- Gemini Login Inheritance Fixed: managed Gemini panes now set
GEMINI_CLI_HOMEto the isolated home root so Gemini CLI reads projected.gemini/.env, settings, and login state from the intended managed boundary - Regression Coverage Added: launcher tests now lock the aligned
HOME,GEMINI_CLI_HOME, andGEMINI_ROOTcontract and guard against nested.gemini/.geminisettings writes - Community Contact Trimmed: README removed the standalone Linux.do contact entry while keeping the Linux.do community acknowledgement
- WSL Provider Transport Inherited: managed provider panes now preserve user-session proxy, CA, browser, and WSL interop environment needed by official-login and Codex Apps/MCP networking paths
- Managed Isolation Preserved: transport inheritance is centralized and does not allow caller-global
CODEX_HOME,GEMINI_ROOT,CLAUDE_PROJECTS_ROOT, orCCB_CALLER_*runtime authority to override agent-scoped managed state - Gemini Login Projection Extended: managed Gemini homes now project allowlisted
.gemini/.envAPI credentials,google_accounts.json, andGEMINI_CLI_HOMEwhile diagnostics continue excluding copied auth artifacts - Opencode Session Detection Hardened: opencode now treats env-session mode as active only when its provider-specific runtime env is present, avoiding stale generic
CCB_SESSION_IDcontamination - Community Entry Refreshed: README now includes the refreshed WeChat group QR image and Linux.do community acknowledgement so users can find the current support channels from the public project page
- Release CI Greened: latest release validation now points at a commit whose full GitHub Actions test workflow passes across Ubuntu, macOS, WSL, and install smoke jobs
- Provider Blackbox Coverage Focused: heavy pane-backed provider restart / rotate / settle tests now run in a dedicated Ubuntu provider-blackbox job instead of being repeated across every OS and Python matrix cell
- macOS Socket Test Race Fixed: ccbd socket tests now wait for the daemon socket to answer ping requests before issuing RPCs, avoiding macOS runner readiness races
- macOS Keychain Login Inherited: managed Claude startup now reads official Claude Code login credentials from macOS Keychain and materializes an equivalent project-scoped
.claude/.credentials.jsoninside isolated Claude homes - Claude Account Metadata Refreshed: inherited
.claude.jsonaccount metadata now refreshes from the source home while preserving managed workspace trust and excluding source workspace trust or API key secrets - Default Config Startup Fixed: keeper startup now treats a missing
.ccb/ccb.configas a request to use the built-in default project config instead of exiting beforeccbdcan mount - Regression Coverage Expanded: tests now lock Keychain projection, metadata refresh, and disabled-auth cleanup paths for managed Claude login inheritance
- CodeIsland Hook Assets Inherited: managed Claude startup now copies referenced source-home hook assets such as
.codeisland/when inherited Claude hooks call$HOME/.codeisland/..., preventing missing-hook failures inside isolated Claude homes - Config Boundary Preserved: third-party hook assets are copied only when Claude config inheritance is enabled and the inherited hook payload actually references that home-relative asset path
- Diagnostics Redaction Extended: diagnostic bundles now exclude copied
.codeisland/provider-state assets while still including ordinary managed Claude settings for support
- Claude Official Login Source Home Fixed: managed Claude startup now treats
.ccb/agents/*/provider-state/*/homeas an isolated runtime home, not the user's source home, so official browser-login credentials are copied from the real account home - Claude Credential Path Coverage: managed Claude homes now project Claude Code official-login credentials from
.claude/.credentials.jsonwhile retaining compatibility with.config/claude-code/auth.json - Regression Coverage Added: tests now lock source-home fallback, launcher projection, diagnostics redaction, and workspace preparation for official Claude login inheritance
- Claude Official Login Projection: managed Claude homes now project Claude Code official login credentials from
.claude/.credentials.json, so browser-login-backed auth can be inherited into isolated CCB runtimes instead of only API-token-based settings auth - Managed Login Auth Retention: when global Claude auth artifacts disappear but managed Claude state already holds a valid project-scoped login, startup now preserves that managed login auth across restart instead of silently dropping it
- Auth Cleanup And Regression Coverage: disabling auth inheritance now clears stale copied Claude login credentials, and targeted tests now lock the projection, cleanup, and launcher startup paths
