build(deps-dev): bump @earendil-works/pi-coding-agent from 0.79.1 to 0.79.8

[dependabot]

Bumps @earendil-works/pi-coding-agent from 0.79.1 to 0.79.8.

Release notes

Sourced from @​earendil-works/pi-coding-agent's releases.

v0.79.8

New Features

• Selective provider base entry points - SDK users can pair @earendil-works/pi-ai/base and @earendil-works/pi-agent-core/base with explicit provider registration to keep bundled applications from including unused provider transports. See pi-ai Base Entry Point and pi-agent-core Base Entry Point.
• Mistral prompt caching - Mistral sessions now use provider-side prompt caching with session affinity and cached-token usage/cost accounting. See API Keys and Environment Variables.
• Post-compaction token estimates - Compact results and compaction events now include estimated post-compaction token counts so clients can show the approximate context reduction. See RPC compact and compaction events.
• OpenRouter Fusion alias - openrouter/fusion is available as a built-in OpenRouter model alias. See API Keys.

Added

• Added inherited @earendil-works/pi-ai/base and @earendil-works/pi-agent-core/base entry points for selective provider registration in bundled applications (#5348 by @​FredKSchott).
• Added inherited Mistral prompt caching using the pi session ID as prompt_cache_key, including cached-token usage and cost accounting (#5854).
• Added estimated post-compaction token counts to compact results and compaction events (#5877).
• Added the inherited OpenRouter Fusion alias as openrouter/fusion (#5866 by @​dannote).

Fixed

• Updated vulnerable runtime dependencies, including undici and the packaged protobufjs transitive dependency.
• Fixed compaction to refuse sessions with no eligible messages instead of producing empty summaries (#4811).
• Fixed successful overflow-triggered auto-compaction to avoid retrying completed assistant responses (#5720).

v0.79.7

New Features

• Automatic theme mode - /settings can choose separate light and dark themes and follow terminal color-scheme changes. See Selecting a Theme.
• Self-only updates by default - pi update now updates pi only, with pi update --all for updating pi and packages together. See Install and Manage.
• Extension API helpers - extensions can use CONFIG_DIR_NAME for project config paths and import edit diff helpers for edit-style diffs. See ctx.cwd and SDK Exports.
• Warp inline images - Warp terminals now get inline image rendering through Kitty graphics detection. See Image.

Added

• Added automatic theme mode so /settings can use separate light and dark themes and follow terminal color-scheme changes (#5874).
• Added inherited Warp terminal image capability detection so inline images render through Warp's Kitty graphics support (#5841 by @​dodiego).
• Exported CONFIG_DIR_NAME from the coding-agent public API so extensions can resolve project config paths without hardcoding .pi (#5869 by @​xl0).
• Exported edit diff helpers (generateDiffString, generateUnifiedPatch, and EditDiffResult) from the public API for extensions that need edit-style diffs (#5756 by @​xl0).

Changed

• Changed bare pi update to update only pi, added pi update --all for updating pi and extensions together, and clarified extension update prompts.
• Reserved / in theme names for automatic light/dark theme settings.
• Updated extension docs, examples, runtime help, trust prompts, and config labels to use the configured project config directory instead of hardcoded .pi paths.

Fixed

• Fixed RPC unknown-command errors to include the request id so clients do not hang waiting for a response (#5868).
• Fixed /model autocomplete and model selection searches to match provider/model queries regardless of whether the provider or model token is typed first.
• Fixed the tree navigator to horizontally pan deep entries so the selected item remains readable (#5830).

v0.79.6

Fixed

... (truncated)

Changelog

Sourced from @​earendil-works/pi-coding-agent's changelog.

