github code-yeongyu/oh-my-openagent v4.2.3
on GitHub

3 hours ago

🏗️ Package Layering + Security Hardening

96 commits, 296 files, +12.8k / -4.3k lines. This release extracts two new workspace packages (rules-core, ast-grep-mcp), closes a security hole in rule file discovery, and hardens every internal prompt dispatch path that was still flaky after v4.2.0's gate.

📦 Two New Workspace Packages

packages/rules-core — Rule discovery, matching, caching, and nested AGENTS.md context resolution extracted from the monolith into a standalone package with zero harness imports. This is the first concrete step of the ROADMAP multi-harness refactor: rules-core can now be consumed by any agent harness, not just OpenCode.

packages/ast-grep-mcp — The native src/tools/ast-grep tool (with its NAPI binary dependency) is gone. AST-grep is now served as a built-in MCP server. User-facing tool names (ast_grep_search / ast_grep_replace) and disabled_tools config are preserved — nothing changes on the user side, but the binary bootstrapping is cleaner and the tool runs in its own process.

🔒 Symlink Escape Security Fix

Rule file discovery (findRuleFiles) now validates that every resolved path stays inside the workspace boundary. A hostile repo could previously point .github/copilot-instructions.md or .omo/rules/* at arbitrary host files (like ~/.ssh/id_rsa) via symlinks. Both individual file and directory scanning paths are now guarded.

🧠 Prompt Gate & Runtime Fallback Hardening

The prompt-async-gate introduced in v4.2.0 got a full second pass:

  • DEFAULT_PROMPT_ASYNC_POST_DISPATCH_HOLD_MS raised from 250 ms to 2,000 ms — catches slow-provider session.error arrivals that the original window missed
  • Runtime fallback now recognizes all OpenCode progress event shapes (message.part.updated, deltas, finished markers) — no more false-negative retry triggers on sessions that are actually making progress
  • Team-mode message delivery races closed: reservation release on ambiguous failures, live delivery holds preserved after prompt failures
  • Context recovery handles idle sessions; synthetic status: idle events now correctly trigger idle hooks

🌐 Web Overhaul

The marketing site (packages/web/) got a full decomposition and polish pass: 832-LOC landing page split into 10 components, 358-LOC manifesto into 9, design system tokens extracted into DESIGN.md, WCAG 1.3.1 fix (nested <main>), hero CTA now links to installation docs, and a responsive test matrix covering 6 viewports x 4 locales x 2 pages.

📝 Misc

  • Comment-checker now parses apply_patch payloads (catches AI slop in patch-style edits, not just plain writes)
  • Rules-injector transcript hydration: dedup cache seeded from session transcript after compaction, preventing duplicate injections
  • .sisyphus/rules discovery restored with deprecation warning (planned removal v4.3.0)
  • LSP MCP bootstrap fallback when CLI binary is unavailable

Minor Compatibility and Stability Release

This release carries compatibility-facing behavior changes and operational hardening. Read the summary below before upgrading or publishing.

  • Rename transition updates across package detection, plugin/config compatibility, and install surfaces.
  • Task and tool behavior updates, including delegate-task contract and runtime registration behavior.
  • Task-system default behavior alignment so omitted configuration behaves consistently across runtime paths.
  • Install and publish workflow hardening, including safer release sequencing and package/install fixes.