- Empty Gemini Hook Replies No Longer Burn Jobs: managed Gemini
AfterAgenthooks that fire with an empty reply now downgrade toincompleteinstead of terminalizing as a false exact completion - Exact Hook Polling Becomes Safer: Gemini exact-hook polling now ignores
completedhook artifacts with no reply text, allowing observed session-stability or timeout reliability paths to converge the request instead of accepting a blank terminal result - Regression Coverage Added: targeted tests now lock the empty-reply guard at both the finish-hook artifact writer and Gemini execution-service polling layers
- Gemini Endpoint Override Restored: managed Gemini startup now preserves
GOOGLE_GEMINI_BASE_URLend to end, so custom endpoint and proxy-backed Gemini CLI setups no longer fall back to Google's default production API host - Gemini Model Env Allowlisted: control-plane and provider-profile env filtering now preserve
GEMINI_MODEL, allowing isolated Gemini agents to keep explicit model selection instead of silently dropping it at startup - Config Shortcut Alignment: Gemini
key/urlshortcuts now materialize the same environment variables the current Gemini CLI actually reads, keeping explicit config-based routes aligned with shell-level env behavior
- Codex Plugin Projection Fixed: managed Codex homes now project plugin-bundle authority under
.tmp/plugins/and.tmp/plugins.sha, so isolated agents inherit marketplace and installed plugin assets coherently instead of starting with plugin-enabled config but missing bundles - Plugin Refresh Semantics Tightened: startup now refreshes the managed plugin projection as one authority unit, removes stale managed plugin residue when the source projection disappears, and skips unnecessary recopies when the source
plugins.shamarker is unchanged - Cmd Shell / Session Env Hardening: the
cmdpane now directlyexecs the resolved user shell and preserves ordinary user-session transport variables such asDISPLAY,WAYLAND_DISPLAY,DBUS_SESSION_BUS_ADDRESS,XAUTHORITY, andSSH_AUTH_SOCK, improving fish/zsh and GUI-command compatibility
- Codex Explicit Route Authority: managed Codex homes now materialize agent-local
config.tomlandauth.jsonas the sole authority for explicitkey/urlroutes, so agent-scoped API overrides replace inherited global provider routes instead of drifting back to system config - Codex Session Namespace Rotation: managed Codex startup now fingerprints explicit route authority, stamps reusable session bindings with that authority, and rotates stale
sessions/namespaces before launch when the bound route no longer matches - Foreground Attach UX Hardening: interactive
ccbstartup now seeds tmux namespace creation from the real terminal viewport and issues a best-effort client refresh after attach so first paint matches the current terminal size without manual redraw
- Managed Claude Auth Preservation: managed Claude homes now preserve agent-local login auth when the global Claude home has been logged out, so a project-scoped re-login survives restart instead of re-entering a browser-link loop
- Auth Projection Semantics Tightened: Claude startup still refreshes source auth when it exists, but stops treating missing source auth as an instruction to blank managed auth; disabled auth inheritance continues to clear stale copied auth state
- Startup Regression Coverage Expanded: targeted tests now lock this behavior at the projection layer, provider workspace preparation, and Claude launcher startup path
- macOS Release Path: shared release artifact naming and updater resolution now cover the macOS universal bundle alongside Linux/WSL release assets
- Source Dev Install Mode: installs from a git checkout now stay linked to the live source tree, skip startup auto-update prompts, and can switch to a managed release install through
ccb update - Agent API / Model Shortcuts:
.ccb/ccb.confignow accepts flat per-agentkey,url, andmodelshortcuts so common provider overrides stay concise - Preview Packaging Hardening: preview release exports now exclude generated output paths inside the repo, fixing recursive self-copy failures such as
dist-macos-smoke
- Cached Startup Update Prompt: interactive foreground
ccbstart can now read install-scoped cached release metadata and offer an upgrade prompt only when a newer stable release is already known locally - Background Refresh Without Startup Stall: cache misses or stale cache now schedule a background refresh with short network budgets instead of joining the project startup transaction
- Prompt Deferral And Silence Controls: users can upgrade immediately, continue and defer the prompt for the current version, or silence that exact version
