v1.7.1 — GLIBC compatibility fix

Fix: Linux binary now uses musl (fully static) — no GLIBC dependency. Works on Ubuntu 20.04+, Debian, Alpine, etc.

What's Changed

• deps: bump rand from 0.9.2 to 0.9.4 in /mc by @dependabot[bot] in #64
• feat: SonarCloud + CodeQL upgrade by @kienbui1995 in #65
• fix: GLIBC compatibility — musl static binary for Linux by @kienbui1995 in #66

Full Changelog: v1.7.0...v1.7.1

v1.7.0 — Memory v2, Prompt Hardening, Security CI

v1.7.0

274 tests | 30 tools | 51 PRs | 9.1MB binary | 0ms startup

🧠 Memory System v2 (Claude Code inspired)

• 4 categories: project, user, feedback, reference
• Self-skeptical: "verify against actual code before acting"
• Dream cleanup: auto-compact on session start
• Critical fix: memory was never initialized (completely broken since v1.0)

🔒 System Prompt Hardening

• All 30/30 tools described (was 12/30)
• Security guardrail: prompt injection detection
• 7 negative rules ("What NOT to Do")
• Cost awareness guidance

🛡️ Security & Quality CI

• cargo-audit (vulnerability scanning)
• cargo-deny (license compliance + supply chain)
• dependency-review (block high-severity on PRs)
• Strict clippy (correctness + suspicious)

✨ New Features

• Browser automation (Playwright)
• Debug mode (hypothesis-driven)
• GitHub integration (/gh)
• Agent profiles, context pinning
• Auto-skill creation, cross-session FTS
• Configurable notifications + webhook

📚 Documentation

• Getting started guide
• Memory system guide
• Tools reference (30 tools)
• Configuration reference

🎨 UX

• Animated spinner, bell notification
• Categorized /help, quit confirmation
• Ctrl+R history search
• tree-sitter symbol extraction
• arboard cross-platform clipboard

What's Changed

• fix: compiler warning, CLI help, CODE_OF_CONDUCT by @kienbui1995 in #43
• feat: browser automation tool (Playwright) by @kienbui1995 in #44
• feat: debug mode — hypothesis-driven debugging (Cursor-style) by @kienbui1995 in #45
• feat: 5 UX improvements — bell, help, spinner, quit confirm, Ctrl+R by @kienbui1995 in #46
• feat: auto-skill creation + cross-session FTS search (inspired by Hermes) by @kienbui1995 in #48
• test: 14 new tests closing coverage gaps by @kienbui1995 in #49
• feat: configurable notifications + webhook (Slack/Discord) by @kienbui1995 in #47
• feat: GitHub integration, context pinning, agent profiles by @kienbui1995 in #50
• ci: bump actions/upload-artifact from 4 to 7 by @dependabot[bot] in #51
• ci: bump softprops/action-gh-release from 2 to 3 by @dependabot[bot] in #52
• ci: bump actions/deploy-pages from 4 to 5 by @dependabot[bot] in #53
• deps: bump similar from 2.7.0 to 3.1.0 in /mc by @dependabot[bot] in #54
• deps: bump clap_complete from 4.6.0 to 4.6.2 in /mc by @dependabot[bot] in #55
• deps: bump tokio from 1.50.0 to 1.51.1 in /mc by @dependabot[bot] in #56
• feat: tree-sitter, arboard clipboard, GitHub templates by @kienbui1995 in #57
• fix: system prompt — all 30 tools + cost awareness + debug/browser guidance by @kienbui1995 in #58
• fix: prompt hardening — security, negative rules, tone (research-backed) by @kienbui1995 in #59
• fix: wire memory system — was completely broken (never initialized) by @kienbui1995 in #60
• feat: memory v2 — categories, dream cleanup, self-skeptical (Claude Code inspired) by @kienbui1995 in #61
• feat: security & quality CI — audit, deny, dependency review by @kienbui1995 in #62
• release: v1.7.0 by @kienbui1995 in #63

New Contributors

• @dependabot[bot] made their first contribution in #51

Full Changelog: v1.6.0...v1.7.0

v1.6.0 — Agentic AI Complete

v1.6.0 — Agentic AI Complete

192 tests | 28 tools | 15 providers | 0 clippy warnings | 0 vulnerabilities

✨ Managed Agents

• Manager-executor pattern — delegate to cheap models, coordinate with expensive ones
• Named agents (agents/*.md) with model/tools/instructions routing
• Background agent polling, configurable concurrency, budget enforcement

🧠 Smart Context

• codebase_search — symbol-aware code retrieval (TF-IDF scoring)
• edit_plan — multi-file edit planning before execution
• Smart compaction — importance scoring preserves errors/writes
• Conversation search with context snippets

🔄 Self-Healing

• Auto-verify syntax after writes (py/json), errors fed back to LLM
• ToolInputDelta preview — see what agent is writing in real-time
• Auto-permission learning — approved tools remembered in session

🔒 Security

• Subagent inherits parent permissions (was hardcoded Allow)
• Budget enforcement at runtime
• Tool filter enforced at execution

🏗️ Infrastructure

• FallbackProvider — automatic provider failover
• Structured output (JSON mode) for OpenAI-compatible providers
• Version 1.6.0, updated README + CHANGELOG
• cargo audit clean

What's Changed

• fix: clippy cleanup + wire max_concurrent by @kienbui1995 in #35
• fix: wire named agents + 7 tests for managed agents by @kienbui1995 in #36
• fix(security): subagent permission inheritance + budget enforcement by @kienbui1995 in #37
• feat: codebase_search — symbol-aware code retrieval by @kienbui1995 in #38
• feat: edit_plan — multi-file edit planning by @kienbui1995 in #39
• feat: auto-verify, ToolInputDelta preview, fallback provider by @kienbui1995 in #40
• feat: 4 agentic polish — permissions, search, compaction, JSON mode by @kienbui1995 in #41
• release: v1.6.0 go-live prep by @kienbui1995 in #42

Full Changelog: v1.5.0...v1.6.0

v1.5.0

Managed Agents — Manager-Executor Pattern

183 tests, 30+ tools, 15 providers.