Commit Summary

  • 4e4bb36 docs(release): finalize v4.2.3 release notes
  • fbcc143 fix(runtime-fallback): recognize completion progress events
  • 2f5fc7c fix(rules-core): block symlinked rule directory escapes
  • 330e437 docs(agents): regenerate hierarchical AGENTS.md for 2026-05-20
  • 39aadbf fix(context-recovery): handle idle sessions
  • caa751a @jeongjin0 has signed the CLA in #4206
  • c197c24 docs(agents): require merge commits for PRs
  • 2339606 docs(release): expand v4.2.3 CHANGELOG and add OmO logo to README.ru.md
  • a0d75d1 docs(prompt-gate): document DEFAULT_PROMPT_ASYNC_POST_DISPATCH_HOLD_MS 250 -> 2000
  • b24dc6e fix(rules-core): isolate package + block symlink escape from rule sources
  • 89f6902 Merge pull request #4205 from code-yeongyu/fix/comment-checker-apply-patch-payloads
  • b527725 Merge pull request #4203 from code-yeongyu/fix/continuation-prompt-dispatch-20260520051014
  • 3bd6302 fix(comment-checker): handle apply_patch payloads
  • 7d9cc4f Merge pull request #4204 from code-yeongyu/hotfix/og-static-deploy-fix
  • 6fd5e7c fix(web): switch OG image from next/og to static PNG file convention
  • 5154ab4 Merge pull request #4202 from code-yeongyu/feature/web-portfolio-refinement-20260520
  • e9c44dd fix(web): drop nested on manifesto (WCAG 1.3.1)
  • f5d5e98 fix(web): hero Get Started CTA -> /docs#installation (closes #3848)
  • 0ebba9e fix(rules-injector): retry storage writes after cleanup race
  • 4a72729 fix(plugin): run idle hooks for synthetic status idle
  • 64997d5 test(web): responsive matrix — 6 viewports x 4 locales x 2 pages
  • 623af75 feat(web): dynamic OG + Twitter card images via next/og
  • 022eb78 refactor(web): decompose 358-LOC manifesto into 9 section components
  • 4d5f58f refactor(web): decompose 832-LOC landing into 10 section components
  • 78ca837 style(web): extract design system tokens + DESIGN.md
  • 7e0406f fix(web): UX/a11y polish + middleware metadata route fix
  • 68b80e0 perf(web): optimize CI + build pipeline
  • 9799c54 chore(web): remove dead deps + safe version bumps
  • faf2b02 fix(lsp): update lsp-tools-mcp cleanup
  • 18b5891 docs(reference): cross-module rules injection comparison report
  • fbe423a feat(rules-injector): hydrate dedup cache from session transcript
  • 4de2782 Merge pull request #4201 from code-yeongyu/fix/test-isolation-cross-test-state-leak
  • f8d04d7 fix(test-isolation): isolate rules injector storage and fixture home
  • c6dc266 test(test-isolation): add diagnostic regression test for cross-suite leak
  • 504a777 Merge pull request #4200 from code-yeongyu/fix/rules-core-restore-sisyphus-with-deprecation-warning
  • dd9dd42 Merge pull request #4199 from code-yeongyu/fix/parent-wake-same-source-reservation-requeue
  • 12aaff2 test(rules-core): isolate sisyphus deprecation warning assertion
  • 53ddc47 test(rules-injector): align duplicate-cache mock types
  • d92894a docs(changelog): document .sisyphus/rules restoration and planned removal in v4.3.0
  • 1bab6ec fix(rules-core): restore .sisyphus/rules discovery with deprecation warning (planned removal v4.3.0)
  • 7ffe823 test(rules-core): add red tests for restored .sisyphus/rules discovery + deprecation warning (BUG-G)
  • 11d2cfb fix(background-agent): re-enqueue parent wake on same-source reservation instead of dropping
  • ee8b80a test(background-agent): add red test for parent-wake drop on same-source reservation hold (BUG-E)
  • 1760ffb Merge pull request #4196 from code-yeongyu/fix/rules-core-fallback-to-workspace-when-no-project-root
  • 1f9a581 fix(rules-core): fall back to workspace directory when no project root marker is found
  • 2c62e72 test(rules-core): add red test for project rule discovery in markerless workspaces (BUG-F)
  • 913cc08 Merge pull request #4198 from code-yeongyu/fix/ast-grep-mcp-allow-absolute-paths-inside-workspace
  • 4c7d7e8 Merge pull request #4197 from code-yeongyu/fix/prompt-gate-event-shapes-and-finish-marker
  • bd2823e Merge pull request #4195 from code-yeongyu/fix/team-send-message-ambiguous-delivery-loss
  • 9cdcb42 revert(agents-md): restore ROADMAP warning banner unrelated to this PR
