Skip to content

Releases: Ascendral/codebot-ai

CodeBot AI v2.10.0

Choose a tag to compare

@Ascendral Ascendral released this 22 Mar 03:36

What's New in v2.10.0

--solve: Autonomous Issue-to-PR Pipeline

Point CodeBot at a GitHub issue, get back a reviewed PR with full audit trail.

codebot --solve https://github.com/you/repo/issues/42

8 phases: Parse → Clone → Analyze → Install → Fix → Test → Self-review → PR

Electron Desktop App

  • Signed, notarized, Gatekeeper-approved (macOS arm64)
  • 113MB DMG (down from 343MB)
  • Auto-restart on crash with exponential backoff
  • Network drop recovery with reconnecting overlay
  • API key validation on startup

Dashboard Improvements

  • 60 bugs fixed across two audit passes (XSS, accessibility, performance, SSE reliability)
  • Text selection now works in chat messages
  • Shift+Enter for multiline input
  • Throttled markdown rendering (no more lag on long responses)
  • Focus-visible indicators for keyboard navigation

Autonomy Features

  • Goal decomposition engine for complex multi-step tasks
  • Health auto-fix through CORD safety layer
  • Daemon mode with real job execution
  • Retired skill filtering
  • Cross-session learning reuse

Other

Download

  • macOS (Apple Silicon): Download the DMG below
  • Requires a Claude API key (console.anthropic.com)

CodeBot AI v2.9.0

Choose a tag to compare

@Ascendral Ascendral released this 19 Mar 22:00

CodeBot AI v2.9.0

Autonomous coding agent with governed execution.

Highlights

  • --solve command: Point at a GitHub issue → get a PR with full audit trail
  • Constitutional safety (CORD): Every action goes through a safety layer
  • 32 tools: File ops, git, web, browser, docker, SSH, and more
  • Self-review: Agent reviews its own diff before committing
  • Audit trail: Every phase logged, every decision traceable
  • Electron desktop app: Signed, notarized, Gatekeeper-approved (113MB)

Requirements

Install

  1. Download the DMG below
  2. Open it and drag CodeBot AI to Applications
  3. Launch and enter your API key when prompted

v2.8.0 — Operational

Choose a tag to compare

@Ascendral Ascendral released this 15 Mar 05:42

What's New

Dashboard Models Panel

  • VRAM detection card with real-time usage bar
  • Quantization advisor — select a model size, get recommendations based on available VRAM
  • Local model browser showing installed Ollama models

CodeAGI Continuous Mode

  • Auto-run mission cycles on a configurable timer (30s to 5m intervals)
  • SSE streaming for real-time phase updates
  • Error-based auto-stop after 2+ consecutive failures

Documentation Overhaul

  • Added "Who This Is For" section targeting security teams, regulated industries, solo devs
  • Added dynamic badges (npm downloads, GitHub stars, last commit)
  • Removed swarm references from public docs
  • All version surfaces synchronized to 2.8.0

Testing

  • 1,265 tests across 242 suites (was 1,217 / 232)
  • 48 new tests covering swarm strategies, router, and scorer

Full Changelog

See CHANGELOG.md

v2.5.2 — Functional Command Center

Choose a tag to compare

@Ascendral Ascendral released this 05 Mar 01:32

What's New

Command Center (Dashboard)

  • Terminal — execute shell commands with live streaming output, command history
  • Quick Actions — 8 one-click buttons (Git Status, Run Tests, Git Log, Git Diff, Health Check, List Tools, List Files, NPM Outdated)
  • Chat — interactive AI chat with agent (codebot --dashboard)
  • Tool Runner — select any tool, fill parameters, execute with result display
  • Standalone mode — Terminal + Quick Actions work without agent connection

Fixes

  • Version alignment: cli.ts, index.ts, and package.json now all report 2.5.2
  • CHANGELOG updated with v2.4.0–v2.5.2 entries

Install

npm install -g codebot-ai

Then run:

codebot --dashboard    # Full agent + dashboard
codebot                # CLI mode

Or try the standalone dashboard:

npx codebot-ai         # One-shot via npx

Stats

  • 1125 tests passing
  • 192 files in package
  • 247 KB compressed
  • Zero dependencies

v1.4.3: Bulletproof message integrity

Choose a tag to compare

@Ascendral Ascendral released this 28 Feb 06:57

The Problem

During multi-tool interactions, CodeBot's message history could get corrupted, causing OpenAI to permanently reject all requests with:

Invalid parameter: messages with role 'tool' must be a response to a preceeding message with 'tool_calls'

Root Cause

The context compaction code iterated message-by-message backward and could split assistant + tool_response groups in half. Example:

[assistant with tool_calls: call_1, call_2]  ← DROPPED (budget exceeded)
[tool: call_1 result]                        ← KEPT (orphaned!)
[tool: call_2 result]                        ← KEPT (orphaned!)

OpenAI requires every tool message to reference a preceding assistant's tool_calls — orphaned tool messages = instant 400.

The Fix (Two Layers)

Layer 1 — Prevention (this release): groupMessages() treats assistant + following tool responses as atomic blocks. Compaction now keeps or drops entire groups — it can never split them.

Layer 2 — Recovery (v1.4.2): repairToolCallMessages() runs before every LLM call as a safety net, removing any orphaned/duplicate tool messages and injecting placeholders for missing responses.

