v0.5.2

What's Changed

Bug Fixes

• API key validation for Anthropic: Added proper handling for rate-limited (429) and server error (500) responses from Anthropic, which are now correctly treated as invalid keys instead of being processed as valid.
• CLI argument parsing for --key=value syntax: Fixed support for inline value syntax (e.g., --model=gemini) which was previously not recognized alongside space-separated arguments.
• API key import validation: Added result validation when importing keys from auth.json to prevent invalid keys from being marked as successfully stored.
• Setup window debug port handling: Made remote debugging port optional, only enabled when SIDECAR_DEBUG_PORT environment variable is explicitly set.
• Pre-push hook robustness: Added exit code handling to ensure test failures properly prevent pushes.

Infrastructure

• Request timeout handling: Added 10-second timeout to API key validation requests to prevent indefinite hangs on unresponsive servers.

Tests

• Extended test coverage: Added comprehensive tests for --key=value syntax parsing and Anthropic 429/5xx error scenarios, along with tests for optional debug port behavior.

Full Changelog: v0.5.1...v0.5.2

v0.5.1

What's Changed

Bug Fixes

• Shell-independent API key resolution: Fixed "Missing Authentication header" errors when running sidecar in non-interactive shells (Claude Code, CI/CD, cron jobs). Sidecar now automatically loads credentials from multiple sources in priority order: existing environment variables, ~/.config/sidecar/.env, then ~/.local/share/opencode/auth.json. This resolves the issue where API keys exported in ~/.zshrc weren't available in non-interactive contexts.

Improvements

• Unified credential loading: Consolidated scattered credential loading logic into a new env-loader.js module that runs at CLI startup, ensuring all available API keys are projected into process.env before any validation occurs.
• Better error messages: Updated validation errors to provide clear troubleshooting steps for missing credentials, explaining why non-interactive shells don't inherit ~/.zshrc exports and offering three resolution paths.
• Legacy key migration: Automatically migrates deprecated GEMINI_API_KEY to GOOGLE_GENERATIVE_AI_API_KEY during credential loading.

Documentation

• Shell profile guidance: Added note in skill documentation warning zsh users that ~/.zshrc exports only work in interactive shells, with recommendations to use ~/.zshenv or sidecar setup instead.
• Troubleshooting section: Added new troubleshooting entry covering the "Missing Authentication header" error in Claude Code and CI environments.
• Design specification: Added detailed technical specification documenting the shell-independent key resolution design, including priority order, multi-model review feedback, and testing approach.

Full Changelog: v0.5.0...v0.5.1

v0.5.0

What's Changed

Process Lifecycle & Resource Management

• Shared OpenCode Server: Multiple sidecar sessions now multiplex through a single OpenCode Go binary instead of spawning one per invocation, reducing cold-start latency and memory overhead. The server auto-restarts on crash (up to 3 times per 5-minute window) and automatically terminates when idle.
• IdleWatchdog State Machine: All sidecar processes now self-terminate after configurable inactivity periods (15 min headless, 60 min interactive, 30 min shared server). Idle timeout can be globally overridden or disabled via SIDECAR_IDLE_TIMEOUT environment variable.
• Session Locks & Dead-Process Detection: Resume and continue operations now acquire atomic lock files to prevent concurrent access, and detect dead processes before attempting to reconnect. Crash handler automatically cleans up lock files on uncaught exceptions.

MCP Improvements

• MCP Shared Server Path: The MCP handler's shared server path now delegates to runHeadless() for full session lifecycle management (polling, progress tracking, finalization), instead of fire-and-forget prompting. Sessions properly transition from running to complete and write results to disk.
• MCP Input Validation: Added structured error responses with helpful hints for malformed MCP inputs. Validation catches missing required fields and provides suggestions for typos.
• External Server Guard Points: runHeadless() now accepts external client/server/watchdog/sessionId options, enabling the shared server path to reuse running infrastructure without managing its own startup/shutdown.

Chat Agent Support

• Chat Agent with noUi: The Chat agent now works in headless mode. The handler automatically converts Chat requests to Build mode for headless execution.

Documentation & Developer Experience

• Process Lifecycle Documentation: Added comprehensive user-facing docs explaining idle timeouts, environment variables, session locks, and how to recover from stuck sessions.
• MCP Polling Integration Spec: Design specifications for shared server polling and input validation now live in docs/superpowers/plans/.
• Updated Architecture Guide: New sections document the shared server architecture and IdleWatchdog state machine, with environment variable reference in CLAUDE.md.

