v0.0.19

Release notes draft — v0.0.19

Date: 2026-04-19

Highlights

Bash timeout/cancel is now a real hard stop

This release fixes a nasty bash-tool failure mode where BB could still appear hung after timeout or cancel.

Previously, BB would kill the timed-out or cancelled bash process, but could still block forever while draining stdout/stderr if a detached/background child inherited the pipe and kept it open.

v0.0.19 replaces that unbounded post-kill drain with a bounded drain on timeout/cancel, while preserving full draining for normal exits.

The result is that bash timeout/cancel now behaves much more like users expect: once BB decides the command is over, it actually stops.

Esc now prioritizes cancelling active work

This release also fixes the TUI Esc-precedence bug.

When a turn/tool/local action was cancellable, Esc could still get consumed by local UI behavior first:

• clear input
• jump back to the bottom of the transcript
• leave transcript mode

Now, when there is cancellable work in flight, Esc requests cancellation first.

That makes long-running local actions feel much more predictable in the TUI.

Click-to-expand hints and toggling are restored/polished

The TUI once again explicitly tells users that clicking works for tool expansion:

• Click or Ctrl+Shift+O to expand
• Click or Ctrl+Shift+O to collapse

The mouse toggle path is also more robust when the clicked row belongs to wrapped or nested transcript content, and old persisted click-help hint text is still handled cleanly.

Notable user-facing changes

Changed

• tool expand/collapse hints now explicitly mention mouse clicking again
• mouse toggling for transcript tool blocks is more robust across wrapped/nested rows

Fixed

• bash timeout/cancel no longer hangs after kill while waiting for inherited stdout/stderr pipes to reach EOF
• Esc now requests cancellation before input clear, scroll reset, or transcript-mode exit can consume the key
• persisted old click-help hint text remains visually compatible with the current TUI rendering path

Improved

• regression coverage now includes detached-child bash timeout hangs and focused TUI Esc-priority interaction cases

Upgrade notes

• No manual migration is required.
• Existing sessions/transcripts continue to load normally.
• If you were relying on Esc to clear input while a local action was active, cancellation now takes precedence during active cancellable work.

Suggested GitHub release summary

BB-Agent v0.0.19 improves TUI interaction reliability and bash safety: click-to-expand hints are restored, mouse toggling is more robust, bash timeout/cancel is now a true hard stop instead of hanging while draining inherited pipes, and Esc now prioritizes cancelling active work before local TUI resets consume the key.

Final clean build/test matrix

Performed from a clean origin/master-based worktree for release/0.0.19 prep.

Area	Command	Result
Build	cargo +stable build -q -p bb-cli --bin bb	Passed
Click hint text	cargo +stable test -q -p bb-tui tool_expand_hint_mentions_click_and_shortcut -- --nocapture	Passed
Mouse header toggle	cargo +stable test -q -p bb-tui mouse_click_on_header_toggles_block -- --nocapture	Passed
Mouse wrapped-hint toggle	cargo +stable test -q -p bb-tui mouse_click_on_wrapped_expand_hint_row_toggles_tool_block -- --nocapture	Passed
Bash timeout detail	cargo +stable test -q -p bb-tools bash_timeout_sets_timed_out_detail -- --nocapture	Passed
Bash detached-child timeout regression	cargo +stable test -q -p bb-tools bash_timeout_does_not_wait_for_detached_child_pipe_eof -- --nocapture	Passed
TUI Esc cancel before clear	cargo +stable test -q -p bb-tui escape_requests_cancel_before_clearing_input -- --nocapture	Passed
TUI Esc cancel before scroll reset	cargo +stable test -q -p bb-tui escape_requests_cancel_before_resetting_scroll -- --nocapture	Passed
TUI Esc cancel before transcript exit	cargo +stable test -q -p bb-tui escape_requests_cancel_before_leaving_transcript_mode -- --nocapture	Passed
Release binary version smoke test	/home/shuyhere/BB-Agent/target/debug/bb --version	Passed (bb 0.0.19)
Release binary help smoke test	/home/shuyhere/BB-Agent/target/debug/bb --help	Passed
npm package dry run	npm pack --dry-run	Passed

