Skip to content

Upstream changes detected: ACP spec, Codex CLI (App Server Protocol), GitHub Copilot CLI, Qwen Code #11

Description

@github-actions

This issue was opened automatically by upstream-watch.yml on 2026-07-06 because at least one upstream project this plugin depends on shipped a new release.

Detected changes

ACP spec — schema-v1.17.0 → schema-v1.19.0

  • Release: Schema v1.19.0 (published 2026-07-06)
  • Why this matters for the plugin: Defines the JSON-RPC methods the plugin's acp-client.mjs implements. Spec changes can introduce new methods we should handle (e.g. terminal/*, session/request_permission, cursor/ask_question).
Release notes excerpt

Added

  • (unstable) Add descriptions to elicitation enum options (#1397)

Codex CLI (App Server Protocol) — rust-v0.142.4 → rust-v0.142.5

  • Release: 0.142.5 (published 2026-07-01)
  • Why this matters for the plugin: Drives plugins/multi/scripts/lib/adapters/codex.mjs and app-server.mjs. Watch for sandbox mode changes, new approval policies, or app-server protocol updates.
Release notes excerpt

Bug Fixes

  • Prevented full Responses WebSocket request payloads from being written to trace logs. (#30771)

Changelog

Full Changelog: openai/codex@rust-v0.142.4...rust-v0.142.5

  • #30771 [codex] Backport websocket trace fix to release/0.142 @dylan-hurd-oai

GitHub Copilot CLI — v1.0.65 → v1.0.68

  • Release: 1.0.68 (published 2026-07-01)
  • Why this matters for the plugin: Drives plugins/multi/scripts/lib/adapters/copilot.mjs. Watch for ACP changes, slash-command additions/removals, or auth flow changes.
Release notes excerpt

2026-07-01

  • Add support for the kimi-k2.7-code model
  • The focused field in the /mcp config form is marked with a "❯ " chevron, not color alone
  • Keep IDE tools available during transient IDE disconnects, returning a clear error while disconnected and recovering automatically when the IDE reconnects
  • Tab completion shows slash command aliases inline (e.g. /pr automerge|agentmerge)
  • Stop hooks from erroring and denying every tool when a session's working directory or git worktree has been deleted
  • Keep the footer model status in sync when reasoning effort or context tier changes
  • Avoid duplicate skill and command parse errors from symlinked scan roots
  • Update the Sessions sidebar branch after /cd and /worktree
  • Find agents and instructions under Win32 extended-length paths on Windows
  • Show descriptions for slash-command input choices
  • Prevent terminal corruption when copying selected timeline text on macOS
  • Fold symlinked sandbox paths into a single row
  • Browse, resume, and switch between sessions from the agents screen
  • Code review retries transient git failures when gathering changes
  • Skip malformed plugin manifests and keep loading valid plugins
  • Show plan budget details in the statusline and /usage for supported plans
  • Render Thai and Devanagari text correctly in clipped output
  • Keep file edits and patches within the sandbox filesystem policy
  • Preserve wrapped OSC 8 hyperlink IDs in terminal output
  • Let device-managed settings override server-managed settings
  • Keep embedded /skill tokens in skill prompt context
  • Let git commands work from repo subdirectories in the sandbox
  • PowerShell variable references no longer trigger content-policy refusals
  • Tell the agent when the working directory changes between turns so it uses the new directory for commands and relative paths
  • Default to a steady vertical-bar cursor in interactive sessions
  • Disable cursor blinking at startup without changing cursor shape
  • Reject sandbox path edits that conflict with symlinks in other lists
  • Keep the status line visible when the slash-command picker opens
  • Custom agents keep their tool filters in nested subagents

…(release notes truncated; click the link above for the full text)

Qwen Code — v0.19.3 → v0.19.6

  • Release: Release v0.19.6 (published 2026-07-03)
  • Why this matters for the plugin: Drives plugins/multi/scripts/lib/adapters/qwen.mjs. Watch for ACP support changes (the --acp flag graduated from --experimental-acp recently).
Release notes excerpt

What's Changed

…(release notes truncated; click the link above for the full text)

Also worth checking (manual — Copilot, please research these too)

  • Cursor agent CLI — changelog: https://cursor.com/changelog · forum (bug reports): https://forum.cursor.com/c/bug-report/6
    • Drives plugins/multi/scripts/lib/adapters/cursor.mjs. The plugin currently works around the 2026.04.17-787b533 ACP regression (see maybeWarnAboutCursorVersion and ensureCursorAllowlist). When Cursor ships a fix, both workarounds can likely be simplified or removed.

Plugin files most likely to need updates

  • plugins/multi/scripts/lib/acp-client.mjs (shared ACP JSON-RPC client; buildAutoApproveRequestHandler)
  • plugins/multi/scripts/lib/acp-terminals.mjs (client-side terminal services)
  • plugins/multi/scripts/lib/mcp-servers.mjs (MCP wiring for ACP session/new)
  • plugins/multi/scripts/lib/adapters/{codex,gemini,cursor,copilot,qwen}.mjs (per-CLI adapters)
  • plugins/multi/scripts/multi-cli-companion.mjs (companion runtime + dispatch)

What I'd like you to do, @copilot

  1. Read the linked release notes for each detected change above, plus the manual-reference changelogs.
  2. Compare what changed against the relevant adapter / shared code in this repo. Look specifically for:
    • New ACP methods we should handle in acp-client.mjs's buildAutoApproveRequestHandler
    • Renamed / deprecated CLI flags or model IDs hardcoded in any adapter
    • New CLI capabilities that obsolete a workaround we currently ship (e.g., the Cursor 2026.04.17 regression workaround in cursor.mjs — check if a newer Cursor release fixes it, and if so, propose removing maybeWarnAboutCursorVersion and the allowlist-injection or scoping it tighter)
    • Breaking changes that would silently break the plugin
  3. For each change that warrants action, open a focused PR against master with the minimal fix. Reference the upstream release / commit / forum thread in the PR description.
  4. If a detected change does NOT need any plugin update, reply on this issue with a short note saying "no plugin updates needed for X — reason: …" and close it.
  5. If something is ambiguous (you can't tell from release notes whether the plugin is affected), ask in a comment rather than guessing.

You may use ACP_TRACE=1 and the rest of the diagnostic patterns documented in plugins/multi/skills/customize/SKILL.md if you want to verify behavior empirically.


State tracked in .github/upstream-state.json — bumped by this same workflow. If you want to suppress a noisy upstream from this watch, edit .github/scripts/upstream-watch.mjs.

Metadata

Metadata

Assignees

No one assigned

    Labels

    upstream-watchAuto-opened by upstream-watch.yml when an upstream releases

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions