## Summary
- Add `DyadError` / `DyadErrorKind` in `src/errors/dyad_error.ts` for
classified failures (validation, not found, auth, precondition,
conflict, user cancel, rate limit, etc.).
- Extend `shouldFilterTelemetryException` so filtered kinds are not sent
as PostHog `$exception` events; preserve legacy filters (RateLimitError
429, exact Supabase message set).
- `safe_handle` rethrows `DyadError` unchanged; typed handler invalid
input uses `Validation`.
- Migrate many IPC/main/git/supabase/local-agent call sites from `throw
new Error` to `DyadError` with appropriate kinds.
- Document in `AGENTS.md`, `rules/dyad-errors.md`, and
`.cursor/rules/ipc.mdc`.

## Test plan
- `npm run ts`, `npm run lint`, `npm test` (946 tests) passed locally.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Made with [Cursor](https://cursor.com)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3063"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

## Summary
- Increased `DEFAULT_MAX_TOOL_CALL_STEPS` from 50 to 100 to better
support complex multi-step tasks
- Reorganized option tiers: Low (25), Medium (50), Default (100), High
(200) — removed the old "Very High" tier
- Updated E2E tests and snapshots to reflect the new defaults

## Test plan
- [x] Unit tests pass (`npm test` — 44 test files)
- [x] Lint, format, and type checks pass
- [ ] Verify max tool call steps selector UI shows correct options
- [ ] Run E2E test `max_tool_call_steps.spec.ts` to confirm snapshot
alignment

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3053"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Will Chen <7344640+wwwillchen@users.noreply.github.com>
Co-authored-by: Claude <noreply@anthropic.com>

## Summary
- retry local-agent stream passes when providers emit transient server
errors like Azure `server_error`
- keep the existing terminated-stream continuation path and apply it to
retryable provider-side failures
- add a regression test covering the structured provider error event
shape

## Test plan
- npm run fmt
- npm run lint:fix
- npm run ts
- npm test

🤖 Generated with [Claude Code](https://claude.com/claude-code)

<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3044"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

closes #3010 
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3029"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Claude <noreply@anthropic.com>

closes #2808

---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>

<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2950"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

## Summary
- remove the automatic `cc:request` labeling step from the
`dyad:pr-push` skill
- keep the rest of the push and PR workflow unchanged

## Test plan
- npm run fmt
- npm run lint:fix
- npm run ts
- npm test

#skip-bugbot

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3025"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

## Summary
- filter PostHog telemetry exceptions for  instances emitted by 
- keep existing telemetry filtering behavior for other exception types
unchanged
- add unit coverage for filtered 429 and non-filtered non-429 rate limit
errors

## Test plan
- npm run fmt
- npm run lint:fix
- npm run ts
- npm test

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3024"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

## Summary
- route main-process `$exception` telemetry through
`posthog.captureException()` in the renderer
- normalize exception fields in IPC telemetry payloads and strip them
from extra context before capture
- add focused unit coverage for exception reconstruction and context
extraction

## Test plan
- npm run fmt && npm run lint:fix && npm run ts
- npm test

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3022"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

#skip-bb

## Summary
- Use `dispatchEvent("click")` instead of `force: true` click to bypass
telemetry consent overlay issues in the setup flow e2e test
- Add `toPass` retry logic to handle accordion auto-collapse state
transitions after Node.js is detected as installed
- Dismiss telemetry consent "Later" button if visible before proceeding
with test steps

## Test plan
- Run the setup flow e2e test (`setup_flow.spec.ts`) and verify it
passes reliably without flaking on the Node.js installation detection
step
- Verify the test correctly handles the accordion collapsing after
Node.js is detected

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2996"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->
Co-authored-by: Will Chen <willchen90@gmail.com>
Co-authored-by: Claude <noreply@anthropic.com>

#skip-bb

## Summary
- During AI streaming, the full messages array (potentially 500KB+ with
many messages) was serialized and sent through IPC on every text-delta
chunk, causing UI sluggishness
- Changed to send only the streaming message ID and updated content for
high-frequency streaming updates
- Full messages are still sent for initial loads and state changes
(compaction, lazy edits) to maintain correctness
- Updated all consumers (`useStreamChat`, `usePlanImplementation`,
`useResolveMergeConflictsWithAI`) to handle both full and incremental
chunk modes

