Upstream changes detected: ACP spec, Gemini CLI, Codex CLI (App Server Protocol), GitHub Copilot CLI, Qwen Code

[github-actions]

This issue was opened automatically by upstream-watch.yml on 2026-06-08 because at least one upstream project this plugin depends on shipped a new release.

Detected changes

ACP spec — v0.13.5 → v0.13.6

• Release: v0.13.6 (published 2026-06-05)
• Why this matters for the plugin: Defines the JSON-RPC methods the plugin's acp-client.mjs implements. Spec changes can introduce new methods we should handle (e.g. terminal/*, session/request_permission, cursor/ask_question).

Release notes excerpt

Added

• (schema) Stabilize optional message IDs (#1372)
• (schema) Stabilize session usage updates (#1371)
• (schema) Stabilize session/delete (#1370)
• (unstable-v2) Remove MCP SSE transport and make stdio opt-in (#1368)
• (unstable-v2) Clean up capability objects (#1367)
• (unstable-v2) Require message IDs in v2 chunks (#1352)
• (unstable-v2) Adopt plan_update as v2 plan shape (#1347)
• (unstable-v2) Remove v2 client filesystem and terminal surface (#1346)

Fixed

• (unstable) Fix plan capability key (#1369)

Other

• (rfd) Add JSON-RPC batch guidance for v2 (#1348)
• (rfd) Split end-turn token usage from session usage (#1345)
• (rfd) Clarify agent-owned message IDs in RFDs (#1344)
• (deps) bump the minor group with 5 updates (#1341)
• Render feature docs in docs.rs (#1331)

Gemini CLI — v0.44.1 → v0.45.2

• Release: Release v0.45.2 (published 2026-06-05)
• Why this matters for the plugin: Drives plugins/multi/scripts/lib/adapters/gemini.mjs. Watch for changes to ACP handshake, model alias resolution, MCP support, or new approval modes.

Release notes excerpt

What's Changed

• fix(patch): cherry-pick f40498d to release/v0.45.1-pr-27676 to patch version v0.45.1 and create version 0.45.2 by @gemini-cli-robot in fix(patch): cherry-pick f40498d to release/v0.45.1-pr-27676 to patch version v0.45.1 and create version 0.45.2 google-gemini/gemini-cli#27700
  Full Changelog: google-gemini/gemini-cli@v0.45.1...v0.45.2

Codex CLI (App Server Protocol) — rust-v0.136.0 → rust-v0.137.0

• Release: 0.137.0 (published 2026-06-04)
• Why this matters for the plugin: Drives plugins/multi/scripts/lib/adapters/codex.mjs and app-server.mjs. Watch for sandbox mode changes, new approval policies, or app-server protocol updates.

Release notes excerpt

New Features

• TUI controls now support F13-F24 keybindings, paste in searchable menus, and a compact reasoning-only status/title item (#25329, #25400, #25504).
• Enterprise/admin flows now show monthly credit limits and can apply cloud-managed config bundles, including EDU workspaces (#24812, #24617, #24619, #24620, #24622, #25963).
• Remote-control clients can start pairing and list or revoke controller grants through app-server v2 RPCs (#25675, #25785).
• Plugin workflows gained machine-readable codex plugin list --json output and cached remote catalog suggestions (#25330, #25457).
• Hosted web and image tools are available in more code-mode flows, with standalone web searches able to run in parallel (#25176, #25702, #25890, #25923).
• Multi-agent v2 keeps runtime choice with each thread and exposes cleaner follow-up and metadata defaults for spawned agents (#25266, #25636, #25720, #25721, #25722, #25841, #26114).

Bug Fixes

• Cancelling a submitted prompt before visible output now restores the draft, attachments, and collaboration mode for editing (#25316).
• Slash-command filtering and footer shortcut hints now reset or render according to the current UI state (#25492, #25625).
• Platform reliability improved for macOS app launches and Windows SQLite startup, thread resume, and sandbox setup refreshes (#25485, #25490, #25509, #25949).
• Plugin loading preserves app manifest order, deduplicates local/remote curated installs, and treats malformed skills fields as warnings (#25491, #25681, #25717, #25782).
• Permission requests and approvals now carry environment identity, and managed MITM proxying exports readable CA bundles to child commands (#25850, #25858, #25862, #22668).
• Local session history is safer for compressed rollouts, renamed titles, pathless side-chat reloads, and stack-heavy startup/config rebuilds (#25087, #25624, #25661, #25814, #25844, #25847).