✨ New

• Managed agents — manager-executor architecture for cost-optimized multi-agent workflows

  [managed_agents]
  enabled = true
  manager_model = 'claude-opus-4-6'
  executor_model = 'claude-haiku-4-5'
  max_concurrent = 3

• Tool filtering per agent — restrict which tools an executor can use (enforced at execution)
• Background agent polling — poll_agent_id for async agent results
• Configurable max_concurrent — no longer hardcoded to 4

🔒 Security (CodeRabbit review)

• Tool filter enforced at execution, not just schema
• Config validation for managed agent numeric bounds

What's Changed

• feat: managed agents — manager-executor pattern by @kienbui1995 in #34

Full Changelog: v1.4.2...v1.5.0

v1.4.2

Fixes

• Session branching — /fork /branches /switch /branch delete now fully wired
• JSON output — added cost, cache tokens to --json
• Token budget config — max_context_window + strategy in [compaction]
• Security — plugin path traversal, --yes override order, empty model fallback

183 tests

What's Changed

• fix: wire session branching, complete JSON output, token budget config by @kienbui1995 in #33

Full Changelog: v1.4.1...v1.4.2

v1.4.1

Security Fixes

• --yes no longer bypasses bash (requires --dangerously-allow-bash)
• Plugin path traversal fixed (sanitize_plugin_name)
• --yes override order fixed (takes precedence over config)
• Empty model override handled in subagent

New Features

• Named agents — agents/*.md with model/tools per agent
• --trace — structured tool call logging (input/output/duration)
• Audit timestamps — every log entry now has timestamp

183 tests

What's Changed

• fix(security): --yes no longer bypasses bash permissions by @kienbui1995 in #30
• fix(security): address CodeRabbit critical findings by @kienbui1995 in #31
• feat: named agents, audit timestamps, --trace logging by @kienbui1995 in #32

Full Changelog: v1.4.0...v1.4.1

v1.4.0

What's New

30+ tools, 15 providers, 180 tests, 15K+ lines of Rust.

🔌 Plugin Marketplace

/plugin install obra/superpowers   # 14 TDD/debugging/planning skills
/plugin list                       # show installed
/plugin update superpowers         # pull latest

🔧 Critical Gap Fixes

• Subagent model routing — use cheaper models for subtasks: {"task": "...", "model": "haiku"}
• Subagent shared context — agents share results via SharedContext board
• --yes / -y — bypass permissions for CI/CD
• Per-tool permissions — tool_permissions = { bash = "deny" } in config
• Cost per tool — /cost shows tool call counts
• --validate-config — validate and inspect config

What's Changed

• feat: /plugin command — install, list, remove, update plugins by @kienbui1995 in #26
• feat: address critical gaps — model routing, CI mode, per-tool permissions by @kienbui1995 in #27
• feat: remaining gaps — shared context, cost per tool, validate-config by @kienbui1995 in #28
• release: v1.4.0 by @kienbui1995 in #29

Full Changelog: v1.3.0...v1.4.0

v1.3.0

What's New

28+ tools, 15 providers, 180 tests, 14K+ lines of Rust.

✨ New

• /auto-commit — auto git add+commit with LLM-generated message after code changes
• Plugin docs — README updated with plugin system examples (sh/py/js)

🧪 Quality

• 180 tests (+18 from v1.2) — new coverage across 11 modules

What's Changed

• docs: update README for v1.2.0 by @kienbui1995 in #21
• feat: /auto-commit — auto git commit after code changes by @kienbui1995 in #22
• test: increase coverage to 180 tests (+18) by @kienbui1995 in #24
• release: v1.3.0 by @kienbui1995 in #25

Full Changelog: v1.2.0...v1.3.0

v1.2.0

What's New

28+ tools, 15 providers, 162 tests, 14K+ lines of Rust.

✨ New Features

• /cost per-turn breakdown — token usage, cost, and model for each turn
• /export markdown + JSON — export session as readable markdown or raw JSON
• /diff-preview — approve/reject file changes with diff preview before writing
• Plugin system — auto-discover custom tools from .magic-code/tools/ (sh, py, js)
• Streaming edit preview — see file changes in real-time as LLM generates
• /auto-test — auto-run tests after code changes, feed failures back to LLM
• MCP in single-shot mode — MCP servers now work with --json and --pipe

🐛 Bug Fixes

• MCP servers not loading in single-shot/pipe mode
• Hardcoded internal IP removed from sandbox.sh

🧪 Tests

• 152 → 162 tests (10 new tests for all v1.2 features)

What's Changed

• feat: /cost per-turn breakdown dashboard by @kienbui1995 in #13
• feat: /export with markdown and JSON format by @kienbui1995 in #14
• feat: /diff-preview — approve/reject file changes with diff by @kienbui1995 in #15
• feat: plugin system — auto-discover and execute custom tools by @kienbui1995 in #16
• feat: streaming edit preview — show file changes in real-time by @kienbui1995 in #17
• feat: /auto-test — auto-run tests after code changes by @kienbui1995 in #18
• test: add 10 tests for v1.2 features by @kienbui1995 in #19
• release: v1.2.0 by @kienbui1995 in #20

Full Changelog: v0.1.0...v1.2.0

v1.1.0

Full Changelog: v0.8.2...v1.1.0

Full Changelog: v0.8.2...v1.1.0