Commit graph

65 commits

Author SHA1 Message Date
github-actions[bot]
1cb49dba5b
ci: release packages (#678)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-12 17:43:06 +08:00
liruifengv
8d251f8ab4
feat(config): tolerate invalid config.toml sections instead of failing startup (#689)
* feat(config): tolerate invalid config.toml sections instead of failing startup

Schema errors now drop only the offending sections (single entries for
providers/models) with a warning, so a typo no longer prevents startup or
drops the login state. TOML syntax errors still fail fast with the parse
location. Mid-run reloads keep the last good config when the file breaks.

Warnings surface via the new getConfigDiagnostics API: as a startup notice
in the TUI, on stderr in print mode, and in the status bar after /new.

Write paths stay strict so a broken file is never silently rewritten, and
now fail with a short actionable message instead of raw validation JSON;
the /provider TUI flow and the kimi provider CLI report these errors
instead of crashing on an unhandled rejection.

* fix(config): keep entry-keyed sections when one entry has multiple issues

A providers/models entry with several validation issues was deleted by the
first issue, and the remaining issues from the same safeParse pass then
escalated to deleting the entire section — one badly-typed custom provider
could drop every provider, including the managed OAuth login. Issues on
entry-keyed sections now only ever target the entry itself; once it is
gone, later issues are no-ops.
2026-06-12 15:56:13 +08:00
7Sageer
c1191f5794
test: redact internal endpoint fixtures (#688) 2026-06-12 15:05:26 +08:00
_Kerman
dff9fd4e32
chore: use raw query imports for prompt sources (#682) 2026-06-12 11:47:44 +08:00
github-actions[bot]
0a3e87f05a
ci: release packages (#629)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-12 10:54:44 +08:00
_Kerman
588cdaa152
chore: remove pnpm catalog usage (#653) 2026-06-11 17:21:42 +08:00
_Kerman
54302ad612
fix: scope interactive agent requests (#648) 2026-06-11 15:37:09 +08:00
Haozhe
4603d8ad6e
feat(protocol): extract shared protocol package from agent-core (#612)
* feat(protocol): extract shared protocol package from agent-core

- add `@moonshot-ai/protocol` package with REST/WS schemas, envelopes, error codes, event types, and display schemas\n- migrate agent-core `events.ts` and `display/schemas.ts` to re-export from protocol
- add centralized `onUnexpectedError` handler for safe emitter listener callbacks
- reject forkSession when source session has an active running turn
- add protocol schema tests and unexpectedError handler tests
2026-06-10 14:03:38 +08:00
liruifengv
32d7080837
fix(skill): clarify active skill prompts (#598)
* fix(skill): clarify active skill prompts

* fix(skill): preserve nested skill trigger
2026-06-10 12:46:23 +08:00
github-actions[bot]
25cf13ac97
ci: release packages (#588)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-10 10:47:32 +08:00
7Sageer
e48234af57
fix: avoid Windows command shim launches (#591) 2026-06-09 20:20:44 +08:00
github-actions[bot]
20f7aa337a
ci: release packages (#491)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-09 11:54:52 +08:00
liruifengv
d7407b0ecf
feat: release experimental features (#569)
* feat: release experimental features

* refactor: remove redundant goal runtime gate

* refactor: remove unused skill flag plumbing

* feat: keep micro compaction opt-out
2026-06-09 11:42:50 +08:00
_Kerman
db82e33a20
fix: restore goal resume state from agent records (#552) 2026-06-09 10:02:19 +08:00
Haozhe
879a7eeb33
fix(acp): restore legacy permission compatibility and stabilize ACP (#395)
* feat(acp-adapter): support embedded resource prompts

- advertise embeddedContext support in ACP capabilities and docs
- convert file:// resource_link blocks into decoded paths with optional line ranges
- keep XML wrappers for non-file or unparseable resource_link URIs
- update adapter tests for the new resource link behavior

