated messages (#4576, #4597, #4618, #4627)
DingTalk Chinese Filenames: Percent-encoded Chinese filenames in file sends are now decoded correctly (#4600)
DingTalk DM Webhook Key: DM webhook store keys now include sender_id to prevent collision when different conversations share the same conversation_id suffix (#4665)

Console & UI

MCP Client Key Routing: Fixed routing for MCP client keys containing / (#4560)
QwenPaw Pet: Fixed Windows compatibility, pet stuck in Done state on consecutive conversations, and changed auto-start default to opt-in (#4564, #4626)
Dark Mode Visibility: Fixed invisible plan panel header and pet import drop zone in dark mode (#4570, #4599)
Whisper Speech Button: Chat page now waits for the Whisper provider check before showing the speech button, preventing a brief flash of browser speech when Whisper is configured (#4601)

Providers & Security

Proxy Client IP: Auth bypass whitelist now resolves the real client IP instead of using the proxy's address (#4562)
Gemini max_tokens: The Gemini provider now correctly maps max_tokens to max_output_tokens (#4621)

Integration Test Suite: Refactored and expanded integration tests with broader coverage (#4561)

Full Changelog: v1.1.8...v1.1.9