Reliability & Testing

• E2E Shared Server Test: New integration test with memory monitoring validates the shared server can handle multiple concurrent sessions without leaks.
• Eval Script Robustness: Increased eval runner timeout from 5 to 10 minutes and added external monitoring script (eval-with-monitoring.sh) for process and memory tracking during long-running evaluations.
• Watchdog & Lock Tests: Added comprehensive test coverage for idle watchdog behavior, session locks, resume locking, and dead-process detection.

Bug Fixes

• Watchdog Leak Prevention: Fixed watchdog instances not being properly canceled on early exits, preventing zombie timers.
• Resume Lock Scope: Lock acquisition now covers the entire resume operation, not just reconnection, preventing race conditions.
• Null Metadata Guard: Added null checks for metadata access to prevent crashes when session state is incomplete.
• Model Alias Resolution: Shared server path now correctly resolves model aliases before passing to the underlying server.
• Orphaned Session Prevention: Shared server fallback now properly cleans up sessions when the process falls back to per-process spawning.
• Chat/Build Handler Fix: Prevented misuse of handler conversion when Chat is explicitly requested without noUi flag.
• sendPrompt Format: Corrected message format sent to the shared server MCP path to match expected SDK structure.

Full Changelog: v0.4.9...v0.5.0

v0.4.9

What's Changed

Infrastructure

• Optimized release notes generation: Switched from Claude Sonnet 4.5 to Claude Haiku 4.5 for generating release notes, reducing costs while maintaining quality for this specific task.

Full Changelog: v0.4.8...v0.4.9

v0.4.8

What's Changed

Infrastructure

• Fixed Claude model ID: Corrected the model identifier used for release notes generation. Previous IDs (claude-sonnet-4-5-20250514, claude-sonnet-4-5-latest) were not valid on the Anthropic API.

Full Changelog: v0.4.7...v0.4.8

v0.4.7

What's Changed

Infrastructure

• Direct API for release notes: Replaced claude-code-action (which only supports PR/issue events) with a direct Anthropic API call via curl for generating release notes. The workflow now reads the commit log and diff, sends it to Claude, and updates the release body.

Full Changelog: v0.4.6...v0.4.7

v0.4.6

What's Changed

Infrastructure

• Release notes workflow fix: Moved the Claude-powered release notes generation from a standalone workflow (which didn't trigger due to GitHub's GITHUB_TOKEN event limitation) into the main publish workflow as a dependent job.

Full Changelog: v0.4.5...v0.4.6

v0.4.5

What's Changed

Features

• AI-powered release notes: Added automated release notes generation using the Anthropic API. When a version tag is pushed, Claude reads the commit history and generates categorized, descriptive release notes.
• Auto-generated CLAUDE.md sections: Added generate-docs.js that auto-generates the Directory Structure and Key Modules sections of CLAUDE.md from the actual codebase, keeping documentation in sync with code.

Improvements

• Release badge caching: Added a 1-hour TTL to the site's release version badge cache so npm version updates appear within an hour instead of being stale indefinitely.
• CLAUDE.md restructured: Compressed and reorganized CLAUDE.md with progressive disclosure. Detailed docs moved to docs/ subdirectory, keeping the main file focused and scannable.
• Pre-commit doc generation: generate-docs.js now runs automatically in the pre-commit hook, so auto-generated sections are always current.

Full Changelog: v0.4.4...v0.4.5

v0.4.4

What's Changed

Features

• Headless resume with conversation continuity: sidecar resume in headless mode now carries the previous conversation forward, allowing the LLM to pick up where it left off rather than starting fresh.
• Stall detection in status: sidecar_status now includes a stalled flag when a headless session's last activity exceeds a threshold, helping callers detect stuck sessions and take corrective action.

Full Changelog: v0.4.3...v0.4.4

v0.4.3

What's Changed

Bug Fixes

• Auth.json cleanup on key removal: When removing an API key via sidecar setup, the corresponding entry in OpenCode's auth.json is now also cleaned up, preventing stale keys from being re-imported.
• Model dropdown filter: Fixed the setup wizard's model selection dropdown not filtering correctly when editing an existing alias.

Full Changelog: v0.4.2...v0.4.3