github can1357/oh-my-pi v16.1.18
on GitHub

6 hours ago

@oh-my-pi/pi-agent-core

Fixed

  • Fixed AppendOnlyContextManager.syncMessages clearing the entire log on any in-place rewrite of an already-synced message. Per-turn tool-output pruning, image stripping, or any transformContext re-render that touched a single message used to drop every prior turn out of the append-only log and re-send the conversation from scratch, forcing local backends (llama.cpp / Ollama / LM Studio) to re-prefill tens of thousands of tokens every few turns. syncMessages now finds the longest byte-stable prefix between the previously-synced messages and the new ones, truncates the log to that prefix, and only re-appends the diverged tail — so the provider's KV cache stays warm up to the divergence point. (#3406)

@oh-my-pi/pi-ai

Added

  • Added listOAuthAccounts for retrieving a read-only list of stored OAuth account identities
  • Added getOAuthAccessAt to resolve an OAuth token exclusively for a specific account position

Changed

  • Refactored OAuth token persistence and disable logic to use stable credential IDs instead of positional indices to prevent race conditions during concurrent updates
  • Updated OAuth failure classification to treat 403 status codes, rate limits, and network errors as transient, preventing unnecessary credential invalidation

Fixed

  • Fixed Codex Responses Lite staying enabled for image prompts, which caused GPT/Codex image turns to be rejected as Invalid value: 'input_image'; image-bearing Codex requests now fall back to the full Responses transport. (#3421)
  • Fixed the auth-broker background refresher disabling OAuth credentials unconditionally (disableCredentialById) on a definitive refresh failure, so a credential another process or a fresh login rotated mid-refresh could be torn down even though the stored row already held a valid token. The definitive-failure teardown now happens inside AuthStorage.refreshCredentialById via the same compare-and-set the in-stream and usage-probe paths use — it disables only when the persisted row still matches the credential the refresh actually attempted, and reloads on a CAS loss; the refresher now only logs.
  • Fixed OAuth refresh persisting the rotated token by a positional index captured before the refresh await. A concurrent disable could reorder or shrink a provider's credential array while the refresh was in flight, landing the new token on the wrong row (or silently dropping it) and leaving accounts with a stale refresh token that failed — and was then disabled — on the next cycle. Refresh persistence, selection-index resync, and CAS-disable now address the row by id across forceRefreshCredentialById, candidate preflight, and in-stream selection (#replaceCredentialById / #disableCredentialByIdIfMatches).
  • Fixed isDefinitiveOAuthFailure treating a bare HTTP 403 (and generic unauthorized / access-token-expired wording) as a definitive credential failure, which permanently disabled healthy OAuth accounts on WAF, egress rate-limit, permission, and account-verification responses. Bare 403, rate limits (429), gateway/5xx, and more network errors (ECONNRESET, ETIMEDOUT, EAI_AGAIN, …) are now classified transient; only explicit dead-grant errors (invalid_grant, invalid_token, unauthorized_client, revoked, refresh token … expired) or a bare 401 tear the credential down.

@oh-my-pi/pi-coding-agent

Added

  • Added --list flag to view stored OAuth accounts for a provider
  • Added --account flag to select a specific OAuth account by index for token retrieval
  • Added mouse support for navigation, selection, and toggling in the extensions dashboard

Changed

  • Enabled fullscreen alternate-screen mode for the extensions dashboard
  • Improved tab navigation to mute empty enabled providers while keeping disabled ones selectable
  • /extensions (the Extension Control Center) now opens as a fullscreen window on the terminal's alternate screen, matching /settings: it borrows the alt buffer for its lifetime (the transcript is untouched underneath) and uses the same modern chrome — a titled rounded frame, the shared TabBar for provider switching, and a divider/footer layout. The dashboard is now mouse-aware: the wheel scrolls the list (and the detail inspector, which gained its own scroll viewport), hovering highlights tabs and rows, and clicking selects a row or — when it is already selected — toggles it; clicking a provider tab switches to it. Empty enabled providers are unselectable while disabled providers stay selectable so their master switch can re-enable them.

Fixed

  • Fixed omp install of legacy pi extensions failing with Cannot find module '/$bunfs/root/packages/coding-agent/src/extensibility/typebox.js' on every released omp-<platform>-<arch> binary. Commit dc5c93462f removed worker entrypoints from scripts/ci-release-build-binaries.ts; the inline comment then claimed the legacy-shim and package-barrel entrypoints (typebox.ts, legacy-pi-{ai,coding-agent}-shim.ts, packages/{agent,natives,tui,utils}/...) were "still" passed to bun build --compile, but they had never been re-added. The release binaries shipped without those files in bunfs, so legacy-pi-compat.ts redirected typebox imports to a bunfs path that didn't exist. __resolveTypeBoxShimPath now mirrors __validateLegacyPiPackageRootOverrides (#2168) by dropping the override when the shim file is missing, so a missing shim falls through to native node_modules resolution instead of emitting a dead bunfs URL (#3414).
  • Fixed every legacy @(scope)/pi-* and @sinclair/typebox import failing to load on the omp-darwin-arm64 release binary (and any other omp built with Bun 1.3.14). __validateLegacyPiPackageRootOverrides and the rewriteLegacyPiImports emit path both depended on --compile extras being reachable as /$bunfs/root/... filesystem entries, but Bun 1.3.14 stopped exposing them through every API (fs.existsSync, Bun.file().exists(), Bun.resolveSync, await import() on the bunfs path or its file:// URL all fail; only /$bunfs/root/<binary-name> itself answers). legacy-pi-compat.ts now keeps a JS-heap reference to every bundled pi-* surface in a lazy-loaded sibling legacy-pi-bundled-registry.ts and serves them through an omp-legacy-pi-bundled: virtual namespace whose Bun.plugin().onLoad returns synthetic re-exports — no bunfs path ever leaves the module in compiled mode, and dev / source-link / installed-package modes keep the historical file:// rewrite. The matching --compile extras in scripts/build-binary.ts, the shared scripts/binary-entrypoints.ts list, and the dead BUNFS_PACKAGE_ROOT / bunfsPath / __computeBunfsPackageRoot / __joinBunfsPath helpers are gone. (#3423)

What's Changed

  • fix(agent): preserve append-only log prefix on in-place message rewrites by @roboomp in #3409
  • fix(release): restored legacy pi-compat --compile entrypoints in release builds by @roboomp in #3417
  • fix(ai): disable Codex lite for image prompts by @roboomp in #3422
  • fix(coding-agent): served bundled pi-* through virtual ns on bun 1.3.14 by @roboomp in #3429

Full Changelog: v16.1.17...v16.1.18

Check out latest releases or
releases around can1357/oh-my-pi v16.1.18

Don't miss a new oh-my-pi release

NewReleases is sending notifications on new releases.

Get notifications