Upgrade LiteLLM to 1.88.1 so Agent Zero is above the CVE-2026-42271 patched floor, and move the OpenAI SDK pin to 2.41.1 to satisfy LiteLLM's new dependency range.
Pin Starlette to the patched 1.0.1 release for the Host-header request.url.path advisory.
Fold requirements2.txt back into requirements.txt now that browser-use is no longer part of the repo dependency set, and update installer and setup docs to use a single requirements file.
Route Agent Zero turns through a LiteLLM transport layer that prefers the Responses API while preserving chat-completions fallback for providers without compatible endpoints.
Persist Responses metadata in history and agent state so provider-state continuation, local replay, native function-call execution, and stored-response cleanup survive normal chat workflows.
Normalize prompt caching by provider: OpenAI and Azure use prompt_cache_key and prompt_cache_retention, while Anthropic, Gemini, Bedrock, OpenRouter, and compatible chat providers keep block-level cache_control breakpoints and cached tool definitions.
Use the shared inline confirmation helper for configured MCP server removal and keep the delete icon neutral until confirmation.\n\nApply confirmed removals immediately, refresh server status from the apply response, guard against stale/double actions, and document the new MCP manager behavior.
Revamp the global and project MCP manager surfaces with list-first layout, clearer examples, a dedicated scanner modal, manager/raw toolbar parity, and local-command-first server creation.\n\nAdd server and tool search, plugin-style enable toggles, per-tool disabled_tools handling in the MCP backend, internal A0 MCP tool search, regression coverage, and updated DOX contracts.
Add project-scoped MCP server configuration with global/project merge semantics, a richer settings UI, and chat composer access. Introduce MCP config scanning plus project-aware status/detail/log/apply APIs while preserving the raw JSON editor. Strengthen MCP runtime handling for dotted tool names, timeouts, status accuracy, and project-aware tool execution, with focused regression coverage.
Add selectable workspace support to the Time Travel plugin and introduce normalized global LiteLLM configuration handling.
models.py: add DEFAULT_LITELLM_GLOBAL_KWARGS and helpers to normalize, load, apply, and merge LiteLLM global kwargs; call configure_litellm/set per-call merges in LiteLLM wrappers so framework defaults, configured globals, and per-call overrides combine correctly. Add tests to assert merging and runtime application.
plugins/_time_travel: update docs and plugin metadata to describe workdir/project selection. API handlers now accept workspace_id and a new history_workspaces endpoint lists selectable workspaces. helpers/time_travel: implement workspace listing, selection, and resolution logic (workdir/project options, availability/locking, default selection). UI: add workspace picker to time-travel panel, wire selection/load into time-travel store, pass workspace_id to API calls, and add click hook to open the panel. Update styles and refresh/load behavior accordingly.
Tests: extend tests for LiteLLM global kwargs merging and adapt stream test to expect merged params; add tests for selectable workspaces, default selection, and locked external workdir handling.
Add settings sidebar search with filtered section results and clear affordance. Decouple sidebar accordion expansion from the active section so groups can be opened or collapsed manually. Keep the settings menu/search column fixed while the content pane scrolls, and promote Backup & Restore to its own section under Self Update.
Add a core startup migration that refreshes /exe/self_update_manager.py from the repository copy when the installed runtime updater is missing the socket-safe backup and Desktop cleanup markers.
Validate the source updater before replacing anything, preserve the previous runtime script as a backup, and leave current or non-regular targets untouched. Add regression coverage for stale runtime replacement, safe no-op/refusal paths, and the real repository updater source.
Add comprehensive file-level DOX documentation across the repo and update directory AGENTS.md indexes. Many new `*.py.dox.md` files were added under api, helpers, tools, plugins, extensions, webui, and other dirs to document endpoint purpose, ownership, runtime contracts, work guidance, and verification. Several AGENTS.md files were created or updated (agents profiles, api, docker, extensions, helpers, plugins, skills, webui components, etc.) to list child DOX files and clarify documentation/work guidance. Also add example and bundled profile DOX files (agent0, default, developer, hacker, researcher) and minor updates to helpers/dirty_json.py and its tests. These changes improve on-disk documentation coverage and establish the convention that each direct runtime file should have a matching `*.dox.md` describing its contracts and verification steps.
Add direct directory navigation to the file browser path bar and preserve the current listing when typed paths fail.
Add a default-enabled setting to remember the last successful file browser directory, while keeping explicit open paths deterministic.
Move the Editor preview/source toggle into the left-side toolbar cluster so mode switching sits with editing controls. Add a dedicated right-side Save button and remove Save from the overflow menu, leaving the menu for rename and close actions. Cover the toolbar placement with a static regression test.
Open the Editor file browser from the active project context before falling back to the configured workdir. Keep manual Editor launches on the empty start page instead of auto-creating blank Markdown files, while preserving explicit Markdown creation from the empty state. Add static regression coverage for both behaviors.
Normalize active Remote Control URLs to same-origin values before adding them to CSRF allowlists, so Tailscale Funnel URLs with paths or trailing slashes can bootstrap tokens correctly.
Allow WebSocket origin validation to trust only the currently active Remote Control origin, including Docker split-process tunnel service URLs, while preserving rejection for unrelated external origins.
Add focused regression coverage for active Tailscale-style origins, tunnel-service origin lookup, and negative cross-origin cases; keep run_ui decorator re-exports compatible with existing CSRF tests.
Update the OAuth settings poller to wait for the provider interval, carry slow_down interval updates forward, and respect provider expiration times so GitHub Copilot device-code auth can complete after browser authorization.
Dispatch the legacy device-login endpoint by provider_id and add regressions plus DOX guidance for provider-aware device polling.
Move device-code, manual callback, and setup controls into the provider row that started the OAuth flow so pending state stays anchored to its provider.
