|
|
@@ -8,6 +8,36 @@ Tags follow the pi npm version: `v{pi_version}[letter]` — bare tag for the fir
|
|
|
|
|
|
|
|
|
|
|
|
## Unreleased
|
|
|
|
## Unreleased
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
_(no changes since v0.76.0)_
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
## v0.76.0 — 2026-05-28
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
pi `0.75.5` → `0.76.0` bump (first minor-version release on pi 0.76 line, published upstream 2026-05-27 20:03 UTC). Built against a fresh `joakimp/opencode-devbox:base-latest` which now bakes in SSH ControlMaster on a writable socket path, plus gitleaks and git-crypt — see the inherited-from-base notes below for details on each.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
### Bumped: pi 0.75.5 → 0.76.0
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Notable upstream changes (from pi's CHANGELOG):
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- **Explicit session IDs for automation** — `--session-id <id>` lets scripts create or resume an exact project-local session.
|
|
|
|
|
|
|
|
- **RPC bash output can stay out of model context** — RPC clients can pass `excludeFromContext` to `bash` for commands whose output should not be sent with the next prompt.
|
|
|
|
|
|
|
|
- **More predictable provider retries and timeouts** — Codex WebSocket/SSE waits are bounded; `retry.provider.maxRetries` controls provider retries instead of hidden SDK defaults; SDK retries default to 0; quota/billing 429s are no longer retried behind Pi's retry handling.
|
|
|
|
|
|
|
|
- **Better terminal editing across environments** — Apple Terminal Shift+Enter detection on macOS, Windows Terminal OSC 8 hyperlink support, JetBrains truecolor with disabled OSC 8, Unicode-aware word navigation and deletion.
|
|
|
|
|
|
|
|
- **Bugfixes** — `pi update` bypasses npm/pnpm/Bun minimum-release-age gates; user-authored ordered-list markers preserved in transcripts; image attachment token estimates aligned with tool-result images; Codex Responses cache-affinity header fixed (`session-id` not `session_id`); OpenRouter/Poolside context-overflow detection; managed npm extension updates avoid peer-dependency conflicts; RpcClient handles unexpected child exits cleanly.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Workflow continues to derive `PI_VERSION` from the git tag (`v0.76.0` → `0.76.0`) and pass it as a build-arg, per the v0.75.5b cache-hit fix; smoke test asserts `pi --version` matches.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
### Workflow change: registry cache-export disabled
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- **`.gitea/workflows/docker-publish.yml`** — `cache-from`/`cache-to` removed from the `publish` step. buildkit's `mode=max` cache-export to `registry-1.docker.io` reproducibly returns HTTP 400 on the resumable-upload PUT, surfacing ~2026-05-23. Diagnosed during opencode-devbox v1.15.12's manual host-side publish: image push works fine, only `--cache-to` fails. See opencode-devbox CHANGELOG v1.15.12 `Unreleased` for the full root-cause analysis. The pi-devbox Dockerfile is single-stage with a tiny diff (npm install pi only) on top of `base-latest`, so builds are fast even without cache (~30-60s expected).
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
### Inherited from opencode-devbox base: SSH ControlMaster on a writable socket path
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
No Dockerfile change here — just a note that this release picks up the system-wide SSH ControlMaster default (`/etc/ssh/ssh_config.d/00-devbox-controlmaster.conf` → `ControlPath /tmp/sshcm/%r@%h:%p`, `ControlMaster auto`, `ControlPersist 10m`). This unblocks `ssh` and `pi --ssh user@host` from inside the container when `~/.ssh` is bind-mounted read-only from the host (the standard pi-devbox compose layout) — previously, OpenSSH's default `ControlPath` under `~/.ssh/cm/` was unwritable, so multiplexing failed with `unix_listener: cannot bind ... Read-only file system` and ssh fell back to fresh TCP connections, which on residential CGNAT manifested as banner-exchange timeouts. The fix is purely additive (per-container `/tmp/sshcm` dir, mode 700, created by entrypoint) and user `~/.ssh/config` per-host overrides still win because Debian's stock `ssh_config` sources `ssh_config.d/*.conf` before its own `Host *` block. See opencode-devbox CHANGELOG `v1.15.12` for the base-side details.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
### Inherited from opencode-devbox base: gitleaks + git-crypt
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
No Dockerfile change here — just a note that this release includes `gitleaks` (newly added to the base) and `git-crypt` (was always installed via apt; just wasn't called out). Both are useful inside the container for repos that use a gitleaks pre-commit hook or git-crypt-encrypted canonical config and don't want host-side dependencies. See opencode-devbox CHANGELOG `v1.15.12` for the base-side details.
|
|
|
|
|
|
|
|
|
|
|
|
## v0.75.5b — 2026-05-23
|
|
|
|
## v0.75.5b — 2026-05-23
|
|
|
|
|
|
|
|
|
|
|
|
Recovery release fixing a **silent cache-hit regression** discovered in the v0.75.5 image. All four releases v0.74.0 through v0.75.5 had been shipping the same image bytes because the Dockerfile's `npm install -g @earendil-works/pi-coding-agent` (bare, when `PI_VERSION=latest`) produces an identical layer-hash across builds. Combined with the registry buildcache, Docker reused the layer from whatever pi version was current when the cache was first populated.
|
|
|
|
Recovery release fixing a **silent cache-hit regression** discovered in the v0.75.5 image. All four releases v0.74.0 through v0.75.5 had been shipping the same image bytes because the Dockerfile's `npm install -g @earendil-works/pi-coding-agent` (bare, when `PI_VERSION=latest`) produces an identical layer-hash across builds. Combined with the registry buildcache, Docker reused the layer from whatever pi version was current when the cache was first populated.
|
|
|
|
joakimp