* feat(acp-adapter): add ACP built-in slash command routing and UNC path support

- add local execution for /compact, /status, /usage, /mcp, /tasks, /help in ACP sessions
- surface unknown slash commands as local errors instead of forwarding to model\n- export ACP_BUILTIN_SLASH_COMMANDS from acp-adapter for CLI reuse
- fix file:// URI conversion for Windows UNC paths
- rebuild agent builtin tools on session tool kaos rebind
2026-06-08 19:27:20 +08:00
liruifengv
5cff6d6027
fix: honor KIMI_CODE_HOME for global agent resources (#544) 2026-06-08 17:42:03 +08:00
_Kerman
72c4b0adaa
feat: agent swarm (#424) 2026-06-08 14:26:56 +08:00
Kai
4d113949c8
feat: honor HTTP_PROXY/HTTPS_PROXY/NO_PROXY for all outbound traffic (#487)
* feat: honor HTTP_PROXY/HTTPS_PROXY/NO_PROXY for all outbound traffic

Install a global undici dispatcher at CLI startup so every in-process fetch
(LLM APIs, MCP HTTP, web tools, telemetry, sign-in, update checks) honors the
standard proxy variables, and propagate NODE_USE_ENV_PROXY to spawned stdio
MCP child processes. Loopback hosts always bypass the proxy; an invalid proxy
URL is reported and ignored rather than aborting startup.

* feat: support SOCKS proxies via ALL_PROXY

Recognize SOCKS proxies (socks5/socks5h/socks4/socks alias) from ALL_PROXY or a
socks-scheme HTTP(S)_PROXY, routing traffic through a custom undici connector
backed by the socks client (reusing undici's own TLS handling for https).
HTTP(S) proxies keep precedence; NO_PROXY and loopback are honored for the SOCKS
path too. Child stdio MCP node processes honor HTTP(S) proxies via
NODE_USE_ENV_PROXY; SOCKS applies to the main process only.

* fix: address proxy review comments (env masking, child NO_PROXY, nix hash)

- Resolve HTTP(S)_PROXY explicitly via the first non-blank casing so a blank
  lowercase var can no longer mask a populated uppercase one (the dispatcher
  installed but went direct), and coerce a SOCKS-scheme value sitting in an
  HTTP(S) var to '' so it is never handed to EnvHttpProxyAgent.
- Reconcile a child's NO_PROXY override across both casings using the first
  non-blank value run through resolveNoProxy, so a per-server config override
  is not shadowed by the injected lowercase value, keeps the loopback bypass,
  and passes '*' through verbatim.
- Update flake.nix pnpmDeps hash for the added socks/undici dependencies.

* fix(proxy): honor http ALL_PROXY, match port-qualified NO_PROXY, note child Node version

- Honor an http-scheme ALL_PROXY as the catch-all fallback for both http and
  https (scheme-specific HTTP(S)_PROXY still wins), so an ALL_PROXY-only setup
  no longer installs a no-op dispatcher and connects direct.
- Make the SOCKS-path NO_PROXY matcher port-aware: a `host:port` entry now
  matches only that port (with IPv6-safe parsing for `::1` / `[::1]:443`).
- Document that child stdio MCP proxying via NODE_USE_ENV_PROXY only applies on
  Node versions that support it (>= 22.21 / >= 24.5).

* fix(proxy): IPv6 + wildcard NO_PROXY and per-server child proxy edges

- Strip IPv6 brackets from a SOCKS proxy host (e.g. ALL_PROXY=socks5://[::1]:1080)
  so the socks client connects to the bare address.
- Add the bracketed [::1] to the loopback bypass: undici's EnvHttpProxyAgent
  only exempts IPv6 loopback when the NO_PROXY entry is bracketed (it mis-parses
  bare ::1). The SOCKS-path matcher normalizes brackets on both sides.
- Match *.domain wildcard (and host:port) NO_PROXY entries in the SOCKS matcher.
- Compute the child stdio proxy env from the MERGED env so a proxy declared only
  in a server's config.env also enables NODE_USE_ENV_PROXY.

* fix(proxy): synthesize HTTP(S)_PROXY from ALL_PROXY for child processes

proxyEnvForChild now hands spawned stdio MCP children the resolved
HTTP_PROXY/HTTPS_PROXY (in both casings), synthesizing them from an http-scheme
ALL_PROXY when no scheme-specific variable is set. Node's --use-env-proxy reads
HTTP_PROXY/HTTPS_PROXY (not ALL_PROXY), so an ALL_PROXY-only parent now proxies
the child consistently with the main process. Shared resolveHttpProxyUrls helper
is reused by createProxyDispatcher and proxyEnvForChild.