Documentation

• Added app-server docs and generated schema updates for monthly credit limits, remote-control RPCs, and environment-scoped permission approvals (#24812, #25675, #25785, #25862).
• Moved repo review rules and contributor conventions into AGENTS.md, including Rust test-module layout and Python 3 compatibility guidance (#25682, #25690, #25738).

Chores

• Root formatting and Justfile workflows are more complete and Windows-aware (#24983, #25165, #25683).
• Rust CI and release workflows use the git CLI for Cargo fetches to avoid intermittent libgit2/submodule failures (#25644, #25775).
• Python SDK releases now publish runtime wheels from the SDK workflow and pin to a glibc-compatible runtime package (#25906, #25907).
• Bazel CI’s BuildBuddy wrapper was reintroduced with Windows-safe process handling and validation (#25915).
• Shared prompts, context fragments, and skills plumbing moved into dedicated crates/extension paths to reduce codex-core coupling (#25151, #25953, #25959, #26106, #26122, #26167).

Changelog

Full Changelog: openai/codex@rust-v0.136.0...rust-v0.137.0

• #25329 feat(tui): allow function keys through f24 in keymaps @fcoury-oai
• #24617 Add config bundle transport types @joeflorencio-openai
• #25435 Add build_unsigned_archive release mode @shijie-oai
• #24619 Compose requirements layers @joeflorencio-openai
• #24620 Add cloud-managed config layer support @joeflorencio-openai

…(release notes truncated; click the link above for the full text)

GitHub Copilot CLI — v1.0.57 → v1.0.60

• Release: 1.0.60 (published 2026-06-05)
• Why this matters for the plugin: Drives plugins/multi/scripts/lib/adapters/copilot.mjs. Watch for ACP changes, slash-command additions/removals, or auth flow changes.

Release notes excerpt

2026-06-05

• Tab completes .. parent traversal in slash-command path arguments instead of switching tabs
• Add the max reasoning effort level for Anthropic models and make all effort levels available on every plan
• Screen no longer stays blank after waking from sleep inside a terminal multiplexer
• Input fields render background color correctly inside highlighted frames
• Cursor renders in the correct position in plan approval and review feedback prompts
• Worktree directory uses a flat name when PR branch contains slashes (e.g. cli/foo → .worktrees/cli-foo)
• Queue hint correctly shows ctrl+enter instead of ctrl+q when kitty keyboard protocol is active
• Status line progressively stacks across rows at narrow terminal widths instead of truncating elements beyond recognition
• Clipboard operations on X11 no longer corrupt the terminal display
• Add builtInAgents.rubberDuckAutoInvoke setting to control automatic rubber duck agent invocation (disabled by default)
• On Windows, executables are no longer discovered in the working directory when invoking by bare name (e.g. git). Add the working directory to PATH to enable discovery.
• Interactive shell commands no longer hang when producing large amounts of output
• MCP tools glyph in /context legend displays at the correct size
• Skill and slash command picker rows correctly display multi-line descriptions as a single line
• IDE picker now hides entries whose editor connection has gone away, so selecting one no longer fails with a connection error, and appends a process id to entries that share the same editor and folder so git worktrees of the same repo can be told apart
• Model picker fits within small terminal windows and mouse scroll works in the picker
• Show cache write tokens alongside cache read tokens in /usage display
• Repurpose ctrl+s to stash and pop the current prompt (Claude Code parity); the slash-command picker is still available by typing /
• /context separates Custom Instructions from the system prompt and cross-references per-server MCP tool token costs with /mcp
• Add billing help topic with an overview of AI credit usage features
• Add vim-style navigation keys (g, G, Ctrl+D, Ctrl+U) to the /diff view
• Show the Mission Control sharing status of synced sessions in the /session info view
• Add -r as a shorthand for --resume
• LSP server config accepts bash, powershell, and cwd keys; command launch default cwd stays project-root unless cwd is set, and cwd expansion now supports plugin vars like PLUGIN_ROOT while shell launches keep hook-matching cwd/env behavior
• Rewind picker shows working-tree diff stats (+added −removed) at each checkpoint
• Create a git worktree for a pull request directly from the pull requests screen
• Remaining requests percentage no longer shows a negative value for over-limit users
• Extension permission prompts respect --yolo and pre-approved locations on startup
• Custom agent instructions are no longer duplicated each turn, reducing context window usage

