github diegosouzapw/OmniRoute v3.6.8
on GitHub

10 hours ago

✨ New Features

  • feat(providers): Support xhigh reasoning tier exclusively on Claude models that expose it (#1356)
  • feat(providers): Add CC Compatible connection-level 1M context toggle (#1357)
  • feat(core): Add full support for Node.js 24 LTS (Krypton) environments with continuous integration coverage (#1340)
  • feat(dashboard): Display Antigravity credit balance in dashboard Limits & Quotas (#1338)
  • feat(i18n): Add internationalization support for combo features and dashboard components; sync translations across 31 keys (#1318)
  • feat(providers): Add Claude Opus 4.7 to Claude Code OAuth models natively with extended context and caching (#1347)
  • feat(core): Add stopSequences support and expand tool definitions to include Google Search capabilities
  • feat(auth): Enforce dashboard session authentication on all management API routes, preventing unauthenticated access to configuration endpoints
  • feat(runtime): Add hot-reloadable guardrails and model diagnostics for real-time rule evaluation without restarts
  • feat(core): Add payload rules, tag-based routing, and scheduled budget systems for fine-grained request governance
  • feat(providers): Expose Antigravity preview model aliases and Gemini CLI onboarding flow for first-time setup
  • feat(antigravity): Add client model aliases and thoughtSignature bypass modes for Antigravity OAuth connections
  • feat(providers): Expand image provider registry with extended model support including SD3.5, FLUX, and DALL-E 3 HD configurations
  • feat(combos): Add new routing strategies and full i18n support for agent features section across 31 languages

🔒 Security

  • security: Resolve 18 GitHub CodeQL scan alerts including ReDoS, incomplete sanitization, and bad HTML filtering regexp patterns
  • fix(auth): Seal privilege escalation vector by enforcing JWT session checking exclusively on /api/keys management endpoints (#1353)
  • fix(providers): Resolve Codex token refresh race condition via mutex getAccessToken preventing refresh_token_reused Auth0 revocations

🔧 Maintenance & Architecture

  • refactor(core): Split CLI runner and decouple migration engine for extensibility (#1358)
  • refactor(audit): Rewire audit dashboard from dead in-memory configAudit store to live SQLite audit_log table — 331+ hidden compliance entries now visible in /dashboard/audit
  • build(deps): Bump softprops/action-gh-release from v2 to v3
  • ci: Bump GitHub Actions CI node-version to Node.js 24 natively
  • fix(types): Resolve TypeScript compilation errors in claudeCodeCompatible.ts (type predicates, cache_control index access) and proxyFetch.ts (signal nullability)

🐛 Bug Fixes

  • fix(context): Scale reserved context tokens dynamically using a 15% sliding window for smaller models
  • test(core): Replace unit test with integration test for proactive context compression to align with isolated runner rules (#1378)
  • fix(services): Pass origin provider to refreshWithRetry to avoid tripping the generic "unknown" circuit breaker (fixes Codex accounts erroneously disabling)
  • fix(db): Prevent native module ABI load crashes from assuming database corruption and skipping databases
  • fix(db): Increase mass-migration threshold from 5 to 50 pending migrations to protect legacy users upgrading node
  • fix(db): Prevent migration runner safety aborts from triggering on fresh DATA_DIR installations by detecting new databases (#1328)
  • fix(mcp): Checkpoint and close MCP audit SQLite database safely on process signals and shutdown (#1348)
  • fix(mcp): Fully decouple MCP audit SQLite connection caching via globalThis to fix unhandled teardown in standalone Next.js chunks (#1349)
  • fix(cli): Avoid creating app router directory during postinstall initialization on non-built source trees (#1351)
  • fix(codex): Correctly translate system role to developer in input array to unlock GPT-5 automatic prompt caching (#1346)
  • fix(core): Pass client headers to executor in chatCore (#1335)
  • fix(providers): Separate test batch calls and ignore unknown connections
  • fix(providers): Add grok-web SSO cookie validation handler (#1334)
  • fix(db): Preserve key_value settings (dashboard passwords, saved aliases) across DB heuristic recreation cycles (#1333)
  • fix(routing): Allow combo fallback to cascade context overflow 400 errors instead of immediate aborts (#1331)
  • fix(core): Resolve thinking leaks, consecutive roles, and missing thoughtSignatures for Antigravity translator (#1316)
  • fix(translator): Only apply thoughtSignature to the first functionCall part in Gemini parallel tool calls, preventing duplicate signatures
  • fix(providers): Default to batch testing execution blocks for web, search, and audio modalities to prevent connection timeouts
  • fix(cli): Resolve Node 22 TS entrypoint incompatibility by using esbuild compilation (#1315)
  • fix(chat): Preserve max_output_tokens for Responses API targets in chatCore sanitization (#1313)
  • fix(api): API Manager usage stats showing 0 for all registered keys (#1310)
  • fix(api): Support image-only models in catalog and allow authless search providers to bypass validation requirements
  • fix(routes): Require prompts for media generation requests (/images, /videos, /music), returning 400 on missing payloads
  • fix(dashboard): Auto-scroll ActivityHeatmap to show current date (#1309)
  • fix(dashboard): Restore horizontal layout with w-max wrapper in heatmap components
  • fix(i18n): Update nodeIncompatibleHint to recommend Node 24 LTS across all 31 languages
  • fix(i18n): Add Chinese i18n support to remaining dashboard components (Loading.tsx, DataTable, etc.)
  • fix(requestLogger): Add missing cacheSource and tps columns to i18n log detail views
Check out latest releases or
releases around diegosouzapw/OmniRoute v3.6.8

Don't miss a new OmniRoute release

NewReleases is sending notifications on new releases.

Get notifications