* chore(changeset): tighten proxy changeset wording
2026-06-06 01:44:54 +08:00
_Kerman
aa610e247d
feat: use fixed 30-minute subagent timeout (#470) 2026-06-05 15:59:10 +08:00
github-actions[bot]
12d062d48e
ci: release packages (#390)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-04 21:45:01 +08:00
liruifengv
6a4e4c75d4
feat(cli): add doctor command for config validation (#431)
* feat(cli): add doctor command for config validation

* fix(cli): format doctor validation errors

* fix(cli): validate doctor config through SDK RPC

* chore(changeset): simplify doctor release note
2026-06-04 21:15:18 +08:00
Luyu Cheng
beb12ac021
feat: add upcoming goal queue (#393) 2026-06-04 20:43:04 +08:00
7Sageer
7856c03176
fix: avoid runtime check rpc (#432) 2026-06-04 20:37:17 +08:00
7Sageer
be0da5ff39
fix: fail early when Git Bash is missing (#430)
* docs: mention Windows Git Bash requirement

* docs: add Windows Git Bash changeset

* fix: fail early when Git Bash is missing

* test: update goal prompt harness mock
2026-06-04 20:16:12 +08:00
liruifengv
86a42a26a1
feat: Add persistent experimental feature toggles and a TUI panel (#420)
* feat: Add persistent experimental feature toggles and a TUI panel

* test(agent-core): isolate experimental flag tests

* fix(tui): block experiments panel while busy

* refactor(experimental): merge feature query APIs
2026-06-04 18:35:41 +08:00
liruifengv
15d71b5130
feat: add reload commands (#383)
* Create CONFIG_RELOAD_RESEARCH.md

* feat: add reload commands for session and tui

* Delete CONFIG_RELOAD_RESEARCH.md

* fix(tui): refresh terminal title on reload

---------

Co-authored-by: qer <wbxl2000@outlook.com>
2026-06-04 13:29:12 +08:00
7Sageer
232ed874d4
fix: scope managed OAuth credentials (#399)
* fix: scope managed OAuth credentials

* refactor: centralize managed OAuth auth resolution
2026-06-04 13:14:18 +08:00
github-actions[bot]
6c0afc4d9c
ci: release packages (#360)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-03 22:00:17 +08:00
Haozhe
3eafa79f39
feat(acp): implement ACP server with session lifecycle, tool streaming, and IDE integration (#368)
This commit scaffolds the @moonshot-ai/acp-adapter package and introduces
the full ACP (Agent Communication Protocol) server implementation for
Kimi Code CLI, including:

- Scaffold @moonshot-ai/acp-adapter workspace package with build skeleton
- `kimi acp` CLI subcommand and stdout-safe logging
- ACP version negotiation and AgentSideConnection wrapper
- Auth gate for session creation
- Session lifecycle: new, list, load with history replay
- Prompt content conversion (text, image, embedded resources, resource links)
- Assistant streaming with thinking support and end-turn handling
- Tool call streaming (started, delta, progress) with result conversion (text / diff)
- Approval handling with diff/text display blocks mapped to ACP options
- Kaos read/write interface (AcpKaos) for unsaved buffer access
- Session mode (yolo/auto) and model management
- Config options builder with thinking toggle
- MCP server forwarding from ACP to harness
- Agent plan updates and available commands updates
- AskUserQuestion bridged to session/request_permission
- Plan review options surfaced through requestPermission
- Error mapping, ext_method stubs, and graceful shutdown
- IDE integration guide (Zed + JetBrains)
- End-to-end tests against ACP TS SDK client
2026-06-03 21:11:30 +08:00
_Kerman
ba7dd736a3
feat: add btw side-channel command (#338) 2026-06-03 15:54:31 +08:00
_Kerman
a6b16ce6b4
refactor: split SDK RPC client (#339) 2026-06-03 15:30:38 +08:00
_Kerman
33496bd031
test: disable harness log writes by default (#362) 2026-06-03 12:55:54 +08:00
github-actions[bot]
14cd8d098b
ci: release packages (#296)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-02 22:54:57 +08:00
Luyu Cheng
ac37d74484
feat: pursue a goal autonomously (#270) 2026-06-02 22:52:23 +08:00
_Kerman
191059d400
feat: add background ask user questions (#315) 2026-06-02 22:12:25 +08:00
Haozhe
0d074f1bae
feat(agent-core): propagate app version into agent record metadata (#308)
* feat(agent-core): propagate app version into agent record metadata

