提交 · ea36c8318e456c11d5fe30294ec2d0ec62416f6a · 燕伟桐 / bit-pm

12 3月, 2026 4 次提交

fix: check staged changes before committing to prevent 'nothing to commit' error (#2991) · ea36c831

由提交于 3月 11, 2026

## Summary
- Fixes a bug where the response processor would attempt `git commit`
even when there were no staged changes, causing "nothing to commit"
errors
- Adds a `hasStagedChanges` utility function to `git_utils.ts` that
checks whether there are actually staged files before committing
- Updates the commit flow in `response_processor.ts` to check for staged
changes first, skipping the commit when unnecessary

## Test plan
- [x] All 897 existing tests pass
- [x] Lint, formatting, and type checks pass
- Verify that file write/rename/delete operations still commit correctly
when changes are staged
- Verify that no error is thrown when git operations result in no staged
changes

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2991"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: claude[bot] <41898282+claude[bot]@users.noreply.github.com>
Co-authored-by: Will Chen <willchen90@gmail.com>

ea36c831

Fix error message handling in local agent error responses (#2983) · 69a731c3

由提交于 3月 11, 2026

## Summary
- Improve error message handling in local agent error responses by using
`getErrorMessage()` helper
- This ensures consistent error message formatting across the
application

## Test plan
- Verify local agent error responses display proper error messages
- Check that the error handling works for various error types

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2983"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

69a731c3

Fix: firing queued messages when in other chat (#2931) · 9205717e

由提交于 3月 11, 2026

closes #2905 
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2931"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

9205717e

feat: gate home chat app selector behind experiment setting (#2964) · 87beccf7

由提交于 3月 11, 2026

## Summary
- Add `enableSelectAppFromHomeChatInput` experiment setting with toggle
in Settings UI
- Conditionally render the app selector ("No app selected") in
HomeChatInput based on the setting
- Update e2e tests to enable the flag via `setUp()` UI toggle instead of
writing `user-settings.json` directly

## Test plan
- [ ] Verify the app selector is hidden by default on the home chat
input
- [ ] Enable the toggle in Settings > Experiments and verify the app
selector appears
- [ ] Run e2e tests: `npx playwright test home_chat_existing_app`

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2964"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: claude[bot] <41898282+claude[bot]@users.noreply.github.com>

87beccf7

10 3月, 2026 9 次提交

chore: add dyad-assistant to all trusted author lists (#2963) · ca4b2da9

由提交于 3月 09, 2026

## Summary
- Add `dyad-assistant` to all trusted author/actor lists across the
codebase
- This includes GitHub Actions workflows (CI, PR review, rebase, triage,
bugbot, label-rebase) and Claude skill definitions (pr-fix-comments,
deflake-e2e-recent-commits)
- Ensures `dyad-assistant` can trigger CI on self-hosted runners, use
the PR review responder, trigger rebases, and be recognized as a trusted
bot for comment processing

## Files changed (9 files)
- `.github/workflows/ci.yml` - privileged author check
- `.github/workflows/pr-review-responder.yml` - allowedActors list and
prAuthor check
- `.github/workflows/claude-pr-review.yml` - author filter and
allowed_non_write_users
- `.github/workflows/claude-rebase.yml` - allowedUsers list
- `.github/workflows/bugbot-trigger.yml` - author filter
- `.github/workflows/label-rebase-prs.yml` - allowedAuthors list
- `.github/workflows/claude-triage.yml` - trusted comment authors for
duplicate surfacing
- `.claude/skills/pr-fix-comments/SKILL.md` - trusted bots list
- `.claude/skills/deflake-e2e-recent-commits/SKILL.md` - PR author scan
list

## Test plan
- [ ] Verify `dyad-assistant` PRs trigger CI on self-hosted runners
- [ ] Verify `dyad-assistant` PRs get automated code review
- [ ] Verify `dyad-assistant` can use the PR review responder workflow

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2963"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

ca4b2da9

chore: enable display_report and use deterministic git push (#2959) · 1b821854

由提交于 3月 09, 2026

## Summary
- Enable `display_report: true` on trusted `claude-code-action`
workflows so Claude's work summary appears in GitHub Actions step
summaries
- Leave `display_report` as default (false) for `closed-issue-comment`
which processes untrusted input
- Replace the "Push any unpushed changes" step in `pr-review-responder`
with a deterministic `git push` instead of spawning a full
`claude-code-action` invocation

