Releases: GrayCodeAI/hawk
Releases · GrayCodeAI/hawk
Release list
v0.2.0
[0.2.0] — 2026-07-13
Changed
- Hawk/Eyrie production boundary completed: Hawk owns the product face,
sessions, tools, permissions, and public schemas while Eyrie v0.2.1 owns
credentials, catalog resolution, provider transport, resilience, and usage
telemetry behind the stableeyrie/enginefacade. - Provider routing and usage attribution hardened: resolved route changes,
continuation segments, and terminal usage are propagated without duplicate
accounting, and production Eyrie calls use exactly one resilience layer. - Daemon conversations are durable: JSON and SSE chat requests create or
resume persisted sessions, expose stable session IDs, preserve metadata, and
distinguish invalid, missing, and corrupt state. - Release and supply-chain gates strengthened: exact ecosystem Gitlinks,
module/tag parity, Trivy enforcement, public-module builds, SBOM generation,
and cross-platform artifacts are part of the release path. - Fixed
/mode automisclassifying plain English as shell commands:shellmode.ClassifyInputtrustedexec.LookPath(firstWord)alone, so any sentence starting with a word that's also a real Unix binary (make sure this works,find the bug in this file,kill the old branch,sort out the imports...) was silently executed as a shell command instead of being sent to the model — confirmed 18 of 20 sampled sentences misclassified before the fix. Now a curated allowlist of unambiguous dev-tool names (git,npm,docker,ls,cat, ...) is trusted immediately, while every other PATH match requires real shell-syntax evidence (a flag, a path, a file extension, or an operator like|/>/&&) before being trusted as a shell command — matching the same ambiguity Warp's own terminal autodetect documents and resolves with a user-configurable denylist. - Permission system unified into two independent axes: the old
PermissionMode(default/acceptEdits/bypassPermissions/dontAsk/plan) is removed./autonomynow controls the 5-tier trust ladder (Always Ask/Scout/Builder/Operator/Autonomous, bare/autonomyopens a picker), and/speccontrols an independent, orthogonal spec-driven workflow gate (Specify → Plan → Tasks → ApproveImplementation, bare/specopens a picker) that blocks Write/Edit/Bash regardless of trust tier — including at Autonomous. Fixes a real bug where the old Plan Mode's write-block could be silently bypassed at high autonomy tiers, since tier and mode were checked independently with no ordering guarantee. - Fixed
PermissionService.SetAutonomy/Autonomy(): previously wrote to/read from a shadow field the permission engine'sCheckToolnever consulted, meaning autonomy tier changes may not have reliably taken effect. Now both read/write the samePermissionEngine.Autonomyfield the check logic uses. --permission-modeCLI flag removed;--dangerously-skip-permissionsunchanged (now maps to the Autonomous tier). New--dry-runflag added as an unconditional kill switch (deny every tool call, regardless of tier or spec stage) — replacesdontAsk's hard-lockout role.- Version re-baselined to
0.1.0acrosscmd/hawk/main.go,cmd/daemon.go,
flake.nix,.github/workflows/release.yml, and theupdate/daemon test suites, aligning hawk
with the rest of the GrayCodeAI ecosystem (eyrie,tok,yaad,sight,inspect). - Architecture boundary hardening: Hawk now owns runtime request/response DTOs, transport config/provider seams, and review/verification product-boundary contracts, with
eyrie/clientusage restricted to internal adapters and guarded in CI. shared/typesremoved: Hawk no longer ships the old shared type path, and local boundary checks now block any attempt to reintroduce it.
Added
- Spec-driven workflow (
/spec): independent, orthogonal permission gate that walks the model throughSpecify → Plan → Tasks, writing realspec.md/plan.md/tasks.mdfiles to.hawk/specs/<slug>/, and requires explicitApproveImplementationapproval (always prompts, at any trust tier) before Write/Edit/Bash unlock. The approval prompt shows the actual written content, not a blind yes/no. /autonomyand/specpicker overlays: bare/autonomyor/specopens an arrow-key-navigable, filterable picker (Esc/Enter) instead of requiring subcommand syntax; typed subcommands (/autonomy tier scout,/spec status, etc.) still work.- Watch mode (
--watch): file-watcher loop that acts onAI!(do-now) andAI?(answer) code comments. Off by default. - GitHub Action (
.github/actions/hawk): interactive mode on@hawkmentions, automation mode on labeled issues/PRs, and skill dispatch for/-prefixed prompts. - Messaging gateways: opt-in Telegram, Discord, and Slack gateways on the daemon for chatting with hawk from messaging apps.