- Startup Contract Boundary Preserved: startup supervision now explicitly treats release-update checks as advisory logic outside the lifecycle startup transaction
- Cold-Start Namespace Classification Fix: project tmux namespace liveness now treats
no server running on <project socket>as an absent namespace that should be created or recreated, instead of surfacing a falsefailed to inspect tmux sessionstartup failure - Project Lifecycle Regression Coverage: added backend/state regression tests for the absent-server cold-start path so real
ccb -> ping -> killlifecycle flows remain covered - Startup Contract Clarified: the startup supervision contract now explicitly defines project-socket
no server runningas a namespace-absent signal during create/recreate decisions
- Gemini Login Auth Inheritance: managed Gemini startup now projects
security.auth.selectedTypeandoauth_creds.jsonfor login-backedoauth-personalreuse, while stale copied credentials are removed whenever auth inheritance is disabled - Shared Tmux Ready Budget: project-owned pane respawn now uses the same tmux object readiness retry budget as namespace create/reflow instead of a separate shorter timeout, reducing transient
no server runningfailures during startup and supervision - Background Startup Compatibility: background lifecycle startup preserves supervisor compatibility and keeps readiness-probe budgets separated from operational RPC timeouts
- Diagnostics Credential Redaction: support bundles now exclude Gemini
oauth_creds.jsontogether with other provider credential artifacts
- WSL Runtime Compatibility: Unix socket placement and installer staging now avoid unsupported WSL mounted-drive paths, and tmux namespace readiness is retried more cleanly during startup
- macOS Lifecycle Hardening: lifecycle restore, startup timing, and project identity handling were tightened so macOS runs converge on the same authority model as Linux instead of flaking during startup or recovery
- Respawn Resilience: transient tmux fork, server-exit, and readiness failures are now retried at the runtime boundary instead of surfacing as spurious lifecycle breakage
- Watch Reconnect Recovery:
watchand ask-wait flows can recover terminal results from persisted state after brief daemon loss while still honoring reconnect deadlines instead of hanging indefinitely - Cross-Platform Validation Expanded: GitHub Actions now covers macOS install smoke and WSL compatibility paths together with the existing Linux test matrix
- Keeper-Owned Lifecycle Authority: project lifecycle is now anchored around keeper-owned
lifecycle.json, clearer generation ownership, and stricter namespace epoch authority - Mounted-State Read Path Fixes:
ping ccbdandping <agent>now read mounted/runtime state from current authority instead of drifting to stale failure views after restart or recovery - Shutdown Transaction Hardening:
ccb killandccb kill -fnow terminalize non-terminal jobs inside the same shutdown transaction so in-flight work cannot reappear as restore or auto-retry authority after restart - Real Blackbox Validation: real-project lifecycle repro on
ask -> kill -f -> restartnow converges toproject_shutdownwith no lingering active execution
- Foreground Kill Lifecycle Fix:
ccb killno longer leaves interactiveccbreporting a false foreground-attach failure after the project tmux namespace is intentionally destroyed - Codex Session Isolation Contract Landed: managed Codex startup now keeps agent-scoped session authority bound to the agent-owned managed home instead of ambient project or global provider state
- Provider Control-Plane Isolation Tightened: project-scoped control-plane processes now scrub inherited provider runtime markers more strictly so agent runtime identity does not leak into
ccb, keeper, orccbd - Agent Isolation Stability: restart and recovery paths continue to preserve project-scoped managed provider boundaries for Codex, Claude, and Gemini agents
- Agent Isolation Stability: strengthened managed agent isolation so Codex, Claude, and Gemini agent sessions stay bound to their own project-scoped provider state under
.ccb - Provider Home Boundaries: Claude and Gemini startup now reject stale persisted provider homes that point outside the current agent's managed state unless an explicit validated provider profile owns that home
- Restart Inheritance Safety: fresh managed Gemini starts no longer adopt ambient
GEMINI_ROOTor global~/.geminihistory just because the same work directory was used manually - Project Dotfile Protection: managed startup keeps provider hook/trust state inside agent provider-state homes and does not rewrite project-level
.claude,.gemini, or.codexprovider dotfiles
