Releases: MaximeGaudin/void
Releases · MaximeGaudin/void
Release list
v0.10.3
Fixed
- WhatsApp — Notes-to-self sends (
--toyour own number or--conversationfor "Message yourself") were acknowledged by linked devices but never delivered to the primary phone; sends now use the regular DM path to your phone JID instead of a broken custom LID stanza.
v0.10.1
Supersedes 0.10.0, which was tagged but never published (its Windows release build failed).
Added
- WhatsApp — Support for the "Message yourself" (notes-to-self) chat:
sendandreplynow detect and route to the notes-to-self conversation, including via the newsend --conversation <id>flag.
Changed
- Telegram — Replaced the raw-memory
unsafetransmute ofPeerAuthwith the crate's safe accessors and a fixed little-endian encoding (no behavior change for existing little-endian session files).
Fixed
- WhatsApp — Messages are now stored under the config connection id instead of the account JID, so history stays attached to the right connection.
- WhatsApp — RPC server now builds on Windows (uses
tokio::io::splitfor named pipes instead of the Unix-onlyinto_split). - Docs — Corrected the
calendar respond --statusvalues (accepted|declined|tentative) and added the missing Hacker News command reference.
Security
- Credentials at rest —
config.toml, OAuth token caches, the Telegram session file, and the WhatsApp session DB are now written owner-only (0600, parent dir0700) on Unix instead of inheriting world-readable permissions. Other local users can no longer read your tokens/session keys. - Drive download path traversal —
void drive download(without--output) derived the destination from the attacker-controlled remote file name; a name like../../../.zshrccould write outside the working directory. The auto-derived name is now reduced to a single sanitized path component. - Remote store shell quoting — tilde-prefixed remote paths sourced from config are now properly escaped before being passed to the remote login shell (scp specs and the daemon lock-file check), closing a command-injection gap against your own remote host.
v0.9.4
Added
- Docs — New deployment modes guide explaining the two ways to run void (all-local vs sync on an always-on server) with trade-offs and a migration path; the README now summarizes both modes.
Changed
- Dependencies — Bumped reqwest (0.13), toml (0.9), sysinfo (0.39), and a group of minor/patch updates.
Fixed
- Remote mode — Download commands (
gmail attachment,whatsapp download,telegram download,linkedin download) failed on a fresh remote store because the remote staging directory was only created by--fileuploads. The staging directory is now created before download-only proxied commands, and download handlers create the output file's parent directories (matchingdrive download).
v0.9.2
Changed
- License — Relicensed from GPL-3.0-only to AGPL-3.0-only to close the network-use (SaaS) loophole. As sole author, no contributor consent was required.
- Dependencies — Bumped rusqlite (0.39), tokio-tungstenite (0.29), croner (3.0), html-to-markdown-rs (3.0), and a group of minor/patch updates.
- MSRV — Raised the declared minimum supported Rust version to 1.89 (the real floor required by the dependency tree; the previously declared 1.75 did not build).
- CI — Added macOS to the test matrix,
--lockedbuilds, and new MSRV,cargo deny, and coverage jobs. - Tests — Added ~100 tests (binary CLI integration, sync-engine orchestration, schema migrations, FTS5 fuzzing, hook execution, remote-store proxy, and per-connector API error paths). See docs/testing.md.
- Docs — Restructured the README around a quick start and everyday examples, and split deep material into modular guides (
docs/): command reference, configuration, connector setup, hooks, remote store, testing. - Community — Added contribution guide, security policy (including embedded OAuth client documentation), code of conduct, issue/PR templates, and Dependabot configuration.
Removed
- Agent — Removed the unused rig-core-based interactive agent mode (
void agent) and its crate. Hooks (void hook) are unaffected.
v0.9.1
Fixed
- Calendar — Auto-include the calendar account owner in the attendee list when creating events with
--attendees(the organizer was omitted from Google Calendar API requests). - Remote — Stage file attachments over SCP in proxied commands so send/reply with
--fileworks in remote store mode.
Changed
- Docs — Improved README quick start install instructions, including a curl one-liner.
v0.9.0
Added
- Remote store — Full remote store mode with SSH proxy and local cache: run sync on a home server, use
voidlocally against the same data (store.mode = "remote",void remote status,void remote refresh). - Doctor — Added
--non-interactiveflag for scriptable health checks. - LinkedIn — Sync comments on your own posts via Unipile Posts & Comments API (one thread per post, nested comment replies,
void replyon post comments). - LinkedIn — Catch-up after sleep/idle (wall-clock idle detection, progress on resume, same as Slack/Gmail).
- Hacker News — Catch-up after sleep/idle with visible progress when resuming from hibernation.
Fixed
- Calendar — Incremental sync now works: initial backfill no longer uses
orderBy(which prevented Google from returning a sync token), and a bootstrap step acquires the token for ongoing updates. - Config — Auto-create default config on first run instead of erroring.
- Gmail — Paginate
list_historyto avoid silently dropping events. - Gmail — Preserve HTML when forwarding messages.