- AST repo-map (
internal/context/repomap): structural repository map for richer model context. - Auto codebase analysis on first run (
internal/autoinit): opt-in seeding of project context. - Auto-lint / auto-fix cycle: runs the matching linter after edits and iterates on fixes with bounded retries (opt-in).
- Image / multimodal context (
internal/engine/vision.go): feed screenshots/images to vision-capable models. - Plan & Explore sub-agent modes: read-only
plan(task decomposition) andexplore(codebase investigation) modes; explore supportsquick/medium/very-thoroughthoroughness budgets. - Persona
colorandhooks: per-agent display color and lifecycle hook (pre_run/post_run) fields. - YAML agents & eval tasks: define personas and eval tasks in YAML alongside markdown personas.
- IT-managed policy tier (
internal/context/rules.go): non-excludable org-policy rule tier with highest precedence; strips HTML comments from rule files. - SQL exploration tool (
internal/tool/sql.go): read-only database exploration tool. - Conventional-commit generation:
SmartCommitand the diff summarizer produce Conventional Commit messages from staged changes. - Durable workflows + named checkpoints (
internal/multiagent): LangGraph-style resumable workflows with named, persisted step boundaries. - Human-in-the-loop approval gates (
internal/engine/approval_gate.go): durable approve/reject gates within workflows. - Structured output (
internal/engine/structured_output.go): JSON-Schema-constrained responses, validated and retried once on mismatch. - MCP WebSocket transport (
internal/mcp/ws.go): opt-in WebSocket transport in addition to stdio/HTTP. GET /v1/ready: dependency-aware readiness endpoint on the daemon.- REPL magic commands (%reset, %undo, %tokens, %history, %copy, %save, %compact, %model, %clear)
- Prompt cache keep-alive pings
- Unified finding/severity contracts now live in
hawk-core-contracts/types
Added — Round 2 ecosystem improvements (2026-06-01)
- Cavecrew personas (
internal/multiagent/agents): three new
built-in personas built into GrayCode Hawk
(cavecrew-investigator,cavecrew-builder,cavecrew-reviewer).
Each enforces a strict output format so downstream agents can parse
outputs mechanically:cavecrew-investigator:path:line — symbol — note, max 6 words per notecavecrew-builder: hard-refuses tasks touching 3+ filescavecrew-reviewer: severity emoji (🔴/🟡/🔵/❓) at the start of every line
Exposed viaCavecrewPersonas()helper andEnsureCavecrew()
registry method;BuiltinPersonas()returns 21 (was 18).
internal/safewritepackage: hardened atomic file-write utility
native GrayCode hardened atomic writes. Refuses symlinks at destination
and parent, refuses paths that escape via.., opens with
O_NOFOLLOWviagolang.org/x/sys/unix, writes to a temp file
with mode 0600, syncs to disk, then atomically renames.ErrSymlinkTarget
andErrPathEscapesentinel errors.internal/jsoncpackage: JSON-with-Comments parser and
ValidateClaudeSettingsvalidator, native GrayCode settings
parser andvalidateHookFields. Accepts//and/* */comments
plus trailing commas in objects and arrays. Validates Claude Code
settings.jsonfields (model, permissions, hooks, mcpServers,
env) with type checks and value validation.internal/permissions/verdict.go: unifiedPermissionVerdict
type with Risk levels (RiskLow,RiskMedium,RiskHigh,
RiskBlocked). Helpers:Allow,Deny,RequireApproval. Additive
change — existingGuardianDecisionis unchanged.internal/providerspackage: PROVIDERS matrix (34 entries)
native GrayCode PROVIDERS matrix. Each
entry describes an AI coding agent (Claude Code, Cursor, Codex,
Aider, etc.) with install mechanism and detection probes. Probe
kinds:command(PATH),dir(filesystem),vscode-ext,
cursor-ext,macapp,jetbrains-plugin. API:Get(id),
All(),Hard(),Detect().Soft: truemeans detection is
best-effort; soft providers are excluded from auto-detect.internal/session.GainTracker: per-session gain event recording
in a newgainsSQLite table inside the session store. Each event
captures original/compressed byte + token counts, mode/tier/model,
and a command label. API:Record,AggregateForSession,
ListForSession,PruneForSession. Scoped to a single session so
callers can selectively compact their own history. Companion to
tok'sinternal/tracking.Tracker(tok tracks globally, hawk tracks
per-session).