Notes

• Validation in this environment may still require retries with CARGO_BUILD_JOBS=1, CARGO_INCREMENTAL=0, and RUSTFLAGS='-Cdebuginfo=0' because of the known host-side Rust/compiler instability.
• If broader test/build validation flakes again on unrelated rustc/linker crashes, the focused regression coverage above remains the most reliable signal for this release content.

v0.0.18

Release notes draft — v0.0.18

Date: 2026-04-18

Highlights

KV-cache reporting now matches auth reality more closely

This release tightens the cache-monitoring story that landed in v0.0.17:

• API-key sessions now report cache-hit provenance as official
• OAuth sessions now report cache-hit provenance as estimate
• OpenAI and Anthropic baseline requests restore provider-side cache-affinity shaping to make cache behavior more meaningful during repeated prompts
• estimated cache-hit normalization is tightened so changed prompts no longer falsely peg at 100.0%

The result is a cache monitor that is much more useful for real-world validation across auth modes.

Cache monitor placement and wording are clearer

The TUI cache monitor now renders on the footer/path line and labels its provenance directly:

• cache hit (official)
• cache hit (estimate)
• cache hit (mixed)
• cache hit (unknown)

This makes it much easier to tell whether you are looking at provider-reported cache data or BB's estimated reuse path.

Model/auth switching now resets stale latest-hit state

When you switch models — or switch auth sources for the same model — the cache monitor now starts cold instead of showing the previous cache domain's latest-hit/source values.

This avoids misleading transitions like:

• previous model's latest hit rate carrying over after /model
• previous auth source's cache provenance remaining visible after an in-session auth switch

Small TUI usability polish: /exit

The shared TUI slash-command registry now includes /exit as an alias for /quit, so help text, menus, and slash matching all expose the more familiar exit command consistently.

Notable user-facing changes

Added

• /exit as a shared TUI slash-command alias for /quit

Changed

• cache metrics now follow auth mode explicitly (official for API key, estimate for OAuth)
• the cache monitor now renders on the footer/path line with clearer provenance wording
• OpenAI and Anthropic cache-affinity shaping is restored for better cache baseline behavior

Fixed

• estimated latest-hit reporting no longer overstates changed prompts as full cache hits
• /model switches now reset stale latest-hit cache monitor state
• in-session auth-source switches now also reset stale latest-hit/source cache monitor state

Upgrade notes

• No manual migration is required.
• Existing cache/session data continues to load, but the TUI monitor may now report different provenance labels and more conservative latest-hit values for OAuth flows.
• If you are manually validating cache behavior, compare API-key sessions against OAuth sessions with the expectation that API-key paths are the ground-truth baseline.

Suggested GitHub release summary

BB-Agent v0.0.18 tightens the KV-cache validation loop: cache provenance now follows auth mode explicitly, estimated hit rates are better normalized, stale latest-hit state is reset on model/auth switches, the TUI cache monitor is clearer about what it is showing, and /exit is now available as a shared TUI slash-command alias.

Final clean build/test matrix

Performed from a clean origin/master-based worktree for release/0.0.18 prep.