## Test plan
- Verify workflow YAML syntax is valid
- Trigger a workflow run and confirm the step summary now appears
- Confirm the deterministic push step works when there are/aren't
unpushed commits

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2959"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

1b821854

ci: harden GitHub Actions workflow permissions (#2928) · aedc3dcc

由提交于 3月 09, 2026

## Summary
- Set top-level `permissions: {}` on 7 workflows to restrict default
token permissions, moving grants to job level with least-privilege
scoping
- Pinned CLA Assistant action to commit SHA (`ca4a40a7d...`) instead of
mutable tag for supply-chain safety
- Mitigated prompt injection in the issue triage workflow by passing
issue data via environment variables instead of direct template
interpolation, with an explicit security notice

## Test plan
- [ ] Verify CLA workflow still posts status comments on PRs
(permissions moved to job level)
- [ ] Verify issue triage workflow still labels and comments on new
issues (env var approach)
- [ ] Verify PR review, rebase, bugbot, and closed-issue-comment
workflows still trigger correctly with restricted top-level permissions
- [ ] Confirm no permission errors in workflow runs

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2928"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->
Co-authored-by: Will Chen <willchen90@gmail.com>
Co-authored-by: Claude <noreply@anthropic.com>

aedc3dcc

Web fetching tool (#2920) · dd1e4881

由提交于 3月 09, 2026

closes #2809 
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2920"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

dd1e4881

fix: refresh user budget when pro key is set via deep link (#2956) · 7db53e5a

由提交于 3月 09, 2026

## Summary
- When a user enters a pro key via deep link, the budget query was not
invalidated, leaving stale budget data until the 5-minute cache expired
- Added `queryClient.invalidateQueries` for the user budget query in the
deep link handler in `TitleBar.tsx`, matching the behavior already
present in the manual key entry path

## Test plan
- [ ] Enter a Dyad Pro key via deep link
(`dyad://dyad-pro-return?key=...`) and verify the budget display updates
immediately
- [ ] Enter a Dyad Pro key manually in settings and verify budget still
refreshes (regression check)

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2956"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

7db53e5a

Allow users to preview generated images (#2918) · e114f090

由提交于 3月 09, 2026

closes #2916 
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2918"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

e114f090

Adding a tip banner for chat notification (#2901) · df4b87eb

由提交于 3月 09, 2026

<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2901"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

df4b87eb

Create promote-beta-to-stable skill (#2955) · 33393f6f

由提交于 3月 09, 2026

## Summary
- Bump version to v0.39.0
- Add promote-beta-to-stable skill for automating future releases

## Test plan
- CI passes
- Version number is correct in package.json

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2955"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

33393f6f

Bump to v0.39.0 (#2954) · b512cb7d

由提交于 3月 09, 2026

<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2954"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

b512cb7d

07 3月, 2026 3 次提交

chore: remove merge-pr workflow (#2930) · 895487b0

由提交于 3月 06, 2026

## Summary
- Removes the `merge-pr.yml` GitHub Actions workflow that auto-merged
PRs from allowed authors when CI passed

## Test plan
- Verify no other workflows depend on `merge-pr.yml`
- Confirm CI still runs normally without this workflow

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2930"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->
Co-authored-by: Will Chen <willchen90@gmail.com>
Co-authored-by: Claude <noreply@anthropic.com>

895487b0

Use GitHub App tokens in Claude workflows (#2936) · 51fc07e9

由提交于 3月 06, 2026

## Summary
- switch the listed Claude automation workflows from PAT/default token
auth to GitHub App installation tokens
- use fork-scoped app tokens for PR responder and rebase push paths,
plus base-repo app tokens for labels/comments/API calls
- rename the Actions variable and secret references to
DYAD_GITHUB_APP_ID and DYAD_GITHUB_APP_PRIVATE_KEY

## Test plan
- npm run fmt
- npm run lint:fix
- npm run ts

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2936"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

51fc07e9

ci: disable package manager cache in release workflow (#2929) · a6a8cda9

由提交于 3月 06, 2026

## Summary
- disable `actions/setup-node` package manager caching in release
workflow jobs
- keep release builds on fresh `npm ci` installs to avoid cache-related
release breakage
- #skip-bugbot