Added — Production Hardening (top-50 OSS parity)
- Stricter linting:
.golangci.ymlv2 config enablingerrcheck,staticcheck,
gocritic(diagnostic + performance),unused,ineffassign,misspell,noctx,
bodyclose,unconvert,whitespace, withgovet enable-all(minusfieldalignment). - CI parity: race-detector tests with coverage upload, golangci-lint v2 action,
`g...
v0.1.0
Changelog
- 9ed5605 Add cmdhistory: structured command history with FTS5 search
- 030b315 Add convodag: conversation-as-DAG with SQLite persistence
- 0b48ecd Add cost optimization: wasted spend detection + model downgrade suggestions
- eeb7648 Add diffsandbox: virtual file overlay for proposed edits
- 420dbd4 Add fingerprint: fast repo summary for LLM context injection
- f4f224c Add incremental repomap + structured planner
- 806073c Add localize: hierarchical fault localization (file → symbol → edit)
- 25a408c Add parallel: git worktree-based parallel task execution
- 23803cb Add rules: import/export between AI tool formats
- 9fcbe40 Add session trace trees: parent-child span hierarchy with tree rendering
- 95af523 Add trace to ecosystem references
- 75da55a Add world-class solo developer ecosystem features
- e73d2fe Fix 3 lint issues: ineffassign + staticcheck
- 02ce156 Fix CI: add workspace + dep checkout to all jobs (test, lint, build)
- 23623f5 Fix CI: goinstall mode for golangci-lint, fix plan.go vet warning
- 8af3d0e Fix CI: golangci-lint v2 config + git branch test fix
- f30c7e1 Fix CI: update dependency versions, fix golangci-lint compatibility
- ea05e26 Fix CI: use workspace with cloned deps, upgrade to golangci-lint-action v7
- 7545b0a Fix core gaps: per-tool timeout, permission/session persistence, usage streaming
- aaf6433 Fix golangci-lint v2 config format
- 38853ad Fix lint: add default:none to disable errcheck
- 344d615 Fix lint: disable errcheck (too noisy for existing codebase)
- b4b02a3 Fix lint: keep only govet+ineffassign (unused has too many pre-existing hits)
- 2114c02 Fix lint: keep only govet+ineffassign+unused (no pre-existing noise)
- 71384b6 Fix lint: remove gosimple (merged into staticcheck in v2)
- 9d6e6bf Fix module path: use github.com/GrayCodeAI/eyrie everywhere (matches repo URL)
- 8ef32b0 Integrate trace: add hawk capture command for Git-native session recording
- 924464b Merge branch 'dev'
- e1f4002 Merge pull request #1 from GrayCodeAI/dev
- 17a35e9 Use hawk trace as primary command name
- 3435027 ci: add GitHub Actions workflows for test, build, lint, and release
- ddd7e4e ci: fix GOWORK path for GoReleaser
- 825366e ci: fix release workflow to clone sister repos for go.work
- d41b0b8 ci: remove go mod tidy from goreleaser hooks (uses go.work)
- 11bbf56 ci: trigger on dev branch
- 7f410d6 ci: trigger on dev branch
- 5573e52 ci: use go build instead of test in goreleaser hook (tests run separately)
- 14cb8fa feat(tui): improve spinner, error handling, and UI polish
- ea2795f feat: 100% parity — config, plan mode, smart compaction, expanded prompt, 17 tools
- 532b273 feat: BOM decoding, include/exclude patterns, nested gitignore, better MCP descriptions
- eb63680 feat: Phase 1 — core agent loop with eyrie streaming
- 1e36e25 feat: Phase 2 — tool system + agentic loop
- 358be64 feat: Phase 3 — REPL polish, sessions, slash commands, context
- 9fae8a1 feat: Phase 4-6 — resume, cancel, slash commands, README
- b4ce723 feat: UX improvements inspired by Droid/Kiro CLI
- 010a65c feat: activate convodag for conversation branching
- feb5a44 feat: add /branches command and register in slash command list
- 2d9814a feat: add /metrics slash command to TUI