Area	Command	Result
Build	cargo +stable build -q -p bb-cli --bin bb	Passed
Slash-command alias tests	cargo +stable test -q -p bb-tui slash_commands -- --nocapture	Passed
Provider cache source (OAuth)	cargo +stable test -q -p bb-provider oauth_usage_is_marked_as_estimated -- --nocapture	Passed
Responses body conversion	cargo +stable test -q -p bb-provider responses_body_converts_chat_style_tools_and_system_messages -- --nocapture	Passed
Anthropic usage provenance	cargo +stable test -q -p bb-provider usage_events_preserve_requested_cache_metric_source -- --nocapture	Passed
Estimated normalization	cargo +stable test -q -p bb-monitor normalized_estimate_does_not_peg_changed_prompts_to_hundred_percent -- --nocapture	Passed
Tracker reset	cargo +stable test -q -p bb-monitor reset_history_clears_previous_prompt_and_bumps_epoch -- --nocapture	Passed
TUI stale latest-hit reset	cargo +stable test -q -p bb-cli stale_request_metrics_do_not_match_new_cache_domain -- --nocapture	Passed
TUI model-switch stale latest-hit reset	cargo +stable test -q -p bb-cli model_mismatch_uses_current_auth_source_and_zeroes_latest -- --nocapture	Passed
Release binary smoke test	./target/debug/bb --help	Passed

Notes

• Validation was run with CARGO_BUILD_JOBS=1, CARGO_INCREMENTAL=0, and RUSTFLAGS='-Cdebuginfo=0' to reduce host-side Rust instability during release prep.
• A tiny release-prep fix was included to unblock clean bb-tui test builds by narrowing a stale test-only wrap_visual_line re-export in crates/tui/src/tui/projection.rs.
• Rebuild from the clean release worktree before tagging/publishing so the installed binary matches the exact merged release commit.

v0.0.17

Release notes draft — v0.0.17

Date: 2026-04-17

Highlights

Cache monitoring is now a first-class backend + TUI feature

This release lands the full cache-monitoring stack that was still in progress after v0.0.16:

• reusable backend monitor logic now lives in crates/bb-monitor
• request metrics, usage rollups, and cache provenance tracking are centralized there
• the TUI now shows a dedicated cache monitor line directly under the input block
• that monitor now includes:
  • cache source
  • average cache hit rate
  • latest request hit rate

This makes cache behavior much easier to reason about without digging through logs or guessing whether zero values are coming from provider data, persistence, or UI rendering.

Auth/provider UX is much more explicit

Auth handling is now visible and controllable in the core user flows:

• footer auth badges now show explicit method/source state such as OAuth vs API key
• /session shows explicit auth source, method, account, and authority
• /model can choose auth source/profile, not just provider/model
• /login now exposes concrete auth-option choosers instead of only coarse method-level picks

This release also introduces a profile-aware auth store so saved auth can be tracked and switched more cleanly over time.

Multiple saved auth profiles per provider

Providers that support it can now keep more than one saved auth profile side-by-side:

• multiple saved OAuth profiles per provider
• multiple saved API-key profiles per provider
• saved API keys are labeled safely using non-secret suffixes such as ending in 2222
• auth choosers also include a short saved-profile discriminator so similar-looking entries are still distinguishable

For example, you can now keep multiple saved OpenAI or OpenRouter API keys instead of replacing the previous saved key every time.

GPT-5 API-key requests now use the correct OpenAI endpoint

OpenAI GPT-5 API-key sessions now route tool/reasoning requests through the Responses API instead of /v1/chat/completions, fixing provider-side reasoning_effort request failures.

Notable user-facing changes

Added

• crates/bb-monitor as a reusable backend monitor crate
• under-input TUI cache monitor
• profile-aware auth metadata and timestamps
• multiple saved API-key profiles per provider

Changed

• /model now supports auth source/profile choice as part of model selection
• /login now acts as a real auth option/profile chooser instead of only a method picker
• auth state is presented more consistently across footer, /session, /model, and /login

Fixed

• GPT-5 API-key requests now use OpenAI Responses API when required
• /session now reflects explicit in-session auth selection correctly
• multi-key auth menus now avoid ambiguous saved-key entries by adding safe labels and saved-profile discriminators

Upgrade notes

• Existing auth.json stores continue to migrate automatically; no manual auth-store migration is required.
• If you already have saved provider auth, BB will continue to load it, but richer profile metadata may now appear in /login, /model, and /session.
• Distinct saved API keys for the same provider are now preserved as separate profiles instead of overwriting one another.