## Test plan
- `npm run fmt`
- `npm run lint:fix`
- `npm run ts`
- `npm test`

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2929"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->
Co-authored-by: Will Chen <willchen90@gmail.com>

a6a8cda9

06 3月, 2026 12 次提交

Adding a cleanup routine for media files (#2842) · 620f8145

由提交于 3月 06, 2026

<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2842"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

620f8145

Add image selection and swapping in the visual editor (#2717) · 6738f941

由提交于 3月 06, 2026

closes #2634 
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2717"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Mohamed Aziz Mejri <mohamedazizmejri@Mohameds-Mac-mini.local>

6738f941

feat: allow multiple apps to run concurrently with garbage collection (#2825) · daa8bce5

由提交于 3月 05, 2026

## Summary
- Allow multiple Dyad apps to run simultaneously instead of stopping the
previous app when switching
- Add garbage collection that stops apps idle for 10+ minutes (unless
currently selected)
- Track `lastViewedAt` timestamp on running apps to determine
eligibility for GC
- Clean up all running apps when the Dyad application quits

## Test plan
1. Create two test apps in Dyad
2. Run the first app and verify it starts
3. Switch to the second app - verify the first app keeps running (check
processes)
4. Wait 10+ minutes without viewing the first app - verify it gets
garbage collected
5. Close Dyad completely - verify all running app processes are stopped

Closes #2819

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2825"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Will Chen <willchen90@gmail.com>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Co-authored-by: claude[bot] <41898282+claude[bot]@users.noreply.github.com>

daa8bce5

fix: handle branch deletion when branch doesn't exist locally (#2910) · 6b0d6ef8

由提交于 3月 05, 2026

## Summary
- Check if branch exists locally before attempting to delete it
- If branch only exists on remote, inform user to delete on GitHub
- If branch doesn't exist anywhere, treat as success (already deleted)

## Test plan
- Try deleting a branch that exists locally - should work as before
- Try deleting a branch that only exists on remote - should get helpful
error message
- Try deleting a branch that doesn't exist anywhere - should succeed
silently

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2910"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Will Chen <willchen90@gmail.com>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Co-authored-by: claude[bot] <41898282+claude[bot]@users.noreply.github.com>

6b0d6ef8

Fix preview iframe URL error & create debugging skill (#2887) · e3baf852

由提交于 3月 05, 2026

<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2887"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

e3baf852

feat: capture uncaught IPC handler errors as PostHog exceptions (#2886) · bfeaebfe

由提交于 3月 05, 2026

## Summary
- Added `sendTelemetryException()` utility that sends `$exception`
events to PostHog via the main→renderer telemetry bridge, including
error type, message, and stack trace
- Wired error capture into all three IPC handler factories
(`createTypedHandler`, `createLoggedTypedHandler`,
`createLoggedHandler`) so every `ipcMain.handle` error is automatically
reported with the IPC channel name as context
- Errors are still re-thrown after capture so existing behavior is
unchanged

## Test plan
- All 844 existing tests pass
- Verify in dev that IPC handler errors appear as `$exception` events in
PostHog with `ipc_channel` property
- Confirm telemetry opt-out still prevents exception events from being
sent (via existing `before_send` filter)

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2886"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

bfeaebfe

feat: add max tool call steps setting (#2900) · d6ab8290

由提交于 3月 05, 2026

## Summary
- Add a new setting to configure the maximum number of tool call steps
for local agent interactions
- Users can choose from Low (25), Default (50), High (100), Very High
(250) options
- The setting is integrated into the settings page with search index
support

## Test plan
- [ ] Verify the setting appears in Settings > Agent Settings
- [ ] Change the value and confirm it persists after app restart
- [ ] Verify the agent respects the configured limit during tool calls
- [ ] Run the new e2e tests to confirm UI interactions work correctly

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2900"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->
Co-authored-by: Will Chen <willchen90@gmail.com>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>

d6ab8290

ci: cancel claude rebase when PR closes (#2915) · 1c3dffaa

由提交于 3月 05, 2026

## Summary
- trigger the Claude rebase workflow on PR close events
- add a per-PR concurrency group so a close/merge event cancels any
in-progress rebase run
- restrict the rebase job itself to labeled events so closed PRs only
trigger cancellation

## Test plan
- npm run fmt
- npm run lint:fix
- npm run ts
- npm test

#skip-bugbot

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2915"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