## Test plan
- [x] TypeScript compilation passes
- [x] All 897 unit tests pass (39 files)
- [x] E2E tests pass (234 passed — 20 pre-existing failures unrelated to
this change, confirmed by running on clean main)
- [x] Specifically tested: `new_chat`, `chat_input`,
`local_agent_advanced`, `local_agent_code_search`, `local_agent_grep`,
`local_agent_search_replace`, `local_agent_list_files`,
`local_agent_summarize`, `local_agent_connection_retry`,
`local_agent_read_logs`, `local_agent_consent`,
`local_agent_persistent_todos`, `local_agent_todo_followup`,
`concurrent_chat`, `chat_history`

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2988"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Will Chen <willchen90@gmail.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

### Motivation
- Prevent the UI from becoming sluggish while the assistant streams
large or rapidly-updated messages by deferring expensive
markdown/custom-tag parsing during active streaming.

### Description
- Use React's `useDeferredValue` in `DyadMarkdownParser` and switch the
parser to consume a `contentToParse` value that is the deferred
`content` only while `isStreaming` is true, and update the `useMemo`
dependency to `contentToParse` so final rendering uses the full, current
content.

### Testing
- Ran `npm run fmt`, `npm run lint`, and `npm run ts` in this
environment, and all three failed due to the npm registry returning `403
Forbidden` for required tooling (formatter/linter/typechecker) rather
than code errors in the change.

------
[Codex
Task](https://chatgpt.com/codex/tasks/task_e_69b10fad1e74832782eea5db1ccb0196)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2987"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

## Summary
- Add `image_utils.ts` for extracting MIME type and extension from image
data (base64 or binary)
- Add `image_dimension_utils.ts` for reading dimensions from
PNG/JPEG/GIF/WebP images
- Update `web_crawl` to use `maxTokens` (9000) from
`GEMINI_CRAWL_LONG_CONTEXT` config
- Update `prepare_step_utils` to handle `GEMINI_CRAWL_LONG_CONTEXT`
model config
- Add comprehensive tests for all new utilities

## Test plan
- [x] All existing tests pass
- [x] New tests added for image utilities covering:
- Image type detection from various formats (PNG, JPEG, GIF, WebP, BMP,
TIFF)
  - Base64 and binary data handling
  - Invalid/corrupted data handling
  - Dimension extraction from PNG, JPEG, GIF, WebP

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2892"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Will Chen <willchen90@gmail.com>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Co-authored-by: claude[bot] <41898282+claude[bot]@users.noreply.github.com>

## Summary
- fetch the builtin language model catalog from api.dyad.sh with local
fallback data and alias resolution
- migrate theme generation, auto mode, and help bot to use dynamic
catalog aliases
- add E2E coverage for both remote-catalog and fallback behavior

## Test plan
- npm run fmt
- npm run lint:fix
- npm run ts
- npm test
- PLAYWRIGHT_HTML_OPEN=never npm run e2e --
e2e-tests/dynamic_models.spec.ts (run outside sandbox)

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2914"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: claude[bot] <41898282+claude[bot]@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

## Summary
- Fixes a bug where the response processor would attempt `git commit`
even when there were no staged changes, causing "nothing to commit"
errors
- Adds a `hasStagedChanges` utility function to `git_utils.ts` that
checks whether there are actually staged files before committing
- Updates the commit flow in `response_processor.ts` to check for staged
changes first, skipping the commit when unnecessary

## Test plan
- [x] All 897 existing tests pass
- [x] Lint, formatting, and type checks pass
- Verify that file write/rename/delete operations still commit correctly
when changes are staged
- Verify that no error is thrown when git operations result in no staged
changes

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2991"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: claude[bot] <41898282+claude[bot]@users.noreply.github.com>
Co-authored-by: Will Chen <willchen90@gmail.com>

## Summary
- Improve error message handling in local agent error responses by using
`getErrorMessage()` helper
- This ensures consistent error message formatting across the
application

## Test plan
- Verify local agent error responses display proper error messages
- Check that the error handling works for various error types

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2983"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

closes #2905 
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2931"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

## Summary
- Add `enableSelectAppFromHomeChatInput` experiment setting with toggle
in Settings UI
- Conditionally render the app selector ("No app selected") in
HomeChatInput based on the setting
- Update e2e tests to enable the flag via `setUp()` UI toggle instead of
writing `user-settings.json` directly