Stats

  • 145 tests passing (up from 131 in v1.4.1)
  • 10 new stability/repair/compaction tests across v1.4.2 + v1.4.3
  • Zero dependencies

Upgrade

npm install -g codebot-ai

v1.4.2: Fix message history corruption

Choose a tag to compare

@Ascendral Ascendral released this 28 Feb 06:50

What's Fixed

Message history corruption causing OpenAI 400 errors — During multi-tool-call interactions, the message history could become corrupted (orphaned tool messages, duplicates), causing OpenAI to reject all subsequent requests with:

Invalid parameter: messages with role 'tool' must be a response to a preceeding message with 'tool_calls'

The circuit breaker (from v1.4.1) would stop the loop after 3 attempts, but the session was permanently broken.

The Fix

Enhanced repairToolCallMessages() to handle three types of corruption before every LLM call:

  1. Orphaned tool messages — tool responses whose tool_call_id doesn't match any preceding assistant's tool_calls → removed
  2. Duplicate tool responses — multiple responses for the same tool_call_id → keep first, remove rest
  3. Missing tool responses — assistant has tool_calls but no matching tool response → inject placeholder (existing behavior)

This makes message history self-healing — corruption from stream errors, compaction, or session resume is automatically repaired.

Stats

  • 142 tests passing (up from 138)
  • 4 new message repair tests covering all corruption scenarios
  • Zero dependencies

v1.4.1: Fix infinite error loop

Choose a tag to compare

@Ascendral Ascendral released this 28 Feb 06:26

Bug Fix

Fixed: Agent was looping 50 times on non-retryable errors (missing API key, auth failure, billing issues) instead of stopping immediately.

What changed

  • Fatal error detection — New isFatalError() recognizes permanent failures (missing API key, 401/403, billing, model not found) and stops the agent loop immediately
  • Circuit breaker — If the same non-fatal error repeats 3 times consecutively, the agent stops instead of burning through all 50 iterations
  • Early API key check — Providers detect missing API keys before making HTTP requests and show actionable error messages
  • Human-readable errors — No more raw JSON dumps. Errors now say things like "Set OPENAI_API_KEY or run: codebot --setup"

Before

✗ LLM error after retries:  — { "error": { "message": "You didn't provide an API key..." } }
(repeated 50 times)
✗ Max iterations (50) reached.

After

✗ No API key configured for gpt-4.1. Set OPENAI_API_KEY or run: codebot --setup

Tests

138 passing (up from 131), including new tests for fatal error detection, circuit breaker behavior, and billing/quota error patterns.

npm install -g codebot-ai@1.4.1

v1.4.0 — 28 Tools: The Full Agent

Choose a tag to compare

@Ascendral Ascendral released this 28 Feb 02:56

15 New Tools (13 → 28 total)

CodeBot now has parity with top-tier coding agents. All tools are zero-dependency, using only Node.js built-ins.

Tier 1 — Intelligence

Tool What It Does
git status, diff, log, commit, branch, checkout, stash, push, pull, merge, blame, tag
code_analysis Symbol extraction, find references, imports, file outline
multi_search Fuzzy search across filenames + content + symbols with ranking
task_planner Hierarchical task tracking with priorities and persistence
diff_viewer File comparison, git diffs, staged changes

Tier 2 — Development

Tool What It Does
docker Container management (ps, run, build, compose)
database SQLite queries with destructive SQL blocking
test_runner Auto-detect jest/vitest/pytest/go/cargo, run, parse results
http_client HTTP requests with auth, headers, JSON handling
image_info PNG/JPEG/GIF/SVG dimensions from binary headers

Tier 3 — Infrastructure

Tool What It Does
ssh_remote Remote exec and file transfer with injection protection
notification Slack/Discord/webhook with severity formatting
pdf_extract Text extraction and metadata from PDFs
package_manager Auto-detect npm/yarn/pip/cargo/go
code_review Security scanning and complexity analysis

Security

Every tool has safety guards: SQL injection blocking, SSH injection protection, SSRF blocking, dangerous command blocking, force-push prevention.

Tests

131 tests, all passing (up from 99 in v1.3.0).

Install / Update

npm install -g codebot-ai

v1.3.0 — Stability Hardening

Choose a tag to compare

@Ascendral Ascendral released this 27 Feb 15:37

What's New

9 stability fixes that eliminate silent crashes during continuous operation.

Error Recovery

  • Automatic retry — 429 rate limits, 5xx server errors, and network failures (ECONNRESET, ETIMEDOUT) now retry with exponential backoff + jitter, respecting Retry-After headers
  • Stream crash recovery — if the LLM connection drops mid-response, the agent loop retries on the next iteration instead of dying
  • Compaction fallback — if LLM-powered context summarization fails, silently falls back to simple message dropping

Process Resilience

  • Unhandled rejection/exception handlers — catches process-level errors, logs them in red, keeps the REPL alive (only exits on true OOM)
  • Scheduler timeout — routines capped at 5 minutes; hanging tasks no longer permanently block the scheduler
  • Web-fetch body timeout — AbortController now covers both connection AND response body reading

Testing

  • 16 new stability tests (99 total, all passing)
  • Tests cover: stream crash recovery, error event recovery, permission denial flow, retry logic, exponential backoff, Retry-After headers, invalid JSON handling

Distribution

  • Overhauled README with badges, feature list, and complete tool documentation
  • Expanded npm keywords for better discoverability
  • Updated tool count: 13 built-in tools (added web_search and routine)

Install / Update

npm install -g codebot-ai