1c3dffaa

fix: prevent duplicate release notes checks using ref (#2912) · 936cc73c

由提交于 3月 05, 2026

## Summary
- Add `hasCheckedReleaseNotes` ref to track whether release notes have
already been checked in the current session
- Prevent the useEffect from running multiple times due to
settings/appVersion dependency changes
- Refactor conditional logic to use early-return pattern for improved
readability

## Test plan
- Open the app and navigate to Home page
- Verify release notes dialog only shows once per session when there are
new release notes
- Confirm no duplicate API calls to `doesReleaseNoteExist`

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2912"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Will Chen <willchen90@gmail.com>
Co-authored-by: claude[bot] <41898282+claude[bot]@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

936cc73c

fix: sanitize tool-call inputs to prevent LiteLLM invalid dict error (#2890) · d8774673

由提交于 3月 05, 2026

should fix #2879.

## Summary
- Add defensive sanitization ensuring tool-call `input` fields are
always valid objects (at minimum `{}`) before messages reach the
Anthropic API
- Prevents LiteLLM from sending empty strings as `tool_use.input` when
converting OpenAI→Anthropic format, which causes `400
invalid_request_error: Input should be a valid dictionary`
- Adds sanitization in two locations: `cleanMessageForOpenAI` (stored
messages) and `maybeCaptureRetryReplayEvent` (stream replay events)

## Context
This is a known LiteLLM bug pattern (issues
[#5063](https://github.com/BerriAI/litellm/issues/5063),
[#15322](https://github.com/BerriAI/litellm/issues/15322),
[#19061](https://github.com/BerriAI/litellm/issues/19061)). When
`function.arguments` is empty or malformed, LiteLLM's `json.loads()`
fails and falls back to passing the raw string as `input`, which
Anthropic rejects.

## Test plan
- [x] Added 3 new unit tests for `cleanMessageForOpenAI` covering empty
string, null, and valid inputs
- [x] All 847 existing tests pass
- [x] Lint, format, and type checks pass

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2890"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Will Chen <willchen90@gmail.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

d8774673

feat: add voice input feature with transcription support (#2344) · 31c1a145

由提交于 3月 05, 2026

closes #1804
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2344">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

<!-- CURSOR_SUMMARY -->
---

> [!NOTE]
> Introduces voice input across chat inputs with transcription via Dyad
Engine and Pro gating.
> 
> - Replaces send row with `LexicalVoiceInputRow` in `ChatInput` and
`HomeChatInput`, adding mic control, waveform (`VoiceWaveform`), and
send/cancel integration
> - New `VoiceInputButton` handles Pro-only disabled state,
recording/transcribing states, and tooltips
> - New hooks `useAudioRecorder` and `useVoiceInput` to record via
`MediaRecorder`, visualize with `AnalyserNode`, and call
`ipc.misc.transcribeAudio`
> - IPC: adds `misc.transcribeAudio` contract, registers
`transcription_handlers` that validate input, support E2E mock, and call
`transcribeWithDyadEngine`
> - Dyad Engine util: adds `transcribeWithDyadEngine` with request-id
attempt tracking and multipart upload to `/audio/transcriptions`
> - E2E tests for voice flow and Pro gating; mocks `getUserMedia` and
asserts transcription append
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
7dc1944bf0149a9f88b63a3fdfe0df83e7aa4f9f. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

<!-- This is an auto-generated description by cubic. -->
---
## Summary by cubic
Adds voice input with waveform visualization and transcription for chat,
gated to Dyad Pro users. Improves reliability with fixes for recording
setup leaks, analyser state, and proper audio MIME typing so IPC-backed
Dyad Engine transcription consistently appends text; addresses #1804.

- **New Features**
- Integrated VoiceInputButton and VoiceWaveform via LexicalVoiceInputRow
in ChatInput and HomeChatInput; appends transcribed text to the input.
- Added useAudioRecorder/useVoiceInput hooks to record via
MediaRecorder, visualize with AnalyserNode, and invoke IPC channel
chat:transcribe.
- Pro gating with tooltip and disabled state for non-Pro users;
recording can always be stopped.
- IPC handler validates payloads and calls Dyad Engine via multipart
upload; includes E2E mock support.
- E2E tests mock getUserMedia and verify transcription append and
Pro-only disabled state.