[0.79.8] - 2026-06-19

New Features

• Selective provider base entry points - SDK users can pair @earendil-works/pi-ai/base and @earendil-works/pi-agent-core/base with explicit provider registration to keep bundled applications from including unused provider transports. See pi-ai Base Entry Point and pi-agent-core Base Entry Point.
• Mistral prompt caching - Mistral sessions now use provider-side prompt caching with session affinity and cached-token usage/cost accounting. See API Keys and Environment Variables.
• Post-compaction token estimates - Compact results and compaction events now include estimated post-compaction token counts so clients can show the approximate context reduction. See RPC compact and compaction events.
• OpenRouter Fusion alias - openrouter/fusion is available as a built-in OpenRouter model alias. See API Keys.

Added

• Added inherited @earendil-works/pi-ai/base and @earendil-works/pi-agent-core/base entry points for selective provider registration in bundled applications (#5348 by @​FredKSchott).
• Added inherited Mistral prompt caching using the pi session ID as prompt_cache_key, including cached-token usage and cost accounting (#5854).
• Added estimated post-compaction token counts to compact results and compaction events (#5877).
• Added the inherited OpenRouter Fusion alias as openrouter/fusion (#5866 by @​dannote).

Fixed

• Updated vulnerable runtime dependencies, including undici and the packaged protobufjs transitive dependency.
• Fixed compaction to refuse sessions with no eligible messages instead of producing empty summaries (#4811).
• Fixed successful overflow-triggered auto-compaction to avoid retrying completed assistant responses (#5720).

[0.79.7] - 2026-06-18

New Features

• Automatic theme mode - /settings can choose separate light and dark themes and follow terminal color-scheme changes. See Selecting a Theme.
• Self-only updates by default - pi update now updates pi only, with pi update --all for updating pi and packages together. See Install and Manage.
• Extension API helpers - extensions can use CONFIG_DIR_NAME for project config paths and import edit diff helpers for edit-style diffs. See ctx.cwd and SDK Exports.
• Warp inline images - Warp terminals now get inline image rendering through Kitty graphics detection. See Image.

Added

• Added automatic theme mode so /settings can use separate light and dark themes and follow terminal color-scheme changes (#5874).
• Added inherited Warp terminal image capability detection so inline images render through Warp's Kitty graphics support (#5841 by @​dodiego).
• Exported CONFIG_DIR_NAME from the coding-agent public API so extensions can resolve project config paths without hardcoding .pi (#5869 by @​xl0).
• Exported edit diff helpers (generateDiffString, generateUnifiedPatch, and EditDiffResult) from the public API for extensions that need edit-style diffs (#5756 by @​xl0).

Changed

• Changed bare pi update to update only pi, added pi update --all for updating pi and extensions together, and clarified extension update prompts.
• Reserved / in theme names for automatic light/dark theme settings.
• Updated extension docs, examples, runtime help, trust prompts, and config labels to use the configured project config directory instead of hardcoded .pi paths.

Fixed

• Fixed RPC unknown-command errors to include the request id so clients do not hang waiting for a response (#5868).
• Fixed /model autocomplete and model selection searches to match provider/model queries regardless of whether the provider or model token is typed first.
• Fixed the tree navigator to horizontally pan deep entries so the selected item remains readable (#5830).

... (truncated)

Commits

• 8eb9704 Release v0.79.8
• 74677bb docs: audit unreleased changelogs
• a2f70e5 fix(coding-agent): reset tool test mocks
• ea65a51 fix: update vulnerable dependencies
• 0d89a33 feat(packages): Add selective pi-ai base entrypoints (#5348)
• 9179734 docs(coding-agent): audit unreleased changelog
• 651d10d feat(ai): enable Mistral prompt caching
• 8025fdd meta: Update readmes slightly
• fd1ba2c test(coding-agent): seed auto-compaction queue fixture
• cab89d1 docs: audit unreleased changelogs
• Additional commits viewable in compare view

---

^{Need help on this PR? Tag /codesmith with what you need. Autofix is disabled.}

Greptile Summary

This is an automated dependabot bump of @earendil-works/pi-coding-agent from 0.79.1 to 0.79.8, picking up several new features (Mistral prompt caching, OpenRouter Fusion alias, post-compaction token estimates) and important security fixes (undici upgraded from 8.3.0 to 8.5.0, vulnerable protobufjs transitive dep patched).

