## CHANGES
- Bump `anthropic-sdk-go` dependency from v1.19.0 to v1.20.0
- Add deprecation notice for pre-February 2026 legacy models
- Add new Claude Sonnet 4.0 and Opus 4.0 model aliases
- Extend 1M context beta support to all Sonnet 4 variants
- Reorganize model list to separate deprecated from current models
- Add `neturl` to VS Code spell-check dictionary
- Remove OAuth support from Anthropic client
- Delete `oauth.go` and related test files
- Simplify `IsConfigured` to check only API key
- Update configuration handling to remove OAuth references
- Clean up imports and unused variables in `anthropic.go`
- Adjust `GetConfig` and `UpdateConfig` methods in server configuration
- Remove OAuth-related environment variables from configuration
## CHANGES
- Rename `suggest_clawdbot_command` pattern to `suggest_moltbot_command`
- Replace all `clawdbot` CLI references with `moltbot` in pattern docs
- Update command examples to use new `moltbot` binary name
- Add new dictionary words for VSCode spellcheck (Moltbot, schtasks, etc.)
- Fix markdown formatting with proper table alignment
Address Copilot review: clarify that multiple commands should be
combined on a single line with && to preserve head -1 behavior,
with follow-up steps described in the explanation section.
Add a new pattern for suggesting Clawdbot CLI commands based on
natural language intent. Clawdbot is an open-source AI agent framework
(github.com/clawdbot/clawdbot) that connects LLMs to messaging
platforms, devices, and developer tools.
This follows the same structure as suggest_gt_command: command
reference tables, intent mapping, and a pipe-friendly output format
where the first line is the executable command.
All commands verified against clawdbot help and subcommand --help
output (v2026.1.23).
Fix Dependabot alert #94 (LOW):
- @eslint/plugin-kit vulnerability: Regular Expression Denial of Service
through ConfigCommentParser
- Updated from 0.2.8 (vulnerable) to 0.5.1 via pnpm/npm overrides
Build verified successful. All tests pass.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Fix Dependabot alert #76 (MEDIUM):
- esbuild vulnerability: allows any website to send requests to
development server and read responses
- Updated from 0.21.5 (vulnerable) to 0.27.2 via pnpm/npm overrides
Build verified successful. All tests pass.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Changes:
- Added npm "overrides" section to package.json alongside existing pnpm overrides
- Generated and tracked package-lock.json with security fixes applied
- Removed web/package-lock.json from .gitignore to support npm users
- Both npm and pnpm now enforce secure dependency versions
This enables developers to use either pnpm or npm while maintaining
consistent security posture across both package managers.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Move pattern files from patterns/ to data/patterns/
- Add create_bd_issue pattern for issue tracking commands
- Add extract_all_quotes pattern for quote extraction
- Add extract_bd_ideas pattern for actionable idea extraction
- Add suggest_gt_command pattern for GT command suggestions
- Update pattern_explanations.md with new pattern entries
- Update suggest_pattern system.md with new categories
- Add new pattern descriptions and extracts in scripts/
- chore: incoming 1968 changelog entry
## CHANGES
- add MiniMax provider configuration with API endpoint updates
- implement NeedsRawMode method for MiniMax model handling
- define static MiniMax model list with M2 variants
- add Infermatic and Novita to VS Code extensions
- update test to use proper context.TODO() parameter
- configure MiniMax models as static discovery
- set ModelsURL to static:minimax for model listing
- Add `analyze_discord_structure` pattern for Discord server analysis
- Add `create_design_system` pattern for CSS design system generation
- Add `create_golden_rules` pattern for extracting codebase rules
- Update pattern numbering in explanations document (11-235)
- Add new patterns to suggest_pattern category mappings
- Update pattern_descriptions.json with new pattern metadata
- Update pattern_extracts.json with new pattern content
Documents the deployment URL bug and stream_options fix with:
- Clear explanation of the root cause (SDK route matching bug)
- Technical details for developers
- Configuration guidance
- Verification steps
Related to #1954 and PR #1965
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The OpenAI Go SDK's azure.WithEndpoint() middleware has a bug where it
expects request paths like /openai/chat/completions but the SDK actually
sends paths like /chat/completions (without the /openai/ prefix since
that's included in the base URL). This causes the SDK's route matching
to fail, resulting in deployment names not being injected into the URL.
Azure OpenAI requires URLs like:
/openai/deployments/{deployment-name}/chat/completions
But the SDK was generating:
/openai/chat/completions
This fix:
1. Adds custom middleware that correctly transforms API paths to include
the deployment name extracted from the request body's model field
2. Moves StreamOptions to only be set for streaming requests (Azure
rejects stream_options for non-streaming requests)
Fixes#1954
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Three new patterns for common development workflows:
- create_design_system: Generate CSS design systems with tokens,
typography scales, and dark/light mode support from requirements
- create_golden_rules: Extract implicit and explicit rules from
codebases into testable, enforceable guidelines
- analyze_discord_structure: Audit Discord server organization,
permissions, and naming conventions
