Skip to content

Tags: getagentseal/codeburn

Tags

v0.9.14

Toggle v0.9.14's commit message
0.9.14

mac-v0.9.14

Toggle mac-v0.9.14's commit message
Menubar 0.9.14

mac-v0.9.13

Toggle mac-v0.9.13's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
fix(menubar): read Claude keychain via security CLI on silent refresh (

…#490) (#491)

Background token refreshes re-read the "Claude Code-credentials" keychain
item via the Security framework. On macOS Sierra+, access is governed by the
item's partition list, not the legacy "Always Allow" ACL. Claude Code resets
that partition list every time it rotates the credential, dropping our app
from the allowed set, so the next read raises a fresh keychain password
prompt. On a heavy usage day this fires dozens of times. The LAContext
interactionNotAllowed flag we relied on does not suppress that prompt for a
plain generic-password item.

Route the silent path (proactive refresh and post-401 re-read) through
/usr/bin/security instead. The Apple-signed security binary sits in the
item's apple-tool: partition, so it reads the secret without prompting and
without depending on the user's ACL grant. It is read-only and never spends
the shared refresh token, preserving the existing invariant that the Claude
CLI owns the grant.

The user-initiated bootstrap keeps the framework read, where a single
consent prompt is expected. Drops the now-unused LocalAuthentication import.

v0.9.12

Toggle v0.9.12's commit message
chore(release): 0.9.12

Changelog for 0.9.12, README node badge aligned to the real >=22 requirement
(node:sqlite for Cursor/OpenCode), and ws lockfile bumped to patched 8.21.0
(npm audit clean). No source changes.

mac-v0.9.12

Toggle mac-v0.9.12's commit message
chore(release): 0.9.12

Changelog for 0.9.12, README node badge aligned to the real >=22 requirement
(node:sqlite for Cursor/OpenCode), and ws lockfile bumped to patched 8.21.0
(npm audit clean). No source changes.

v0.9.11

Toggle v0.9.11's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
Merge pull request #406 from getagentseal/fix/pre-release-cleanup

fix: pre-release cleanup - opencode refactor, watchdog backoff, forge dedup

mac-v0.9.11

Toggle mac-v0.9.11's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
Merge pull request #406 from getagentseal/fix/pre-release-cleanup

fix: pre-release cleanup - opencode refactor, watchdog backoff, forge dedup

v0.9.10

Toggle v0.9.10's commit message
Document 0.9.10 release notes

mac-v0.9.10

Toggle mac-v0.9.10's commit message
Document 0.9.10 release notes

v0.9.9

Toggle v0.9.9's commit message
Store credential cache in file instead of keychain, use cache for per…

…-provider menubar

Credential cache: switched from keychain to file-based storage under
Application Support. Ad-hoc signed builds invalidate keychain ACLs on
every rebuild, causing repeated macOS password prompts. Existing
keychain entries are migrated to file on first read, then deleted.

Per-provider menubar: the Codex/Claude/etc tabs previously re-parsed
all sessions from scratch (22s). Now parses only today with the
provider filter and uses the daily cache for historical days, matching
the fast path the All tab already uses.

Daily cache bumped to v7 to force a clean rebuild after pricing and
provider changes since v6.