Changelog
Release notes for Cody CLI, covering v0.8.74 through v0.11.0 (June 2026).
v0.11.0 (June 29, 2026)
Auto Mode
/auto onenables smart permission handling — safe actions (file reads, grep, git status) run without prompting- Classifier categorizes every tool call as safe, review, or dangerous
- Dangerous operations (rm, git push, sudo) still require explicit approval
/auto offreturns to standard permission prompts
Agent View
/agent-view(alias/av) shows all running, completed, and failed agents- See agent ID, type, status, duration, token usage, and last activity
/agent-view <id>for detailed agent info/agent-view kill <id>to stop a running agent
Dynamic Workflows
/workflow run <file.yml>executes YAML-defined multi-step agent pipelines- Steps can declare dependencies — independent steps run in parallel
/workflow listshows available workflows in.cody/workflows//workflow initcreates a sample workflow template- Supports topological ordering with circular dependency detection
PR Review Automation
/pr-reviewreviews the current branch's PR for bugs, security, and performance/pr-review <number>or/pr-review <url>for specific PRs/pr-fixfetches review comments and auto-generates code fixes- Uses GitHub CLI (
gh) for PR data — works with any GitHub repo
v0.10.2 (June 28, 2026)
Session Recap
/recapshows what happened in the last 5 minutes/recap 10for last 10 minutes,/recap allfor full session- Tracks tool use, errors, task completions, and messages
File Monitor
/monitor start <path>watches files/directories for changes/monitor statusreports accumulated changes since last check/monitor stopto end watching- Uses native fs.watch for low-overhead monitoring
Push Notifications
/notifications onenables mobile push notifications- Get notified when background tasks complete or errors occur
/notifications testsends a test notification- Integrates with AINative mobile app pairing
v0.10.1 (June 28, 2026)
Deny Rule Param Matching
- Permission deny rules now support parameter matching:
Tool(param:value) - Example:
Bash(command:rm -rf)blocks rm commands specifically - Example:
Agent(subagent_type:security-reviewer)blocks a specific agent - Uses contains-matching —
rm -rfmatches inside longer commands - Backward compatible — plain
Toolrules still work
Inline Config
/config model=kimi-k2sets model without opening the config menu/config theme=darkswitches theme inline/config verbose=truetoggles verbose mode- No args still opens the interactive settings panel
Loop Self-Pacing
/loop 5 run tests and fix failuresrepeats an instruction N times/loop until all tests passloops until a condition is met (max 20 iterations)- Self-paces: backs off after 3 consecutive identical errors
Interactive Lessons
/powerupshows a menu of guided tutorials- 6 lessons: tools, agents, MCP servers, memory, skills, code review
- Each lesson walks through the feature with live examples
MCP Auth from Shell
/mcp-login <server>authenticates with an MCP server via OAuth/mcp-logout <server>clears stored credentials- No args lists available MCP servers
v0.10.0 (June 28, 2026)
Nested Sub-Agents (5-Level Deep)
- Agents can now spawn sub-agents up to 5 levels deep
- Enables complex multi-step workflows where agents delegate specialized tasks
- Depth tracked via AsyncLocalStorage — no parameter drilling
- Background agents can also nest
Security Review Plugin
- New
security-reviewerbuilt-in agent for OWASP Top 10 scanning /security-reviewcommand reviews code changes for vulnerabilities- Covers: SQL injection, XSS, command injection, path traversal, hardcoded secrets, SSRF, insecure crypto, missing auth, insecure deserialization, security misconfiguration
- Outputs structured findings: severity, file:line, description, fix suggestion
v0.9.8–v0.9.9 (June 27, 2026)
Autonomous Goal Mode
/goal <condition>— Cody works autonomously until a condition is met- Example:
/goal all tests pass with 80% coverage - Maximum 20 turns, backs off after 3 failed attempts
- Reports "Goal achieved" or "Goal blocked" with summary
Code Review
/code-reviewreviews staged or last-commit changes for bugs- Detects edge cases, security issues, and missing error handling
- Cites line numbers and suggests specific fixes
- Truncates large diffs (50K char limit)
Background Agents
/bg <task>delegates work to a background agent instantly- Continue working in the foreground while the agent runs
- Get notified when background tasks complete
/tasksshows progress of all running agents
Token & Cost Tracking
/usageand/session-usageshow real-time token usage- Displays model, turns, input/output tokens, and estimated cost
- Works with all models including free-tier
Better Instruction Following
- System prompt now enforces literal instruction following
- "Only change X" means change ONLY X
- Model won't add unsolicited features, refactor code, or add comments
- Asks for clarification instead of assuming
Model Registry Optimization
- Trimmed from 44 models to 9 top coding models
- Removed embeddings, audio, image, and video models from CLI
- System prompt reduced from 59K to 43K characters (-28%)
- Saves ~4K tokens per API request
v0.9.5 (June 27, 2026)
Shell Auto-Explain
! npm test— run a shell command and get automatic explanation of the output- Triggers on 4+ lines of output
- Explains errors, test failures, and build output
Default Model Switch
- Free tier default: DeepSeek 4 Flash (79% SWE-Bench)
- Paid tier default: Kimi K2 (80.2% SWE-Bench, best open-source coding model)
v0.9.2 (June 27, 2026)
UX Quick Wins
/rewind— resume conversation from before/clear--dry-runflag — see what would be sent to the LLM without API call--colorflag — force or disable color output--output-format markdown— structured markdown output for CI/CD- Streaming progress indicators for long operations
- Structured error codes (ERR_AUTH, ERR_MODEL, ERR_RATE_LIMIT, etc.)
v0.8.90–v0.9.1 (June 13–19, 2026)
Web Search
- Built-in web search via Brave API in the AINative gateway
- Models can search the web without external MCP servers
Auth & Security
- Retry transient 401 errors for API key users (2-second delay)
- Detect upstream rate limits disguised as 401 errors
- Proprietary license (corrected from Apache-2.0)
- Voice kill-switch fixed
- User-Agent and cache paths updated to
cody-cli
Package & Distribution
- Package size reduced from 42.7MB to 22MB (removed stale build artifacts)
- Tab autocomplete placeholder hints working reliably
- Postinstall and welcome message fixes
RLHF Data Capture
- Fire-and-forget interaction data to ZeroDB
- Respects essential-traffic-only privacy setting
- Session UUID prevents key collisions
v0.8.74–v0.8.89 (June 10–12, 2026)
Core Features (Batch 1)
/skill-marketplace— browse and install skills from catalog/cd— change working directory mid-session--safe-mode— disable plugins and custom skillsdisableBundledSkillsconfig option- Fallback model chain with automatic retry
- Client-side Cerebras rate limiter (5 RPM)
- ZeroDB MCP URL centralized
Test Framework
- Comprehensive CLI test framework with spawn utilities
- E2E tests for CLI basics, API integration, MCP connections
- Live API tests with
CODY_E2E_API_KEYenv var
Summary
| Metric | Value |
|---|---|
| Versions shipped | v0.8.74 → v0.11.0 (37 releases) |
| Features built | 50+ |
| Issues closed | 220+ |
| Tests | 1,274 (including 144 stress tests) |
| Models available | 9 top coding models |
| Default (free) | DeepSeek 4 Flash (79% SWE-Bench) |
| Default (paid) | Kimi K2 (80.2% SWE-Bench) |
| Package size | 4.4 MB (npm), 22 MB (unpacked) |
| System prompt | 43K chars (optimized from 59K) |