…(release notes truncated; click the link above for the full text)

Qwen Code — v0.17.0 → v0.17.1

• Release: Release v0.17.1 (published 2026-06-03)
• Why this matters for the plugin: Drives plugins/multi/scripts/lib/adapters/qwen.mjs. Watch for ACP support changes (the --acp flag graduated from --experimental-acp recently).

Release notes excerpt

What's Changed

• chore(release): v0.17.0 by @qwen-code-ci-bot in chore(release): v0.17.0 QwenLM/qwen-code#4626
• fix(rewind): false "compressed turn" error when mid-turn messages exist by @doudouOUC in fix(rewind): false "compressed turn" error when mid-turn messages exist QwenLM/qwen-code#4580
• fix(core): emit enable_thinking on DashScope when reasoning is disabled by @doudouOUC in fix(core): emit enable_thinking on DashScope when reasoning is disabled QwenLM/qwen-code#4505
• fix(core): surface Anthropic empty stream provider errors by @DragonnZhang in fix(core): surface Anthropic empty stream provider errors QwenLM/qwen-code#4540
• feat(core): add memory pressure monitor by @ZevGit in feat(core): add memory pressure monitor QwenLM/qwen-code#4403
• fix(core): guard oversized resumed history sends by @Jerry2003826 in fix(core): guard oversized resumed history sends QwenLM/qwen-code#4531
• fix(cli): stabilize statusline preset ordering by @shenyankm in fix(cli): stabilize statusline preset ordering QwenLM/qwen-code#4634
• fix(config): load home .env vars before settings ${VAR} resolution (#4466) by @kagura-agent in fix(config): load home .env vars before settings ${VAR} resolution (#4466) QwenLM/qwen-code#4474
• fix(acp): drop discontinued Qwen OAuth method by @he-yufeng in fix(acp): drop discontinued Qwen OAuth method QwenLM/qwen-code#4639
• fix(core): enforce adjacent tool results by @he-yufeng in fix(core): enforce adjacent tool results QwenLM/qwen-code#4622
• fix(cli): hide completed sticky todos by @he-yufeng in fix(cli): hide completed sticky todos QwenLM/qwen-code#4635
• feat(cli): Add settings JSON corrupted warning dialog by @zzhenyao in feat(cli): Add settings JSON corrupted warning dialog QwenLM/qwen-code#4560
• fix(core): harden context error text collection by @he-yufeng in fix(core): harden context error text collection QwenLM/qwen-code#4632
• fix(core): apply output language to side queries by @he-yufeng in fix(core): apply output language to side queries QwenLM/qwen-code#4636
• fix(cli): persist /memory toggle state across dialog reopen by @LaZzyMan in fix(cli): persist /memory toggle state across dialog reopen QwenLM/qwen-code#4650
• fix(docs): Hide internal docs from docs site by @DragonnZhang in fix(docs): Hide internal docs from docs site QwenLM/qwen-code#4357
• fix(core): preserve uid in atomicWriteFile to avoid breaking shared-write files by @doudouOUC in fix(core): preserve uid in atomicWriteFile to avoid breaking shared-write files QwenLM/qwen-code#4431
• Improve hooks matcher display by @qqqys in Improve hooks matcher display QwenLM/qwen-code#4545
• fix(cli): use session channel when closing ACP sessions by @Jerry2003826 in fix(cli): use session channel when closing ACP sessions QwenLM/qwen-code#4522
• fix(core,cli): replace full-history structuredClone with shallow/tail variants to prevent OOM on resume by @yiliang114 in fix(core,cli): replace full-history structuredClone with shallow/tail variants to prevent OOM on resume QwenLM/qwen-code#4644
• feat(cli): add respectUserColors and hideContextIndicator options for statusline by @zzhenyao in feat(cli): add respectUserColors and hideContextIndicator options for statusline QwenLM/qwen-code#4670
• fix(core): tolerate unsupported Streamable HTTP GET SSE by @Jerry2003826 in fix(core): tolerate unsupported Streamable HTTP GET SSE QwenLM/qwen-code#4521
• fix(insight): Harden insight facet normalization and empty qualitative handling by @DragonnZhang in fix(insight): Harden insight facet normalization and empty qualitative handling QwenLM/qwen-code#3557
• feat(cli): notify when background shells finish by @DragonnZhang in feat(cli): notify when background shells finish QwenLM/qwen-code#4355
• feat(core): add simplify bundled skill by @pomelo-nwu in feat(core): add simplify bundled skill QwenLM/qwen-code#3570
• feat(skills): add agent reproduction workflows by @DragonnZhang in feat(skills): add agent reproduction workflows QwenLM/qwen-code#4118
• feat(cli): virtual viewport for long conversations on ink 7 by @chiga0 in feat(cli): virtual viewport for long conversations on ink 7 QwenLM/qwen-code#4146
• feat(cli): background housekeeping for stale file-history dirs by @doudouOUC in feat(cli): background housekeeping for stale file-history dirs QwenLM/qwen-code#4414

