Releases: link-assistant/agent
[js] 0.24.0
Add a native, enforceable permission system, ported from OpenCode and fully controllable over JSON with no TUI (issue #271).
Hard layer. --read-only (env LINK_ASSISTANT_AGENT_READ_ONLY) disables every filesystem-mutating and shell tool — bash, edit, write, multiedit, patch — so the agent can only read, search and plan. The restriction is enforced at tool resolution and also when tools are invoked indirectly via the batch tool, so it cannot be bypassed. --disable-tools bash,write,edit (env LINK_ASSISTANT_AGENT_DISABLE_TOOLS) disables an explicit set of tools. This makes agent-commander's uniform --read-only flag enforceable for the agent tool, on par with the other supported tools.
Fine-grained layer. --permission-mode <auto|plan|readonly|ask> (env LINK_ASSISTANT_AGENT_PERMISSION_MODE) plus an OpenCode-compatible --permission '<json>' override (env LINK_ASSISTANT_AGENT_PERMISSION). The default mode is auto (full autonomy, never asks), so existing behavior is unchanged and the full-auto path has zero added overhead.
plandenies edits, allows read-only shell commands, and asks before anything else.readonlydenies all mutations (never asks).askrequests approval before every mutating tool.--permissionaccepts the OpenCode{edit, bash, webfetch}shape (wherebashis a string or a{glob: action}map) and is merged on top of the mode.
Approvals are exchanged purely as JSON: the agent emits a permission_request event on stdout and the consumer replies with a permission_response frame (once / always / reject) on stdin, in both text and stream-json input modes. See docs/permissions.md for the full protocol and docs/case-studies/issue-271 for the design rationale and prior-art survey. The same policy/mode/override semantics, CLI flags, and JSON schemas are mirrored in the Rust implementation.
Related Pull Request: #272
[js] 0.23.0
Add Claude-compatible --input-format stream-json stdin frames and --output-format stream-json alias with user-prompt replay acknowledgements.
Related Pull Request: #269
[js] 0.22.10
Set opencode/minimax-m2.5-free as the default model again, update OpenCode Zen free model docs, and add a live Zen free-model fallback for models.dev lag.
Related Pull Request: #267
[js] 0.22.9
Classify provider stream status errors and usage-shape failures as retryable provider errors.
Related Pull Request: #265
[js] 0.22.8
fix(ci): add recovery for missing Rust GitHub releases and improve crates.io publish resilience
Related Pull Request: #263
[rust] 0.9.2
Fixed
- Use
CARGO_TOKEN(organization-level secret) as fallback whenCARGO_REGISTRY_TOKENis not set, fixing crates.io publishing in CI/CD
Fixed
- Fixed git push race condition in Rust CI/CD auto-release that caused non-fast-forward rejection when JS CI pushed concurrently
- Added fetch/rebase before commit and push retry with pull --rebase (up to 3 attempts)
- Added shared concurrency group (
release-main) across Rust and JS release jobs to serialize pushes to main
[js] 0.22.7
Handle crates.io propagation delays and treat "already exists" as successful publish in CI/CD scripts
Related Pull Request: #262
[js] 0.22.6
Added shared concurrency group to JS release jobs to prevent race condition with Rust CI/CD pushes to main
Related Pull Request: #260
[js] 0.22.5
Add CARGO_TOKEN fallback support to publish-to-crates.mjs for organization-level secrets
Related Pull Request: #258
[js] 0.22.4
Add publish verification to Rust CI/CD to prevent false positive releases
Related Pull Request: #256