• pi-coding-agent is updated to 0.79.8 in package.json and the lockfile; transitive dependencies pi-agent-core and pi-ai (nested) are also resolved at 0.79.8, with new deps semver, @opentelemetry/api, and @opentelemetry/semantic-conventions added.
• The root-level @earendil-works/pi-ai and @earendil-works/pi-tui devDependencies in package.json remain pinned at 0.79.1, resulting in dual versions of both packages in the lockfile alongside the 0.79.8 copies pulled in by pi-coding-agent.
• Workspace package versions (core, opencode, pi) are bumped from 1.10.1 to 1.10.3 in the lockfile as a side effect.

Confidence Score: 4/5

Safe to merge — this is a devDependency-only bump that brings in security fixes and no production code changes.

The update is limited to a dev tooling package and its transitive dependencies. The security improvements to undici are a clear positive. The only concern is that the root-level @earendil-works/pi-ai and @earendil-works/pi-tui devDeps were not bumped alongside pi-coding-agent, leaving two copies of each package in the lockfile, which could cause subtle version skew for any workspace scripts that import those packages directly.

The root-level pi-ai and pi-tui version pins in package.json deserve a second look to confirm the intentional version split is acceptable.

Important Files Changed

Filename	Overview
package.json	Bumps @earendil-works/pi-coding-agent from 0.79.1 to 0.79.8; sibling packages pi-ai and pi-tui remain at 0.79.1, causing duplicate versions in the lockfile.
bun.lock	Lockfile updated to reflect pi-coding-agent@0.79.8 and its transitive changes: pi-agent-core bumped to 0.79.8, undici bumped to 8.5.0 (security fix), new semver, @opentelemetry/api, and @opentelemetry/semantic-conventions entries added, and workspace package versions updated from 1.10.1 to 1.10.3.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    ROOT["package.json (root)"]
    ROOT -->|"0.79.8 (updated)"| PCA["@earendil-works/pi-coding-agent@0.79.8"]
    ROOT -->|"0.79.1 (unchanged)"| PAI_ROOT["@earendil-works/pi-ai@0.79.1"]
    ROOT -->|"0.79.1 (unchanged)"| PTUI_ROOT["@earendil-works/pi-tui@0.79.1"]

    PCA -->|"^0.79.8"| PAC["@earendil-works/pi-agent-core@0.79.8"]
    PCA -->|"^0.79.8 (nested)"| PAI_NESTED["@earendil-works/pi-ai@0.79.8"]
    PCA -->|"^0.79.8 (nested)"| PTUI_NESTED["@earendil-works/pi-tui@0.79.8"]
    PCA -->|"8.5.0 (security fix)"| UNDICI["undici@8.5.0"]

    PAC -->|"^0.79.8 (nested)"| PAI_NESTED2["@earendil-works/pi-ai@0.79.8"]

    PAI_NESTED -->|new| OT_API["@opentelemetry/api@1.9.0"]
    PAI_NESTED -->|new| OT_SC["@opentelemetry/semantic-conventions@1.41.1"]
    PAI_NESTED -->|"2.2.6 (bumped)"| MISTRAL["@mistralai/mistralai@2.2.6"]

    style PAI_ROOT fill:#ffcccc,stroke:#cc0000
    style PTUI_ROOT fill:#ffcccc,stroke:#cc0000
    style PAI_NESTED fill:#ccffcc,stroke:#009900
    style PTUI_NESTED fill:#ccffcc,stroke:#009900
    style UNDICI fill:#ccffcc,stroke:#009900

