Skip to main content

Changelog

Release notes for Cody CLI, covering v0.8.74 through v0.11.0 (June 2026).


v0.11.0 (June 29, 2026)

Auto Mode

  • /auto on enables smart permission handling — safe actions (file reads, grep, git status) run without prompting
  • Classifier categorizes every tool call as safe, review, or dangerous
  • Dangerous operations (rm, git push, sudo) still require explicit approval
  • /auto off returns to standard permission prompts

Agent View

  • /agent-view (alias /av) shows all running, completed, and failed agents
  • See agent ID, type, status, duration, token usage, and last activity
  • /agent-view <id> for detailed agent info
  • /agent-view kill <id> to stop a running agent

Dynamic Workflows

  • /workflow run <file.yml> executes YAML-defined multi-step agent pipelines
  • Steps can declare dependencies — independent steps run in parallel
  • /workflow list shows available workflows in .cody/workflows/
  • /workflow init creates a sample workflow template
  • Supports topological ordering with circular dependency detection

PR Review Automation

  • /pr-review reviews the current branch's PR for bugs, security, and performance
  • /pr-review <number> or /pr-review <url> for specific PRs
  • /pr-fix fetches review comments and auto-generates code fixes
  • Uses GitHub CLI (gh) for PR data — works with any GitHub repo

v0.10.2 (June 28, 2026)

Session Recap

  • /recap shows what happened in the last 5 minutes
  • /recap 10 for last 10 minutes, /recap all for full session
  • Tracks tool use, errors, task completions, and messages

File Monitor

  • /monitor start <path> watches files/directories for changes
  • /monitor status reports accumulated changes since last check
  • /monitor stop to end watching
  • Uses native fs.watch for low-overhead monitoring

Push Notifications

  • /notifications on enables mobile push notifications
  • Get notified when background tasks complete or errors occur
  • /notifications test sends a test notification
  • Integrates with AINative mobile app pairing

v0.10.1 (June 28, 2026)

Deny Rule Param Matching

  • Permission deny rules now support parameter matching: Tool(param:value)
  • Example: Bash(command:rm -rf) blocks rm commands specifically
  • Example: Agent(subagent_type:security-reviewer) blocks a specific agent
  • Uses contains-matching — rm -rf matches inside longer commands
  • Backward compatible — plain Tool rules still work

Inline Config

  • /config model=kimi-k2 sets model without opening the config menu
  • /config theme=dark switches theme inline
  • /config verbose=true toggles verbose mode
  • No args still opens the interactive settings panel

Loop Self-Pacing

  • /loop 5 run tests and fix failures repeats an instruction N times
  • /loop until all tests pass loops until a condition is met (max 20 iterations)
  • Self-paces: backs off after 3 consecutive identical errors

Interactive Lessons

  • /powerup shows a menu of guided tutorials
  • 6 lessons: tools, agents, MCP servers, memory, skills, code review
  • Each lesson walks through the feature with live examples

MCP Auth from Shell

  • /mcp-login <server> authenticates with an MCP server via OAuth
  • /mcp-logout <server> clears stored credentials
  • No args lists available MCP servers

v0.10.0 (June 28, 2026)

Nested Sub-Agents (5-Level Deep)

  • Agents can now spawn sub-agents up to 5 levels deep
  • Enables complex multi-step workflows where agents delegate specialized tasks
  • Depth tracked via AsyncLocalStorage — no parameter drilling
  • Background agents can also nest

Security Review Plugin

  • New security-reviewer built-in agent for OWASP Top 10 scanning
  • /security-review command reviews code changes for vulnerabilities
  • Covers: SQL injection, XSS, command injection, path traversal, hardcoded secrets, SSRF, insecure crypto, missing auth, insecure deserialization, security misconfiguration
  • Outputs structured findings: severity, file:line, description, fix suggestion

v0.9.8–v0.9.9 (June 27, 2026)