- Backward-Compatible Release Assets: Linux release tarballs now include a compatibility alias so older 6.x updaters that treat the asset filename as the extracted directory can still install successfully
- Pre-6.0.3 Upgrade Path Restored: existing
v6.0.1andv6.0.2installs can now update to the latest stable release without relying on patched local updater code - Self-Update Hotfix Retained: current runtime still resolves the extracted release directory correctly and no longer depends on the compatibility alias
- Release Tarball Upgrade Fix:
ccb updatenow resolves the extracted release directory correctly instead of treating the.tar.gzfilename as a directory path - Installer Handoff Restored: self-update once again finds
install.shinside extracted release assets and completes the replacement flow end to end - Release Build Hygiene: Linux release packaging now ignores local
.ccb-requests/mailbox residue so official builds are not blocked by runtime leftovers
- Caller Attribution Fix:
ccb asknow preserves the originating agent identity so replies route back to the correct mailbox instead of drifting touserorcmd - Mailbox Delivery Stability: control-plane reply routing now keeps async
cmdmailbox delivery aligned with the real caller chain - Mixed-Case Agent Recovery: config layout recovery now normalizes mixed-case agent names consistently during restore and startup
- macOS Dependency Warning:
install.shnow warns when Homebrew is missing on macOS before tmux and related dependencies are installed
- Tracked Temp Cleanup: Removed accidentally tracked
.tmp_pytestartifacts that contaminated GitHub source archives - Repo Hygiene Guard: Added a regression test to block ephemeral test artifacts from entering the git index again
- Safer Tar Validation: Upgrade/install extraction now rejects unsafe symlink targets before unpacking
- Clearer Extraction Errors: Unsafe archive failures now explain that the archive contains unsafe paths or links and should be replaced with a clean source archive or official release asset
- Infinite Parallel Agent Edition: CCB v6 establishes the runtime foundation for effectively unbounded multi-agent delegation inside one project
- Independent Agent Identity: Each agent can carry its own role, task stream, skill set, and collaboration style
- Stable Native Communication: Agent-to-agent orchestration continues through the built-in control plane instead of shell-level glue
- User Workflow Reduced: Public startup and rebuild flow is now intentionally centered on
ccb,ccb -s,ccb -n,ccb kill, andccb kill -f - Control Plane Retained:
ask,ping,pend, andwatchremain available for model-side coordination without dominating user help - Safe Rebuild Semantics: Legacy project runtime state is rebuilt from
.ccb/ccb.config, while current 6.x projects retain an explicit runtime marker
- Default Inplace Workspaces: Agents now default to
inplace; isolated branches are opt-in viaagent:provider(worktree) - Worktree Reconciliation: Added stable handling for added, removed, renamed, dirty, missing, and unmerged worktree agents during start, kill, and
ccb -n - Restore Stability: Namespace root panes are preserved during cleanup so restart/restore flows no longer self-delete active project panes
- Gemini Multi-Round Completion: Gemini completion polling now survives planning/tool rounds and waits for the real final reply
- Linux Release Path:
ccb updatefor the 6.x line is now aligned to Linux/WSL release assets instead of source snapshots - Release Metadata Preservation: Install/update paths preserve embedded version, commit, and date metadata, including git worktree installs
- Public CLI Simplified: User-facing startup flow is now centered on
ccb,ccb -s,ccb -n,ccb kill, andccb kill -f - Explicit Worktree Opt-In: Compact
ccb.configentries now default toworkspace_mode='inplace'; isolated branches requireagent:provider(worktree) - Internal Control Plane Preserved:
ask,ping,pend, andwatchremain available for model-side orchestration without crowding the main user help
- Reset Rebuilds Cleanly:
ccb -nrebuilds project runtime state while preserving.ccb/ccb.config - Stale Worktree Cleanup: Startup and reset paths now prune missing registered git worktrees before rematerializing agent workspaces
- Agent Change Reconciliation: Adding agents no longer disturbs existing worktrees; removing or renaming worktree agents retires clean branches and blocks on unmerged or dirty ones
- Kill Warnings:
ccb killnow warns clearly when project worktree agents still have unmerged or dirty state that needs user attention
- Gemini Multi-Round Stability: Gemini completion polling now tracks tool-call activity and no longer treats the first stable planning message as the final answer