- **Migration**
- Provide a Dyad Pro API key (settings or DYAD_PRO_API_KEY) and enable
Dyad Pro.
  - Ensure microphone permissions are granted.
- Optionally set DYAD_ENGINE_URL; defaults to https://engine.dyad.sh/v1.

<sup>Written for commit fa71433ae270a7276e5466c6c8df359eab1eb03d.
Summary will update on new commits.</sup>

<!-- End of auto-generated description by cubic. -->

---------
Co-authored-by: Will Chen <willchen90@gmail.com>

31c1a145

fix: deflake E2E tests (partial_response.spec.ts) (#2907) · 51779705

由提交于 3月 05, 2026

## Summary
- Updated stale aria snapshot for `partial_response.spec.ts` that was
consistently failing
- Button text content now renders actual text (e.g., `file1.txt
file1.txt`, `Edit`, `Undo`, `Retry`) instead of empty strings
- Removed `wrote 1 file(s)` text entries that no longer appear in the UI

## Context
Scanned 5 recent CI runs on main and 13 open PRs by
wwwillchen/wwwillchen-bot/dyadbot. Found flaky tests across 16+ spec
files. Most flakiness is CI-specific (timing/load dependent) and cannot
be reproduced locally with 10x repeats. The `partial_response.spec.ts`
snapshot was the only consistently broken test.

## Test plan
- [x] `partial_response.spec.ts` passes 10/10 times locally with updated
snapshot
- [x] Full E2E suite passes (236/243, with only transient flaky failures
unrelated to this change)

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2907"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->
Co-authored-by: claude[bot] <41898282+claude[bot]@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

51779705

05 3月, 2026 11 次提交

chore: add dyadbot to allowlists (#2899) · fd95897f

由提交于 3月 04, 2026

## Summary
- Added dyadbot wherever wwwillchen-bot was allowlisted in CI workflows
and automation policy docs.
- Updated trusted author/bot references in PR workflow selectors and
skill docs to include dyadbot.

## Test plan
- Ran 
> dyad@0.39.0-beta.1 fmt
> npx oxfmt
- Ran 
> dyad@0.39.0-beta.1 lint:fix
> npx oxlint --fix --fix-suggestions --fix-dangerously

Found 0 warnings and 0 errors.
Finished in 18ms on 817 files with 88 rules using 10 threads.
- Ran 
> dyad@0.39.0-beta.1 ts
> npm run ts:main && npm run ts:workers


> dyad@0.39.0-beta.1 ts:main
> npx tsgo -p tsconfig.app.json --noEmit --incremental


> dyad@0.39.0-beta.1 ts:workers
> npx tsc -p workers/tsc/tsconfig.json --noEmit --incremental
- Verified remaining allowlist references for consistency

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2899"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

fd95897f

Allow selecting an app in home chat input (#2832) · c4cdf7b3

由提交于 3月 05, 2026

<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2832"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>

c4cdf7b3

ci: ensure Homebrew paths available for gh on self-hosted macOS runners (#2896) · ab1542e0

由提交于 3月 04, 2026

Made-with: Cursor
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2896"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

ab1542e0

Refactor Prompt Library to Support Slug-Based Skills and Slash Commands (#2712) · 78eaeaf5

由提交于 3月 04, 2026

<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2712"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Will Chen <willchen90@gmail.com>

78eaeaf5

chore: add princeaden1 to PR review responder allowed users (#2894) · 6aaf9e01

由提交于 3月 04, 2026

## Summary
Adds `princeaden1` to the allowed users list for the PR review responder
workflow (alongside wwwillchen and wwwillchen-bot).

## Test plan
- CI workflow runs on this PR
- No functional changes to application code; workflow change only

Made with [Cursor](https://cursor.com)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2894"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

6aaf9e01

fix: block unsafe root-like delete_file paths (#2859) · 7b3f0852

由提交于 3月 04, 2026

## Summary
- Reject blank and whitespace-only `delete_file` paths at schema level.
- Add runtime guard to refuse project-root-equivalent delete targets
(like `.`, `./`, `.\\`, or normalized `foo/..`).
- Add unit tests covering root-path rejection and normal file/directory
delete behavior.