## Test plan
- [ ] Verify the app selector is hidden by default on the home chat
input
- [ ] Enable the toggle in Settings > Experiments and verify the app
selector appears
- [ ] Run e2e tests: `npx playwright test home_chat_existing_app`

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2964"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: claude[bot] <41898282+claude[bot]@users.noreply.github.com>

## Summary
- Add `dyad-assistant` to all trusted author/actor lists across the
codebase
- This includes GitHub Actions workflows (CI, PR review, rebase, triage,
bugbot, label-rebase) and Claude skill definitions (pr-fix-comments,
deflake-e2e-recent-commits)
- Ensures `dyad-assistant` can trigger CI on self-hosted runners, use
the PR review responder, trigger rebases, and be recognized as a trusted
bot for comment processing

## Files changed (9 files)
- `.github/workflows/ci.yml` - privileged author check
- `.github/workflows/pr-review-responder.yml` - allowedActors list and
prAuthor check
- `.github/workflows/claude-pr-review.yml` - author filter and
allowed_non_write_users
- `.github/workflows/claude-rebase.yml` - allowedUsers list
- `.github/workflows/bugbot-trigger.yml` - author filter
- `.github/workflows/label-rebase-prs.yml` - allowedAuthors list
- `.github/workflows/claude-triage.yml` - trusted comment authors for
duplicate surfacing
- `.claude/skills/pr-fix-comments/SKILL.md` - trusted bots list
- `.claude/skills/deflake-e2e-recent-commits/SKILL.md` - PR author scan
list

## Test plan
- [ ] Verify `dyad-assistant` PRs trigger CI on self-hosted runners
- [ ] Verify `dyad-assistant` PRs get automated code review
- [ ] Verify `dyad-assistant` can use the PR review responder workflow

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2963"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

## Summary
- Enable `display_report: true` on trusted `claude-code-action`
workflows so Claude's work summary appears in GitHub Actions step
summaries
- Leave `display_report` as default (false) for `closed-issue-comment`
which processes untrusted input
- Replace the "Push any unpushed changes" step in `pr-review-responder`
with a deterministic `git push` instead of spawning a full
`claude-code-action` invocation

## Test plan
- Verify workflow YAML syntax is valid
- Trigger a workflow run and confirm the step summary now appears
- Confirm the deterministic push step works when there are/aren't
unpushed commits

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2959"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

## Summary
- Set top-level `permissions: {}` on 7 workflows to restrict default
token permissions, moving grants to job level with least-privilege
scoping
- Pinned CLA Assistant action to commit SHA (`ca4a40a7d...`) instead of
mutable tag for supply-chain safety
- Mitigated prompt injection in the issue triage workflow by passing
issue data via environment variables instead of direct template
interpolation, with an explicit security notice

## Test plan
- [ ] Verify CLA workflow still posts status comments on PRs
(permissions moved to job level)
- [ ] Verify issue triage workflow still labels and comments on new
issues (env var approach)
- [ ] Verify PR review, rebase, bugbot, and closed-issue-comment
workflows still trigger correctly with restricted top-level permissions
- [ ] Confirm no permission errors in workflow runs

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2928"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->
Co-authored-by: Will Chen <willchen90@gmail.com>
Co-authored-by: Claude <noreply@anthropic.com>

closes #2809 
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2920"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

## Summary
- When a user enters a pro key via deep link, the budget query was not
invalidated, leaving stale budget data until the 5-minute cache expired
- Added `queryClient.invalidateQueries` for the user budget query in the
deep link handler in `TitleBar.tsx`, matching the behavior already
present in the manual key entry path

## Test plan
- [ ] Enter a Dyad Pro key via deep link
(`dyad://dyad-pro-return?key=...`) and verify the budget display updates
immediately
- [ ] Enter a Dyad Pro key manually in settings and verify budget still
refreshes (regression check)

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2956"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

closes #2916 
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2918"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2901"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

## Summary
- Bump version to v0.39.0
- Add promote-beta-to-stable skill for automating future releases

## Test plan
- CI passes
- Version number is correct in package.json

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2955"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2954"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