Loading

%%{init: {'theme': 'base', 'themeVariables': {"darkMode": true, "background": "#0d1117", "primaryColor": "#21262d", "primaryTextColor": "#e6edf3", "primaryBorderColor": "#8b949e", "lineColor": "#8b949e", "textColor": "#e6edf3", "edgeLabelBackground": "#161b22", "actorBkg": "#21262d", "actorBorder": "#8b949e", "actorTextColor": "#e6edf3", "actorLineColor": "#8b949e", "signalColor": "#8b949e", "signalTextColor": "#e6edf3", "noteBkgColor": "#373320", "noteBorderColor": "#d4a72c", "noteTextColor": "#f0e6c0", "labelBoxBkgColor": "#21262d", "labelBoxBorderColor": "#8b949e", "labelTextColor": "#e6edf3", "loopTextColor": "#e6edf3", "activationBkgColor": "#30363d", "activationBorderColor": "#8b949e"}}}%%
flowchart TD
    ROOT["package.json (root)"]
    ROOT -->|"0.79.8 (updated)"| PCA["@earendil-works/pi-coding-agent@0.79.8"]
    ROOT -->|"0.79.1 (unchanged)"| PAI_ROOT["@earendil-works/pi-ai@0.79.1"]
    ROOT -->|"0.79.1 (unchanged)"| PTUI_ROOT["@earendil-works/pi-tui@0.79.1"]

    PCA -->|"^0.79.8"| PAC["@earendil-works/pi-agent-core@0.79.8"]
    PCA -->|"^0.79.8 (nested)"| PAI_NESTED["@earendil-works/pi-ai@0.79.8"]
    PCA -->|"^0.79.8 (nested)"| PTUI_NESTED["@earendil-works/pi-tui@0.79.8"]
    PCA -->|"8.5.0 (security fix)"| UNDICI["undici@8.5.0"]

    PAC -->|"^0.79.8 (nested)"| PAI_NESTED2["@earendil-works/pi-ai@0.79.8"]

    PAI_NESTED -->|new| OT_API["@opentelemetry/api@1.9.0"]
    PAI_NESTED -->|new| OT_SC["@opentelemetry/semantic-conventions@1.41.1"]
    PAI_NESTED -->|"2.2.6 (bumped)"| MISTRAL["@mistralai/mistralai@2.2.6"]

    style PAI_ROOT fill:#ffcccc,stroke:#cc0000
    style PTUI_ROOT fill:#ffcccc,stroke:#cc0000
    style PAI_NESTED fill:#ccffcc,stroke:#009900
    style PTUI_NESTED fill:#ccffcc,stroke:#009900
    style UNDICI fill:#ccffcc,stroke:#009900

Loading

_{Reviews (1): Last reviewed commit: "build(deps-dev): bump @earendil-works/pi..." | Re-trigger Greptile}

Greptile also left 1 inline comment on this PR.

[greptile-apps]

Your free trial has ended. If you'd like to continue receiving code reviews, you can add a payment method here.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	@​earendil-works/​pi-coding-agent@​0.79.1 ⏵ 0.79.8			+1

View full report

[greptile-apps]

Sibling packages not bumped alongside pi-coding-agent

@earendil-works/pi-ai and @earendil-works/pi-tui remain pinned at 0.79.1 in package.json, while pi-coding-agent@0.79.8 now pulls in ^0.79.8 of both packages as its own dependencies. The lockfile reflects this by adding nested @earendil-works/pi-coding-agent/@earendil-works/pi-ai@0.79.8 and @earendil-works/pi-coding-agent/@earendil-works/pi-tui@0.79.8 entries alongside the root 0.79.1 copies, meaning two separate copies of each package will be installed. Any code in this workspace that imports @earendil-works/pi-ai or @earendil-works/pi-tui directly will still get 0.79.1 while the pi CLI runs against 0.79.8.

[ualtinok]

Superseded by direct dependency batch c03db13, which updates the related packages together and passed the full local validation gate.

[ualtinok]

Closed as superseded by c03db13.

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.