- add appVersion option to AgentOptions, SessionOptions, and KimiCoreOptions
- forward appVersion through Agent, Session, and SDKRpcClient
- include app_version in agent record metadata events
2026-06-02 14:54:29 +08:00
_Kerman
a217ff09aa
feat: add /undo slash command and keep replay in sync (#277) 2026-06-02 12:48:59 +08:00
_Kerman
573c56e829
refactor: background task manager persistence (#285) 2026-06-02 12:48:31 +08:00
zha-ji-tui
0071b63fc8
fix(skill): wrap slash-activated skill content in system-reminder tags (#135) 2026-06-02 11:20:54 +08:00
github-actions[bot]
121a6dd2a1
ci: release packages (#237)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-02 10:22:31 +08:00
_Kerman
ab546419c8
refactor: move Kimi for Coding provider to SDK (#281) 2026-06-01 20:44:36 +08:00
Haozhe
ee69d0ac29
feat(cron): render scheduled reminders in TUI and expose fired events (#204)
* feat(cron): render scheduled reminders in TUI and expose fired events

- add CronMessageComponent for distinct cron transcript entries in TUI
- emit cron.fired events from agent-core and expose via node-sdk
- report cron fire times with local ISO timestamps including timezone offsets
- render cron_job and cron_missed origins during session replay instead of skipping
- handle warning events in CLI and session event handler

* docs(cron): clarify that users must ask the model to manage cron tasks

- cron-create.md: instruct model to proactively tell users how to cancel/modify reminders
- cron-list.md: add guideline that users cannot directly manage cron tasks\n- cron-delete.md: emphasize users must ask model to cancel reminders
2026-06-01 11:34:35 +08:00
github-actions[bot]
d64b15d153
ci: release packages (#170)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-05-29 22:23:07 +08:00
qer
bab2da7b1c
feat(plugin): install plugins from a GitHub repository URL (#221)
* feat(plugin): install plugins from a GitHub repository URL

Allow `/plugins install <github-url>` (and marketplace `source` entries) to
take a GitHub repo URL directly. A new `github` source kind joins the
existing `local-path` and `zip-url` kinds.

Recognized URL forms (parsing in source.ts):

- `https://github.com/<o>/<r>`                       — bare; resolves to latest
                                                       release tag, falling back
                                                       to default branch HEAD.
- `https://github.com/<o>/<r>/tree/<ref>`            — branch / tag / SHA;
                                                       value passed to codeload
                                                       in its short form so the
                                                       backend resolves either.
- `https://github.com/<o>/<r>/releases/tag/<tag>`    — explicit tag, uses
                                                       refs/tags/<tag> to avoid
                                                       same-named-branch ambiguity.
- `https://github.com/<o>/<r>/commit/<sha>`          — explicit commit SHA.

The resolver deliberately avoids `api.github.com`: its 60/hour anonymous
quota is shared with every other tool on the egress IP (browser, gh CLI,
IDE integrations) and a first-time install failing because some other tool
ate the budget is unacceptable UX. Instead we:

- GET `github.com/<o>/<r>/releases/latest` with manual redirect and parse
  the `Location` header (302 → tag URL; 404 → no own release).
- Fall back to `codeload.github.com/<o>/<r>/zip/HEAD` for repos with no
  releases (or for forks that inherit upstream tags but have no own release
  page, which redirect to bare `/releases`).
- Only treat the explicit 404 from `/releases/latest` as "no release" — 5xx,
  403, 429, and any other non-2xx status surface a hard error rather than
  silently installing the default branch, so the user knows when transient
  GitHub issues changed the install path.

UI changes in the TUI:

- `/plugins install` now shows a live Braille spinner while resolving and
  downloading, then flips to a final status that distinguishes Installed
  (fresh) vs Updated (same repo identity, new version) vs Migrated (source
  changed, e.g. CDN zip-url → GitHub).
- `/plugins list`, the `/plugins` overview, and `/plugins info` show the
  install provenance inline. `zip-url` installs now display the URL host
  (e.g. `via code.kimi.com`, `via 127.0.0.1:port`) instead of the opaque
  `zip-url` literal. GitHub installs show `github <owner>/<repo>@<ref>`.
- Three-tier trust badge driven by the marketplace context recorded at
  install time: `official` (green) for `tier: official`, `curated` (blue) for
  `tier: curated`, `third-party` (muted) for anything not installed through
  the marketplace selector. CLI `/plugins install <url>` always records as
  third-party; the marketplace selector passes the tier through. A
  re-install replaces the marketplace context: switching to a third-party
  source clears the badge, which matches the underlying trust change.