Add static coverage and plugin DOX guidance for inline provider detail rendering.
Remove the static OAuth API-key placeholder from provider defaults and gate the runtime dummy key on provider connection status.
This keeps unconnected OAuth providers blank in API-key surfaces while preserving the local proxy shim for connected account-backed providers. Update OAuth docs and regressions for the new contract.
Add connected-account provider dropdowns for Main and Utility model slots in OAuth settings. Keep model search and selection scoped to each slot's chosen provider so multiple connected OAuth accounts can be used independently.
Bound _a0_connector context snapshots and live stream reads so long chats are replayed in small WebSocket frames instead of one oversized payload.
Replay remaining historical entries as connector_context_snapshot pages before switching to live connector_context_event streaming, and preserve LogOutput.end cursor semantics throughout.
Return users to their original requested page after login, with robust same-origin validation to prevent open redirects.
Co-Author Agent Hero <agent-hero@neurocis.ai>
Flatten dropped or selected folders into ordinary file attachments while preserving basename display and existing multi-file upload behavior.
Make the composer attachment menu actions open their hidden file inputs directly, and label them as Attach files and Attach folder.
Reuse the DocumentQueryStore per chat context so repeated document_query calls can see an existing vector DB instead of re-parsing and re-embedding the same document every time.
Add a regression test that proves a second store lookup in the same context reuses the indexed document while a separate context stays isolated.
Stop forcing the bundled Office, Desktop, and Editor plugins on by setting their manifests to always_enabled: false. This restores normal plugin activation controls while preserving explicit manifest intent.
Disable LiteParse OCR automatically for PDFs at or above the configured page threshold, independent of sampled text density. Add adaptive index chunk sizing for large extracted documents so first-run document_query calls avoid spending the full batch timeout embedding thousands of small chunks. Update the settings UI, README, dependency hook, and regression tests for the new behavior.
Load OAuth account providers from the status API on the path, cloud, and setup steps instead of relying on a Codex-only strip. Support provider-specific setup fields, device-code and browser callback flows, model loading by provider, the local DeepSeek icon, and the polished account heading copy.
Add a shared provider-registry-backed OAuth status summary for the status API and discovery cards. Redesign the OAuth settings modal around provider rows, inline usage, provider details, and account-backed model slots while keeping legacy Codex compatibility fields intact.
Add support for including a top-level AGENTS.md in a project's system instructions while keeping backwards-compatible defaults. Introduces include_agents_md project metadata (defaults to true), normalization and save logic, and helper functions to discover and format AGENTS.md and other instruction files into the system prompt. Updates build_system_prompt_vars to assemble instruction parts, adds UI checkbox in project edit form, normalizes defaults in the projects store, and adds tests for the new behavior. Also documents the compatibility rule in AGENTS.md and adds a small prompt rule reminder.
Expose the Core Agent Zero version from both connector capabilities and connector_hello so A0 CLI clients can warn when they are older than the connected server.
Send the normal _code_execution timeout group to connected A0 CLI sessions for terminal, Python, Node.js, input, and output remote execution. Size the plugin-side wait budget from the selected timeout group with a small transport grace period and update the tool prompt to steer long-running work toward output polling.
Add prompt-only guidance that treats memory timestamps as soft recency signals instead of hard TTLs. Encourage newer/current facts to win for mutable conflicts while preserving old durable preferences or project facts unless current evidence shows they are stale, false, superseded, duplicated, or unwanted.
Move the concrete verification and final-report guidance into the default solving prompt so generic Agent Zero carries the coding-harness habit. Shrink the developer profile copy to a profile-scale reminder that extends the core discipline without duplicating a long checklist.
From testing and benchmarks, telling the agent what memory_forget is for more explicitly helps with memory consolidation, which lacks part of the awareness about stale (duplicates are usually well-covered).
Filter passive fragment memories before consolidation so action history, temporary artifacts, local runtime coordinates, and personal absolute paths do not get saved automatically.
Tighten memory utility prompts toward durable preferences, stable project facts, recurring constraints, and reusable solutions while keeping explicit memory_save behavior unchanged. Add focused tests for fragment quality gating.
Raise bundled defaults and fallback timeout tuples for normal and output runtimes so builds, installs, servers, tests, and training jobs have room to stream or poll without premature timeout.
Document the long-running work behavior while keeping normal command execution bounded and directing extended work toward output polling.
Generalize benchmark lessons into prompt guidance for reading specs and tests first, making narrow edits, verifying exact artifacts, cleaning temporary work, recovering from tool failures, and avoiding success claims after partial output or timeouts.
Update the developer profile to skip unnecessary interviews for clear bounded tasks while keeping structured clarification for broad mandates. Add code-execution prompt guardrails for long-running and exact-output work without encoding benchmark-specific answers.
Keep model config markup focused on setup and let the store own settings-object lifecycle hooks. This initializes UI-only kwargs fields after scope loads while preserving dirty tracking for reset/default changes.
Extend the self-update preflight cleanup to cover current Desktop profile state, retired Desktop state, and legacy Office-owned Desktop profile state.
Remove transient .ssh/agent entries and non-regular .gnupg/S.gpg-agent* sockets before usr backup while preserving GnuPG key material such as pubring.kbx and private-keys-v1.d. Add regression coverage for the v1.13 legacy profile layout that can block upgrades.
- replace the Visible/Pinned mode switch with a single continuous skills view
- show pinned skills first, then all skills below a divider with line-based rows instead of boxed cards
- keep pinning on the checkbox and move hide/show into an inline eye control for each skill
Return the WebUI chat number alongside the honest chat name from chat_get and chats_list.
Pass through project metadata so terminal clients can show project-aware context tabs without deriving labels from timestamps or context ids.