- Detector Reset Safety: Session rotation clears tool-active state so later turns are evaluated independently
- Added focused tests for the simplified CLI surface, worktree reconciliation and reset/kill safeguards, and Gemini early-completion regression paths
- tmux Layout Tip: Added English and Chinese usage notes explaining that
Ctrl+bthenSpacecycles tmux layouts and can be pressed repeatedly
- Completion Status: Completion hook now distinguishes
completed,cancelled,failed, andincompleteinstead of reporting every terminal state as completed - Cancellation Handling: Gemini and Claude adapters now consistently honor cancellation and emit a terminal status instead of leaving requests stuck in processing
- Routing Safety: Completion routing now keeps parent-project to subdirectory compatibility while preventing nested child sessions from hijacking parent notifications
- Codex Session Binding: Bound Codex requests no longer drift to a newer session log in the same worktree
- askd Startup Guardrails:
bin/asknow respectsCCB_ASKD_AUTOSTART=0and scrubs inherited daemon lifecycle env before spawning askd - Claude Session Backfill:
ccbstartup again backfillswork_dirandwork_dir_norminto existing.claude-sessionfiles - Regression Tests: Added focused tests for completion status handling, caller routing, autostart behavior, cancellation paths, and Codex session binding
- Async Guardrail: Added global mandatory turn-stop rule to
claude-md-ccb.mdto prevent Claude from polling after asyncasksubmission - Marker Consistency:
bin/asknow emits[CCB_ASYNC_SUBMITTED provider=xxx]matching all other provider scripts - SKILL.md DRY: Ask skill rules reference global guardrail with local fallback, eliminating duplicate maintenance
- Command References: Fixed
/ping→/cpingandping→ccb-pingin docs
- Explicit CCB_CALLER:
bin/askno longer defaults to"claude"whenCCB_CALLERis unset; exits with an error instead - SKILL.md template: Ask skill execution template now explicitly passes
CCB_CALLER=claude
- Local History: Context exports now save to
./.ccb/history/per project - CWD Scope: Auto transfer runs only for the current working directory
- Legacy Migration: Auto-detect
.ccb_configand upgrade to.ccbwhen possible - Claude /continue: Attach the latest history file with a single skill
- Old Session Fields:
.claude-sessionnow recordsold_claude_session_id/old_claude_session_pathwithold_updated_at - Auto Context Export: Previous Claude session is extracted to
./.ccb/history/claude-<timestamp>-<old_id>.md - Transfer Cleanup: Improved noise filtering while preserving tool-only actions
- Claude Completion Hook: Unified askd now triggers completion hook for Claude
- askd Lifecycle: askd is bound to CCB lifecycle to avoid stale daemons
- Mounted Detection:
ccb-mountednow uses ping-based detection across all platforms - State File Lookup:
askd_clientfalls back toCCB_RUN_DIRfor daemon state files
- Unified Daemon: All providers now use unified askd daemon architecture
- Install/Uninstall: Fixed installation and uninstallation bugs
- Process Management: Fixed kill/termination issues
bin/ask: Foreground mode available via--foreground;--backgroundforces legacy async- Managed Codex sessions default to foreground to avoid background cleanup
- Environment overrides:
CCB_ASK_FOREGROUND=1/CCB_ASK_BACKGROUND=1 - Foreground runs sync and suppresses completion hook unless
CCB_COMPLETION_HOOK_ENABLEDis set CCB_CALLERnow defaults tocodexin Codex sessions when unset
New unified commands replace provider-specific commands:
| Old Commands | New Unified Command |
|---|---|
cask, gask, oask, dask, lask |
ask <provider> <message> |
cping, gping, oping, dping, lping |
ccb-ping <provider> (skill: /cping) |
cpend, gpend, opend, dpend, lpend |
pend <provider> [N] |
Supported providers: gemini, codex, opencode, droid, claude
- The old native-Windows backend path has been removed from the active codebase
- Current Unix runtime is tmux-only
- Native Windows mux support is being redesigned around
psmux
completion_hook.py: Usessys.executablefor cross-platform script executionbin/ask:- Unix: Uses
nohupfor true background execution - Windows: Uses PowerShell script + message file to avoid escaping issues
- Unix: Uses
- Added
SKILL.md.powershellforcpingandpendskills
New unified skills:
/ask <provider> <message>- Async request to AI provider/cping <provider>- Test provider connectivity/pend <provider> [N]- View latest provider reply
- Old provider-specific commands (
cask,gask, etc.) are deprecated - Old skills (
/cask,/gask, etc.) are removed - Use new unified commands instead
# Old way
cask "What is 1+1?"
gping
cpend
# New way
ask codex "What is 1+1?"
ccb-ping gemini
pend codexFor older versions, see CHANGELOG_4.0.md