## Summary
- Removes the `merge-pr.yml` GitHub Actions workflow that auto-merged
PRs from allowed authors when CI passed

## Test plan
- Verify no other workflows depend on `merge-pr.yml`
- Confirm CI still runs normally without this workflow

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2930"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->
Co-authored-by: Will Chen <willchen90@gmail.com>
Co-authored-by: Claude <noreply@anthropic.com>

## Summary
- switch the listed Claude automation workflows from PAT/default token
auth to GitHub App installation tokens
- use fork-scoped app tokens for PR responder and rebase push paths,
plus base-repo app tokens for labels/comments/API calls
- rename the Actions variable and secret references to
DYAD_GITHUB_APP_ID and DYAD_GITHUB_APP_PRIVATE_KEY

## Test plan
- npm run fmt
- npm run lint:fix
- npm run ts

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2936"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

## Summary
- disable `actions/setup-node` package manager caching in release
workflow jobs
- keep release builds on fresh `npm ci` installs to avoid cache-related
release breakage
- #skip-bugbot

## Test plan
- `npm run fmt`
- `npm run lint:fix`
- `npm run ts`
- `npm test`

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2929"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->
Co-authored-by: Will Chen <willchen90@gmail.com>

<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2842"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

closes #2634 
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2717"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Mohamed Aziz Mejri <mohamedazizmejri@Mohameds-Mac-mini.local>

## Summary
- Allow multiple Dyad apps to run simultaneously instead of stopping the
previous app when switching
- Add garbage collection that stops apps idle for 10+ minutes (unless
currently selected)
- Track `lastViewedAt` timestamp on running apps to determine
eligibility for GC
- Clean up all running apps when the Dyad application quits

## Test plan
1. Create two test apps in Dyad
2. Run the first app and verify it starts
3. Switch to the second app - verify the first app keeps running (check
processes)
4. Wait 10+ minutes without viewing the first app - verify it gets
garbage collected
5. Close Dyad completely - verify all running app processes are stopped

Closes #2819

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2825"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Will Chen <willchen90@gmail.com>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Co-authored-by: claude[bot] <41898282+claude[bot]@users.noreply.github.com>

## Summary
- Check if branch exists locally before attempting to delete it
- If branch only exists on remote, inform user to delete on GitHub
- If branch doesn't exist anywhere, treat as success (already deleted)

## Test plan
- Try deleting a branch that exists locally - should work as before
- Try deleting a branch that only exists on remote - should get helpful
error message
- Try deleting a branch that doesn't exist anywhere - should succeed
silently

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2910"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Will Chen <willchen90@gmail.com>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Co-authored-by: claude[bot] <41898282+claude[bot]@users.noreply.github.com>

<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2887"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

## Summary
- Added `sendTelemetryException()` utility that sends `$exception`
events to PostHog via the main→renderer telemetry bridge, including
error type, message, and stack trace
- Wired error capture into all three IPC handler factories
(`createTypedHandler`, `createLoggedTypedHandler`,
`createLoggedHandler`) so every `ipcMain.handle` error is automatically
reported with the IPC channel name as context
- Errors are still re-thrown after capture so existing behavior is
unchanged

## Test plan
- All 844 existing tests pass
- Verify in dev that IPC handler errors appear as `$exception` events in
PostHog with `ipc_channel` property
- Confirm telemetry opt-out still prevents exception events from being
sent (via existing `before_send` filter)

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2886"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

## Summary
- Add a new setting to configure the maximum number of tool call steps
for local agent interactions
- Users can choose from Low (25), Default (50), High (100), Very High
(250) options
- The setting is integrated into the settings page with search index
support

## Test plan
- [ ] Verify the setting appears in Settings > Agent Settings
- [ ] Change the value and confirm it persists after app restart
- [ ] Verify the agent respects the configured limit during tool calls
- [ ] Run the new e2e tests to confirm UI interactions work correctly

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2900"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->
Co-authored-by: Will Chen <willchen90@gmail.com>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>

## Summary
- trigger the Claude rebase workflow on PR close events
- add a per-PR concurrency group so a close/merge event cancels any
in-progress rebase run
- restrict the rebase job itself to labeled events so closed PRs only
trigger cancellation

## Test plan
- npm run fmt
- npm run lint:fix
- npm run ts
- npm test

#skip-bugbot

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2915"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->