  • 2ea2159 fix(ast-grep-mcp): allow absolute paths whose realpath is inside the workspace
  • b2e42e1 test(ast-grep-mcp): add red test for absolute paths inside workspace
  • f8f4b57 fix(runtime-fallback,prompt-gate): recognize all OpenCode progress event shapes and boolean/completed finish markers
  • 20efb79 test(runtime-fallback,prompt-gate): add red tests for event-shape and finish-marker blind spots (BUG-C+D)
  • da5aa7f test(team-mode): allow reclaimed reservations to stay readable
  • 579b8c3 docs(AGENTS.md): add aggressive refactoring-in-progress warning
  • f79da77 test(team-mode): decouple resume history fixture from session routing
  • af42f0a test(team-mode): stabilize resume stale reservation history check
  • 655dffb fix(team-mode): release reservation on ambiguous failure, commit on success-path mark failure
  • 7adb833 test(team-mode): add red tests for ambiguous delivery loss (BUG-A + BUG-B)
  • 847a8db fix(runtime-fallback): preserve accepted pending retries
  • 6df148f fix(team-mode): close peer message delivery races
  • d3e218f fix(prompt): treat post-dispatch failures as accepted
  • f540249 docs(readme): add OmO logo to hero section
  • b2918fd fix(team-mode): close peer message delivery races
  • bcea4a9 fix(prompt-gate): harden sync and team prompt dispatch
  • 1492bff fix(prompt-gate): harden internal prompt dispatch
  • 6c63372 @lang-911 has signed the CLA in #4186
  • 22cf4fc @devswha has signed the CLA in #4181
  • 49066e7 @JacobZyy has signed the CLA in #4180
  • 3dd4142 fix(rules): drop legacy sisyphus rule sources
  • 7db3a7f fix(team-mode): preserve live delivery holds after ambiguous prompt failure
  • bb75751 fix(babysitter): avoid double prompt gate
  • 44ef5de fix(runtime-events): honor OpenCode progress shapes
  • 38462aa fix(recovery): avoid duplicate continuation prompts
  • e57bac3 fix(prompt-retry): preserve async holds without blocking validation fallbacks
  • 5f733f4 fix(parent-wake): recognize sdk tool progress
  • 67bd324 fix(runtime-fallback): keep pending retry state on gate skip
  • 98c3fee fix(prompt-gate): detect finish-only tool waits
  • d3d2d49 fix(parent-wake): preserve stale tool-call wake escape
  • dfc2e8e fix(prompt-retry): preserve peer prompt reservations
  • b53a8b5 fix(parent-wake): close duplicate wake races
  • f5f358a fix(prompt-gate): ignore internal user tails in tool waits
  • 63e4198 @jangByeongHui has signed the CLA in #4176
  • 1f3245e Merge pull request #4175 from code-yeongyu/fix/anthropic-assistant-prefill-tail
  • 5f0e037 fix(plugin): cover Anthropic-family prefill guard
  • 45d670a fix(plugin): constrain Anthropic prefill guard
  • 3509bf4 fix(plugin): guard Anthropic assistant prefill tails
  • 35d40cf Merge pull request #4173 from code-yeongyu/roadmap-refactor
  • ff78aed docs: add ROADMAP.md with package layering refactor plan
  • 33b6637 fix(background-agent): defer live tool-turn wakes
  • 6915f15 fix(todo-continuation): cancel stale ULW countdown
  • 37bd866 Merge pull request #4155 from code-yeongyu/feature/rules-astgrep-packages-20260518
  • d8f6d59 docs: update rules and MCP inventories
  • 06f6709 build: wire ast-grep MCP into release gates
  • 05c09c1 fix(doctor): list all built-in MCP servers
  • a86cc6a refactor(tools): remove native ast-grep tool
  • ef09880 feat(mcp): register ast-grep as built-in MCP
  • 499aff0 feat(mcp): add package-backed ast-grep MCP
  • 4ea29e2 refactor(rules): delegate injectors to rules-core
  • fb7d47f feat(rules): add shared rules-core package
  • 472c293 chore(packages): declare shared tool workspaces
  • 25171a6 chore(hashline): update fixture dependencies
  • a6f1950 fix(web): restore navigation smoke coverage
  • 9a9d9bd fix(web): adapt build tooling
  • 92a5a44 chore(web): update web dependencies
  • f925d13 chore(deps): update root dependencies
  • 6fe2f72 fix(mcp): bootstrap lsp when cli is unavailable
  • f6fba0b chore(deps): bump @code-yeongyu/comment-checker to 0.8.0
Check out latest releases or
releases around code-yeongyu/oh-my-openagent v4.2.3

Don't miss a new oh-my-openagent release

NewReleases is sending notifications on new releases.

Get notifications