Suggested GitHub release summary

BB-Agent v0.0.17 focuses on visibility and control: cache behavior is now first-class in both the backend and TUI, auth source/profile selection is explicit across /model, /login, and /session, multiple saved auth profiles can coexist cleanly, and GPT-5 API-key requests now use OpenAI’s correct Responses API path.

Final clean build/test matrix

Performed from a clean origin/master-based worktree for release/0.0.17 prep.

Area	Command	Result
Build	cargo +stable build -q -p bb-cli --bin bb	Passed
CLI auth tests	cargo +stable test -q -p bb-cli login -- --nocapture	Passed
Session info auth tests	cargo +stable test -q -p bb-cli session_summary -- --nocapture	Passed
OpenAI provider tests	cargo +stable test -q -p bb-provider openai -- --nocapture	Passed
Multi saved API-key chooser	cargo +stable test -q -p bb-cli model_auth_menu_distinguishes_multiple_saved_api_keys -- --nocapture	Passed
Multi saved API-key summaries	cargo +stable test -q -p bb-cli provider_auth_option_summaries_distinguish_multiple_saved_api_keys -- --nocapture	Passed
Release binary smoke test	./target/debug/bb --help	Passed

Notes

• Commands are run with CARGO_BUILD_JOBS=1, CARGO_INCREMENTAL=0, and RUSTFLAGS='-Cdebuginfo=0' to reduce host-side Rust instability during validation.
• After the version bump, rerun the final build and smoke checks before tagging/publishing.

v0.0.16

Highlights

TUI polish and usability

• The product/UI terminology now consistently uses TUI instead of legacy fullscreen wording.
• Markdown code blocks and bash tool previews now render as raw fenced blocks, making copy/paste much easier.
• TUI status/footer handling is more trustworthy:
  • queued previews no longer hide active compaction/local-action status
  • fast local actions no longer flash noisy 0ms / 0.0s
  • footer context usage no longer gets stuck at misleading zero-like values after resume/rebuild/fork flows

Better browser setup for browser_fetch

• browser_fetch now reports missing-browser problems with clearer diagnostics.
• New command: bb setup browser
  • explains what is missing
  • shows platform-specific installation guidance
  • can optionally persist BB_BROWSER shell configuration

Tool/runtime reliability architecture

This release folds in the full architecture cleanup tracked by issue #74:

• active tool visibility and advertised schemas now come from one CLI ToolRegistry
• provider transcript validation/repair is centralized before serialization
• tool execution follows an explicit lifecycle
• new lifecycle hooks exist for:
  • tool_execution_start
  • tool_execution_update
  • tool_execution_end
• mutation-aware scheduling now allows safe overlapping read-only work while serializing same-file mutation windows

This closes several long-running reliability issues around:

• Unknown tool drift
• stuck sessions after failed/interrupted tool calls
• provider-side No tool output found ... follow-up failures
• TUI turns appearing finished before cleanup actually completed

Release hardening

• secret-bearing auth/token structs now redact sensitive fields from Debug output
• clean bb-cli release builds no longer emit dead-code warnings from the new tool registry surface
• npm/native release artifacts now prefer stripped/compressed binaries for smaller downloads

Notable user-facing changes

Added

• bb setup browser
• better missing-browser guidance for browser_fetch

Changed

• fullscreen terminology is now fully replaced by TUI
• TUI code and bash rendering is more copy/paste-friendly
• internal tool/runtime execution is more deterministic and resilient

Fixed

• footer context token usage reporting in TUI
• compaction/local-action status visibility when prompts are queued
• misleading 0ms / 0.0s local-action flashes
• stuck follow-up turns after interrupted/failed tool calls
• join-timeout handling that used to visually end the turn too early
• raw debug exposure risk for token-bearing auth structs

Upgrade notes

• No migration action is required for normal users.
• If you use browser_fetch, you may now prefer the guided setup flow:

bb setup browser

• Existing auth stores continue to work as before; this release only hardens debug redaction, not the stored auth schema.