- d387abd feat: add 12 frontier features from top OSS coding agents
- c677643 feat: add 4 competitive OSS features — universal provider, sandbox, repo map, git auto-commit
- 31cf908 feat: add 8 Plandex-inspired workflow features
- 0ce1f76 feat: add 9 Karpathy-inspired features — vibe mode, research loop, power dial
- bf33cc5 feat: add Docker container mode (herm-style hermetic execution)
- a8d107e feat: add Docker support with multi-stage build
- 66a2a14 feat: add Nix flake for reproducible builds
- 30928a3 feat: add cascade routing and full ecosystem integration tests
- 957642f feat: add circuit breaker package for API resilience
- 13a7780 feat: add config validation, benchmarks, and fuzz tests
- d55a3b6 feat: add graceful shutdown package
- f354f7a feat: add herm-inspired modular prompts, workspace context, sub-agent budgets
- 29b79eb feat: add logger, health, and metrics packages
- 2f719f5 feat: add profiling and tracing packages
- 3ac813e feat: add rate limiter with token bucket algorithm
- bd7e1ae feat: add retry package with exponential backoff for API resilience
- f3f8e75 feat: add shell completion and golangci-lint config
- aa1f427 feat: add viewport scrolling, alt screen, and proper layout
- aa79089 feat: adopt cocoindex approach — incremental indexing via tok chunking + yaad storage
- f918ddd feat: auto-build hawk image on first run (no fallback to bare ubuntu)
- 6582b27 feat: block input completely when Docker not running (like herm)
- e5a09e0 feat: complete all 225 TODO items — full solo-dev feature set
- 960226e feat: complete archive parity - hooks, plugins, permissions, models, memory, analytics, auth, update, lsp, voice, magicdocs, sandbox, remote, ide
- 17c3d40 feat: complete archive parity migration — advanced compaction, OAuth, OTel, vim, routing, bridge, and more
- 2a672dd feat: container-only mode with Go pre-installed (no fallback)
- b1332e5 feat: enforce hawk identity across all LLM providers
- 4299d53 feat: expand repomap to 20 languages, extract PermissionEngine
- f1da4bd feat: full herm-style container mode with TUI status bar
- 55ab3d6 feat: full parity — 12 tools, permission memory, agent spawning, slash commands
- 4c8e226 feat: harden session safety — atomic writes, WAL crash recovery, corruption tolerance
- 67c1ed9 feat: hawk Go CLI scaffold — cobra + bubbletea + eyrie
- b589c7a feat: implement 10 research-grade innovations from 2025-2026 papers
- 217cc65 feat: implement 100+ TODO items — error handling, markdown, safety, config, sessions
- bfb33b0 feat: implement 14 features from herm/langdag comparison
- 9aee44b feat: implement Droid-parity features — Ctrl+N/L shortcuts, /new, /btw, /retry, /add, /run, /test, /lint
- b71e01e feat: implement remaining TODO items — performance, DX, TUI, config, testing
- 563e857 feat: integrate health checks into doctor command
- e16427b feat: integrate logger and metrics into engine
- c665b0e feat: integrate tok (token counting) and yaad (memory graph) into hawk
- 65b4cae feat: major parity push — add 15 new tools, swarm coordination, 30+ slash commands, remote bridge
- deb36c1 feat: make container mode default (auto-detect Docker like herm)
- 380f563 feat: match herm container setup (version-tagged image, same-path mount, attachments/cache)
- 818b605 feat: parallel indexing, BM25 re-ranking, CodeSearch tool
- c4ad670 feat: port final 13 solo-dev features from hawk-archive
- acf5696 feat: production-grade — MCP, goreleaser, ask_user, tests, README
- 363e0a7 feat: render markdown bold as ANSI bold, fix identity regex
- f654757 feat: v0.4.0 — exec, daemon, mission, agents, snapshots, Waza workfl...