Autonomous Goal Mode

  • /goal <condition> — Cody works autonomously until a condition is met
  • Example: /goal all tests pass with 80% coverage
  • Maximum 20 turns, backs off after 3 failed attempts
  • Reports "Goal achieved" or "Goal blocked" with summary

Code Review

  • /code-review reviews staged or last-commit changes for bugs
  • Detects edge cases, security issues, and missing error handling
  • Cites line numbers and suggests specific fixes
  • Truncates large diffs (50K char limit)

Background Agents

  • /bg <task> delegates work to a background agent instantly
  • Continue working in the foreground while the agent runs
  • Get notified when background tasks complete
  • /tasks shows progress of all running agents

Token & Cost Tracking

  • /usage and /session-usage show real-time token usage
  • Displays model, turns, input/output tokens, and estimated cost
  • Works with all models including free-tier

Better Instruction Following

  • System prompt now enforces literal instruction following
  • "Only change X" means change ONLY X
  • Model won't add unsolicited features, refactor code, or add comments
  • Asks for clarification instead of assuming

Model Registry Optimization

  • Trimmed from 44 models to 9 top coding models
  • Removed embeddings, audio, image, and video models from CLI
  • System prompt reduced from 59K to 43K characters (-28%)
  • Saves ~4K tokens per API request

v0.9.5 (June 27, 2026)

Shell Auto-Explain

  • ! npm test — run a shell command and get automatic explanation of the output
  • Triggers on 4+ lines of output
  • Explains errors, test failures, and build output

Default Model Switch

  • Free tier default: DeepSeek 4 Flash (79% SWE-Bench)
  • Paid tier default: Kimi K2 (80.2% SWE-Bench, best open-source coding model)

v0.9.2 (June 27, 2026)

UX Quick Wins

  • /rewind — resume conversation from before /clear
  • --dry-run flag — see what would be sent to the LLM without API call
  • --color flag — force or disable color output
  • --output-format markdown — structured markdown output for CI/CD
  • Streaming progress indicators for long operations
  • Structured error codes (ERR_AUTH, ERR_MODEL, ERR_RATE_LIMIT, etc.)

v0.8.90–v0.9.1 (June 13–19, 2026)

  • Built-in web search via Brave API in the AINative gateway
  • Models can search the web without external MCP servers

Auth & Security

  • Retry transient 401 errors for API key users (2-second delay)
  • Detect upstream rate limits disguised as 401 errors
  • Proprietary license (corrected from Apache-2.0)
  • Voice kill-switch fixed
  • User-Agent and cache paths updated to cody-cli

Package & Distribution

  • Package size reduced from 42.7MB to 22MB (removed stale build artifacts)
  • Tab autocomplete placeholder hints working reliably
  • Postinstall and welcome message fixes

RLHF Data Capture

  • Fire-and-forget interaction data to ZeroDB
  • Respects essential-traffic-only privacy setting
  • Session UUID prevents key collisions

v0.8.74–v0.8.89 (June 10–12, 2026)

Core Features (Batch 1)

  • /skill-marketplace — browse and install skills from catalog
  • /cd — change working directory mid-session
  • --safe-mode — disable plugins and custom skills
  • disableBundledSkills config option
  • Fallback model chain with automatic retry
  • Client-side Cerebras rate limiter (5 RPM)
  • ZeroDB MCP URL centralized

Test Framework

  • Comprehensive CLI test framework with spawn utilities
  • E2E tests for CLI basics, API integration, MCP connections
  • Live API tests with CODY_E2E_API_KEY env var

Summary

MetricValue
Versions shippedv0.8.74 → v0.11.0 (37 releases)
Features built50+
Issues closed220+
Tests1,274 (including 144 stress tests)
Models available9 top coding models
Default (free)DeepSeek 4 Flash (79% SWE-Bench)
Default (paid)Kimi K2 (80.2% SWE-Bench)
Package size4.4 MB (npm), 22 MB (unpacked)
System prompt43K chars (optimized from 59K)