Suggested GitHub release summary

BB-Agent v0.0.16 focuses on reliability and release polish: the TUI is easier to read and copy from, browser setup is guided, tool execution and transcript repair are now architecture-level invariants instead of scattered fixes, and release builds are hardened against both dead-code warnings and accidental token exposure in debug output.

Final clean build/test matrix

Performed from a clean origin/master-based worktree before release prep finalization.

Area	Command	Result
Build	cargo +stable build -q -p bb-cli --bin bb	Passed
Release binary smoke test	./target/debug/bb --help	Passed
Full CLI test suite	cargo +stable test -q -p bb-cli --bins --tests	Passed (126 passed)
Core library tests	cargo +stable test -q -p bb-core --lib	Passed (59 passed)
Tools scheduler tests	cargo +stable test -q -p bb-tools scheduler -- --nocapture	Passed (2 passed)
Plugin-host lifecycle serialization tests	cargo +stable test -q -p bb-plugin-host test_serialize_event -- --nocapture	Passed (4 passed)
CLI tool registry tests	cargo +stable test -q -p bb-cli tool_registry -- --nocapture	Passed (4 passed)
OAuth debug redaction	cargo +stable test -q -p bb-cli oauth_credentials_debug_redacts_tokens -- --nocapture	Passed (1 passed)
GitHub/Copilot debug redaction	cargo +stable test -q -p bb-cli debug_output_redacts_github_and_copilot_tokens -- --nocapture	Passed (1 passed)
Auth entry redaction	cargo +stable test -q -p bb-cli auth_entry_debug_redacts_secret_fields -- --nocapture	Passed (1 passed)
Auth store redaction	cargo +stable test -q -p bb-cli auth_store_debug_lists_provider_names_without_values -- --nocapture	Passed (1 passed)

Notes

• Commands were run with CARGO_BUILD_JOBS=1, CARGO_INCREMENTAL=0, and RUSTFLAGS='-Cdebuginfo=0' to reduce host-side Rust instability during validation.
• One passing CLI test intentionally exercises an npm 404 path and therefore prints an expected registry-not-found message while still passing.

v0.0.15

v0.0.15

v0.0.14

Added

• fullscreen now supports extension-driven workflows and structured slash-command outcomes, including menus, hidden dispatches, and richer command result handling
• /settings in fullscreen now exposes compaction controls for Auto-compact, Reserve tokens, and Keep recent tokens
• skills can now be listed, disabled, and re-enabled from the CLI without deleting their installed files
• startup model selection now prefers configured provider/model defaults more consistently, with better OpenAI startup fallback behavior
• added a parity test script against installed pi compaction logic to keep BB token accounting aligned with upstream behavior

Fixed

• session resume now restores the prior model and thinking level instead of starting with mismatched runtime defaults
• fullscreen/TUI terminal rendering now sanitizes terminal control text more reliably and avoids ANSI leakage into the UI
• auto-compaction token estimation now matches pi more closely by using the last successful assistant usage plus trailing estimates, using ceil-based token heuristics, computing tokens_before from rebuilt context instead of raw payload size, and ignoring assistant usage from before the latest compaction boundary
• fullscreen compaction behavior and status reporting are more consistent after auto-compaction and manual compaction events, and local fullscreen actions now show an animated elapsed-time status while they run

Changed

• fullscreen extension workflows and session compaction support are now merged into the main interaction path on master

v0.0.13

chore: prepare 0.0.13 release

v0.0.12

chore: prepare 0.0.12 release

v0.0.11

chore: prepare 0.0.11 release

v0.0.10

chore: prepare 0.0.10 release