- Inbox — Thread dedup no longer hides threads with newer archived messages.
- LinkedIn — Run catch-up on daemon start when backfill is already complete (missed messages while void was stopped).
- Slack — Skip external/Google and thumbnail-only attachments when caching files; prefer
url_private_downloadto avoid repeated 404/401 warnings.
v0.7.0
Added
- Hooks — Added
active_windowto restrict hook execution to specific days and hours. - Hooks — Added per-hook
extra_args(a generic argv passthrough) so hooks can forward any agent-specific CLI flags withoutvoidhaving to know their spelling. All agent-specific flags — model selection, tool permissions, etc. — are the hook author's responsibility. Example:extra_args = ["--model", "sonnet", "--dangerously-skip-permissions"].
Changed
- Hooks — Replaced dedicated
model,allowed_tools, anddangerously_skip_permissionsfields with the genericextra_argspassthrough. - Sync — Status logs now include timestamps; Slack is re-synced on any reconnect.
Fixed
- Hooks — When an agent exits non-zero with an empty stderr (e.g. Claude rate-limit rejections), the error surfaced on the console and in logs was blank. The executor now parses the stream-json stdout and extracts the final
result/rate_limit_eventrecord, so failures show something likeclaude exited with exit status: 1: [HTTP 429, rate_limit=five_hour] You've hit your limit …. - Slack — Thread replies are now fetched during backfill.
- Slack — Permalinks are resolved via the native
(channel, ts)pair. - Slack — Real-time messages ingested via Socket Mode now carry the same metadata as backfilled ones (
channel_id,channel_name,channel_kind, optionalthread_ts). Previously plain-text events ended up withmetadata: null, which broke downstream consumers that relied on the channel name (e.g. notification hooks). - Sync — Broken connectors now surface errors instead of being silently skipped.
- Log — Status macro output now uses full ISO-8601 timestamps.
Removed
- Knowledge Base — Removed the
void kbcommand and the entire Knowledge Base feature (daemon, indexing, and related config).
v0.6.0
Added
- Knowledge Base — Added
void kb syncandvoid kb unsynccommands with hybrid semantic + grep search. - Knowledge Base — Included progress reporting with ETA during folder sync.
- Knowledge Base — Respected
.gitignorerules during folder sync. - Knowledge Base — Stored file mtime and boosted recent documents in search results.
- Config — Added
ignore_conversationsoption to any connection. Matching conversations are auto-muted on every sync start (case-insensitive substring match on name or external ID). - Sync — Added
--statusflag to show daemon and connector state, outputting as JSON. - Contacts — Added profile picture (
avatar_url) to contacts and backfilled URLs for existing messages. - Doctor — Added connection health checks and offered re-authentication on failure.
- CLI — Added connector-specific forward subcommands for Gmail, Slack, and Telegram.
Changed
- Knowledge Base — Made
void kb syncregistration-only, deferring the actual indexing to the sync daemon. - Setup — Slack re-authentication now keeps existing tokens on empty input and populates them as defaults.
- Setup — Slack re-authentication prints the refresh token save path to clarify it's not in config.toml.
- Codebase — Split large modules (hooks, config, and kb/db) and extracted duplicated forward helpers to a shared module.
Fixed
- CLI — Fixed pagination metadata (
total_elements,total_pages) being inflated when context dedup removed messages from the result set. Count and data queries now apply identical filtering at the SQL level. - Knowledge Base — Handled multi-byte UTF-8 characters in the text chunker.
- Knowledge Base — Suppressed noisy html5ever foster-parenting warnings during sync.
- Gmail — Included email subject in message metadata JSON.
- Gmail — Enforced base64 and HTML formatting for email bodies.
- Calendar — Validated and normalized datetime inputs to RFC 3339.
- Slack — Added idle watchdog to detect stale WebSockets after hibernation.
- Slack / Gmail — Caught up on missed messages after hibernation.
- Doctor — Included event subscription config token validity in the health check.
- Doctor — Correctly handled interactive re-authentication for Slack.
v0.5.0
Added
- CLI — Added
--pageparameter and pagination metadata to all list commands. - Slack — Downloaded files locally for auth-free access instead of requiring Slack tokens to view attachments.
- Slack — Retroactively downloaded files for previously synced messages on startup.
- Slack — Automatically deleted cached files when the parent message is archived.
- Archive — Added
--beforeflag for bulk date-based archiving.
Changed
- Slack — Removed unused
exclude_channelsconfig field.
v0.4.2
Added
- Slack — Auto-repair event subscriptions at sync startup. Slack silently disables event subscriptions when the CLI is not running for a while; void now detects this and restores them automatically via the App Manifest API.
- Slack setup — Added optional Step 6 to collect App ID and Config Refresh Token for the auto-repair feature.
Fixed
- Slack — Always force-update the manifest on sync startup. Slack keeps events listed in the exported manifest even when the "Enable Events" toggle is OFF, so checking the manifest alone was unreliable.
- Sync — Prevented premature force-exit and improved shutdown signal logging.