`installed.json` gains optional `github` and `marketplace` fields
(back-compatible). PluginSummary surfaces `source`, `originalSource`,
`github`, and `marketplace` so the TUI can label installs without an extra
round trip to PluginInfo. The SDK's `session.installPlugin(source)` gains
an optional `{ marketplace }` second argument so the marketplace selector
can forward `{ id, tier }` through RPC; the CLI install path omits it.

Tests: 112 plugin-suite tests (URL parser, resolver, store round-trip,
manager integration). The manager integration tests assert codeload URLs
shape (short form for `/tree/<ref>`, explicit `refs/tags/` for
`/releases/tag/`) and verify marketplace context is persisted across
reloads and cleared on a third-party re-install.

* chore(changeset): plugin install from GitHub

* docs(plugins): document GitHub install URLs and trust badges

* fix(plugin): preserve URL-encoded characters in GitHub ref names

Git permits ref characters that have special meaning in URLs — most
notably `#`, which is a valid tag character (e.g. `release#1`) but the URL
fragment delimiter. The resolver decoded the tag from GitHub's
`/releases/latest` 302 redirect Location header and then interpolated the
raw value into the codeload URL. The literal `#1` became a fragment and
the HTTP request reached the server as `…/refs/tags/release` — a wrong or
truncated ref, leading to install failure for a release whose URL was
otherwise valid.

Two symmetric changes:

- The codeload URL builder now splits the ref on `/` (so multi-segment
  refs like `feat/foo` keep their path separators) and percent-encodes
  each segment.
- The GitHub URL parser now percent-decodes each segment from the URL's
  pathname when extracting `/tree/<ref>`, `/releases/tag/<tag>`, and
  `/commit/<sha>`. Storage and display see the human-readable Git ref
  name; the resolver re-encodes on the way out.

Malformed `%xx` sequences in user-typed URLs are tolerated: we keep the
raw segment so the caller surfaces a normal "ref not found" error
downstream instead of crashing during parse.

* fix: restrict plugin trust badges

* chore: remove fetch when show plugin list

---------

Co-authored-by: qer <Anna_Knapprfr@mail.com>
2026-05-29 22:18:16 +08:00
liruifengv
96bbc471c4
feat: add experimental feature-flag system (#205)
Introduce a central, env-driven flag registry in agent-core. Each flag is declared once with an id, full env var name, default, and surface. Within agent-core, flags are consulted through a process-global 'flags' constant that reads live process.env. Resolution precedence: master switch KIMI_CODE_EXPERIMENTAL_FLAG > per-feature KIMI_CODE_EXPERIMENTAL_<NAME> > registry default, with lenient boolean parsing via parseBooleanEnv. FlagId is a literal union derived from the registry for compile-time autocomplete and typo-checking.

SDK boundary: KimiHarness.getExperimentalFlags() returns the resolved values over RPC, and the SDK re-exports only the flag *types* — no runtime value crosses the boundary. The TUI caches that snapshot once at startup and reads it synchronously for command gating.

Gate the plugin system behind the 'plugins' flag, off by default: PluginManager.load() consults flags.enabled('plugins'), so when off no installed plugins are loaded or activated, and the TUI /plugins command is hidden from the palette and resolves as an unknown command.

Tests cover the resolver precedence matrix, registry invariants, the FlagId type guard, the live-env singleton, the plugin-load gate, the getExperimentalFlags RPC, and the TUI command gating.
2026-05-29 19:55:10 +08:00
_Kerman
8913440541
feat: show warning when resuming across working directories (#118) 2026-05-29 15:11:46 +08:00
_Kerman
537cf20d18
feat: remove default per-turn step limit of 1000 (#186) 2026-05-29 13:11:45 +08:00
_Kerman
28d2b5c018
refactor(agent-core): make Agent constructable and consolidate provider-manager (#161) 2026-05-28 20:33:10 +08:00
_Kerman
8515472476
fix(agent-core): compaction edge cases, error handling, and truncated output (#120) 2026-05-28 16:47:38 +08:00
github-actions[bot]
fa114c150d
ci: release packages (#93)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-05-27 22:50:19 +08:00