…(release notes truncated; click the link above for the full text)

Also worth checking (manual — Copilot, please research these too)

• Cursor agent CLI — changelog: https://cursor.com/changelog · forum (bug reports): https://forum.cursor.com/c/bug-report/6
  • Drives plugins/multi/scripts/lib/adapters/cursor.mjs. The plugin currently works around the 2026.04.17-787b533 ACP regression (see maybeWarnAboutCursorVersion and ensureCursorAllowlist). When Cursor ships a fix, both workarounds can likely be simplified or removed.

Plugin files most likely to need updates

• plugins/multi/scripts/lib/acp-client.mjs (shared ACP JSON-RPC client; buildAutoApproveRequestHandler)
• plugins/multi/scripts/lib/acp-terminals.mjs (client-side terminal services)
• plugins/multi/scripts/lib/mcp-servers.mjs (MCP wiring for ACP session/new)
• plugins/multi/scripts/lib/adapters/{codex,gemini,cursor,copilot,qwen}.mjs (per-CLI adapters)
• plugins/multi/scripts/multi-cli-companion.mjs (companion runtime + dispatch)

What I'd like you to do, @copilot

1. Read the linked release notes for each detected change above, plus the manual-reference changelogs.
2. Compare what changed against the relevant adapter / shared code in this repo. Look specifically for:
   • New ACP methods we should handle in acp-client.mjs's buildAutoApproveRequestHandler
   • Renamed / deprecated CLI flags or model IDs hardcoded in any adapter
   • New CLI capabilities that obsolete a workaround we currently ship (e.g., the Cursor 2026.04.17 regression workaround in cursor.mjs — check if a newer Cursor release fixes it, and if so, propose removing maybeWarnAboutCursorVersion and the allowlist-injection or scoping it tighter)
   • Breaking changes that would silently break the plugin
3. For each change that warrants action, open a focused PR against master with the minimal fix. Reference the upstream release / commit / forum thread in the PR description.
4. If a detected change does NOT need any plugin update, reply on this issue with a short note saying "no plugin updates needed for X — reason: …" and close it.
5. If something is ambiguous (you can't tell from release notes whether the plugin is affected), ask in a comment rather than guessing.

You may use ACP_TRACE=1 and the rest of the diagnostic patterns documented in plugins/multi/skills/customize/SKILL.md if you want to verify behavior empirically.

---

State tracked in .github/upstream-state.json — bumped by this same workflow. If you want to suppress a noisy upstream from this watch, edit .github/scripts/upstream-watch.mjs.