## Test plan
- [x] `npm test --
src/pro/main/ipc/handlers/local_agent/tools/delete_file.spec.ts`
- [x] `npm run fmt && npm run lint:fix && npm run ts`


Made with [Cursor](https://cursor.com)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2859"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

7b3f0852

Switch PR review workflow runner to macOS ARM self-hosted (#2893) · 1606ae9c

由提交于 3月 04, 2026

## Summary
- Update PR review responder workflow to run on a macOS ARM self-hosted
runner for compatibility with macOS-specific tooling.
- Keep permissions and trigger logic unchanged while replacing runner
label.

## Test plan
- Ran required checks locally: 
> dyad@0.39.0-beta.1 fmt
> npx oxfmt


> dyad@0.39.0-beta.1 lint:fix
> npx oxlint --fix --fix-suggestions --fix-dangerously

Found 0 warnings and 0 errors.
Finished in 32ms on 813 files with 88 rules using 10 threads.

> dyad@0.39.0-beta.1 ts
> npm run ts:main && npm run ts:workers


> dyad@0.39.0-beta.1 ts:main
> npx tsgo -p tsconfig.app.json --noEmit --incremental


> dyad@0.39.0-beta.1 ts:workers
> npx tsc -p workers/tsc/tsconfig.json --noEmit --incremental.

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2893"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

1606ae9c

Propagate request id properly for OpenAI Response API model (e.g. GPT 5.2) (#2876) · 9085b531

由提交于 3月 04, 2026

## Summary
- Improve compaction prompt/provider option handling in IPC handlers
- Tighten local agent tool option passing and argument defaults
- Align LLM engine provider option generation across related paths

## Test plan
- npm run fmt
- npm run lint:fix
- npm run ts

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2876"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

9085b531

fix(triage): make issue title updates much more conservative (#2888) · 28bc0c04

由提交于 3月 04, 2026

## Summary
- Update the Claude triage workflow to be more conservative about
changing user-provided issue titles
- Only update titles that are essentially blank or contain no meaningful
information (placeholders, single unhelpful words like "help" or "bug",
just punctuation)
- Key rule: if you can understand what the user is roughly talking about
from the title, leave it alone

## Test plan
- Review the updated workflow conditions to verify they are
appropriately conservative
- Monitor triage behavior on new issues to confirm fewer unnecessary
title edits

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2888"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->
Co-authored-by: Will Chen <willchen90@gmail.com>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>

28bc0c04

fix: improve terminated stream retry telemetry and bump retries to 3 (#2877) · 7d4fc376

由提交于 3月 04, 2026

## Summary
- Include `dyadRequestId` in `terminated_stream_retry` telemetry events
for better traceability
- Add new `terminated_stream_retries_exhausted` telemetry event when all
retries are used up (both stream_iteration and response_finalization
phases)
- Bump `MAX_TERMINATED_STREAM_RETRIES` from 2 to 3

## Test plan
- Existing `local_agent_handler` unit tests pass (stream retry tests
verified)
- Verify telemetry events include `dyadRequestId` in retry scenarios
- Verify exhausted event fires when retries exceed the new limit of 3

#skip-bugbot

Made with [Cursor](https://cursor.com)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2877"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

7d4fc376

Allow wwwillchen-bot in claude PR review workflow (#2882) · 97b705ef

由提交于 3月 04, 2026

## Summary
- Add `wwwillchen-bot` to `allowed_non_write_users` in
`.github/workflows/claude-pr-review.yml`
- Keep existing `princeaden1` allowlist entry and broaden workflow
access for trusted bot-driven contributions

## Test plan
- npm run fmt
- npm run lint:fix
- npm run ts

#skip-bugbot

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2882"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

97b705ef

03 3月, 2026 1 次提交

fix: increase tool call limit to 50 and show clear pause message (#2828) · 005b72bd

由提交于 3月 02, 2026

## Summary
- Increase MAX_TOOL_CALL_STEPS from 25 to 50 to allow longer multi-step
tasks
- Add step limit detection to track total steps across all passes
- Show a clear `<dyad-step-limit>` message when the limit is reached,
instructing users to send "continue" to resume
- Create DyadStepLimit component for displaying the pause notification

Fixes #2754

## Test plan
- Run the local agent and perform a task that requires many tool calls
- Verify the agent pauses at 50 tool calls instead of 25
- Verify a clear message is shown explaining why it paused and how to
continue
- Type "continue" to verify the agent resumes working

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2828"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Will Chen <willchen90@gmail.com>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>

005b72bd