Changelog
Neutron's user-visible changes. Every MR that touches app code adds a bullet under ## [Unreleased] (enforced by the changelog CI job; genuine non-user-facing changes opt out with [skip changelog] in a commit message). Entries roll up under a version heading when a release line is cut. The deployed copy renders in-app from the version badge's "What's new" panel.
[Unreleased]
- agentkit discipline hooks: workspace agents now run under the agentkit police portfolio (git/kubectl/pkg/mr on commands; format/coding on writes) — force pushes,
--no-verify, protected-branch pushes and package-manager drift are blocked mid-turn, and written files are auto-formatted. Arms automatically with the workspace (chat-only instances unaffected); per-police toggles and agentkit config passthrough under agentkit:.
- CLI toolbox: instances declare the CLIs their agent may use — catalog entries (
[email protected], helm@…, terraform@…, assay@…) are fetched once into the workspace cache with vendor-checksum verification; custom binaries by url+sha256. Declared tools lead the agent's PATH, and a CLI allowlist (base shell set + declared tools + safety.allow_cli) decides what Bash may invoke — available ≠ permitted.
- Repo workspace (phase 1): instances can declare a set of GitLab/GitHub repos the agent keeps checked out and works across — investigate, branch, commit, and (per the instance's autonomy setting) push and open MRs/PRs.
gated autonomy pauses pushes and MR/PR creation on an approval card; pushing a default branch is refused in every mode. Off by default.
- GitHub mentions channel: the mentions integration now speaks GitHub too — @mention the bot in an issue or pull-request comment on an allowlisted repo and it replies as a comment, with the same one-conversation-per-target memory as GitLab (violet GitHub icon in the web history). Works with GitHub Enterprise via a configurable base URL.
- Channels settings page: admins configure GitLab/GitHub mentions entirely from Settings → Channels — enable, bot username, base URL, project allowlist, and the two secrets (stored write-only: the UI and API only ever show set/unset). Changes apply on the next webhook delivery, no restart. Environment secrets still override saved values for hardened deployments.
- AWS Bedrock models: instances can offer Bedrock-hosted Claude models in the picker (
models: entries with backend: bedrock + an inference-profile id); auth comes from the pod's AWS credentials, and picking a Bedrock model without AWS access fails with a clear message instead of a hung turn.
- GitLab mentions channel: @mention the instance's bot in a comment on an allowlisted project's MR or issue and it investigates and replies as a comment — follow-up mentions on the same MR/issue continue one conversation, which also appears in the web history (orange GitLab icon, deep-linked from the reply footer). Off by default; opt in per instance via
channels.gitlab + env secrets.
- Embedded mode: load with
?embed (or inside an iframe) and the brand header yields to the host portal's chrome — the meta bar picks up the usage/theme controls and the build badge stays put.
- Per-origin usage: every turn is attributed to its surface (
web, embed, or a host label via ?origin=<slug>); the admin usage table grows per-origin cost columns automatically once a second surface appears.
- Interactive approvals: tools listed in
safety.approval_required now pause the turn and ask in the chat — an approval card with the exact command and Approve & run / Deny, decided by the thread owner or an admin. No decision in 5 minutes denies; a page refresh keeps the pending card decidable. read_only still wins over approvals.
- Theme system rebuilt opencode-style: semantic token palette, dark/light/system toggle (applied pre-paint — no white flash), and an admin Theme page with instance-wide templates (Neutron, Catppuccin, Tokyo Night, Nord), code-highlight themes, and markdown accents.
- Activity trace: runs of read/search steps collapse into one **"Gathered context"** row; live turns get a shimmer status; file paths render as dimmed directory + strong filename; answers gain hover-to-copy.
- Landing page: colorful capability cards, configurable per instance (
capabilities: in the instance yaml) with generic defaults.
- Mermaid diagrams render colored from the active theme in both modes and scroll instead of shrinking to fit; tables wrap long values and headers so the other columns stay visible.
- Version badge: one-click copy (flips to a tick), and this changelog opens in-app from the scroll icon beside it.
- Instances now have an identity:
identity: in the instance yaml (or a brand-derived default) is injected as the system prompt, so every instance introduces itself correctly; a plugin persona still extends/overrides it.
0.1 — first deployed line (2026-07-03 → 2026-07-04)
- One core, N instances: chat with live activity trace, token-streamed answers, markdown, per-turn + per-thread cost, history with rename/range/cost·model, admin usage, per-instance branding + accent, and a build badge — deployed via GitOps as two live instances from one image.