aish v0.2.4

What's Changed

• Add R2 release publishing for stable downloads by @F16shen in #127
• Reuse PTY startup handshake during shell startup by @F16shen in #128
• fix: final answer rendering and timing leaks by @F16shen in #129
• chore: release v0.2.4 by @F16shen in #130

Full Changelog: v0.2.3...v0.2.4

aish v0.2.3

What's Changed

• fix: sanitize PyInstaller loader env for subprocesses by @F16shen in #115
• fix: remove implicit timeout from shared PTY commands by @F16shen in #116
• fix: move PTY command tracking off the shell input path by @F16shen in #117
• Update self-update flow to use CDN release metadata by @F16shen in #123
• fix(ci): recreate live smoke install dirs after bundle build by @F16shen in #126
• Release v0.2.3 by @F16shen in #124

Full Changelog: v0.2.2...v0.2.3

aish v0.2.2

What's Changed

• Validate release candidates earlier and add final release check by @F16shen in #108
• fix(llm): avoid interrupting reasoning display with streamed content by @jexShain in #109
• fix(plan): use Shift+Tab and Ctrl+X P toggle by @F16shen in #110
• Release v0.2.2 by @F16shen in #111

Full Changelog: v0.2.1...v0.2.2

aish v0.2.1

What's Changed

• feat(memory): add long-term memory system by @jexShain in #93
• refactor: reorganize aish package structure by @F16shen in #100
• feat: add update and uninstall CLI commands by @jexShain in #101
• feat: add plan mode for aish by @F16shen in #102
• chore: Fix quit exit alias and compact prompt spacing by @F16shen in #104
• feat(timing): add response thinking timer display by @jexShain in #103
• fix(ci): resolve issue where workflow points to old directory by @F16shen in #105
• Release v0.2.1 by @F16shen in #106
• fix(bundle): include shell lazy imports in PyInstaller build by @F16shen in #107

Full Changelog: v0.2.0...v0.2.1

aish v0.2.0

What's Changed

• chore: Improve auto-response bot and fix GitHub Action warnings by @F16shen in #76
• Data cleaning, cleaning line breaks of proxy data by @jexShain in #77
• Refactor tool preflight protocol by @sonald in #78
• Add models usage and refactor models auth by @F16shen in #79
• Refine IPC sandbox fallback handling by @F16shen in #80
• Adjust bash and sandbox timeout defaults by @F16shen in #81
• Refactor skill reminder hot reload context handling by @F16shen in #82
• Refactor ask_user interactions by @F16shen in #83
• feat: improve ask_user and remove unfinished plan module by @F16shen in #84
• refactor: migrate shell to persistent PTY architecture by @F16shen in #85
• fix: include bash_rc_wrapper.sh in PyInstaller bundle by @jexShain in #87
• docs: update README and README_CN by @enderfirst in #88
• Add live smoke workflow and tests by @F16shen in #86
• Create live smoke basetemp parent in workflow by @F16shen in #89
• CI: Tighten live smoke tool verification by @F16shen in #90
• Release v0.2.0 by @F16shen in #91
• Integrate live smoke into release preparation by @F16shen in #92

Full Changelog: v0.1.3...v0.2.0

aish v0.1.3

What's Changed

• Add multilingual docs by @enderfirst in #51
• Remove unreleased changelog flow by @F16shen in #52
• fix: retry transient OpenAI Codex request failures by @guanzi008 in #47
• fix: always prefer sandbox IPC when enabled by @F16shen in #57
• fix: support frozen sandbox worker entry by @F16shen in #59
• added loading mode for assigning keys by @jexShain in #53
• Update README_CN.md by @enderfirst in #61
• Encourage users to star the AISH project by @enderfirst in #62
• feat: add multilingual locale support by @F16shen in #60
• Update README_CN.md by @enderfirst in #63
• Add star encouragement message to README by @enderfirst in #64
• fix: restore sandbox action i18n labels by @F16shen in #67
• aish supports shell prompts by @jexShain in #66
• optimize AI response message box by @jexShain in #68
• Release v0.1.3 by @F16shen in #71
• input is required; press Enter to correct the error. by @jexShain in #70
• fix: preserve prompt hook trailing spaces by @F16shen in #72
• refactor: centralize tool result handling by @sonald in #74
• Optimize packaging and loading of default .aish files by @jexShain in #73

New Contributors

• @enderfirst made their first contribution in #51
• @sonald made their first contribution in #74

Full Changelog: v0.1.2...v0.1.3

aish v0.1.2

[0.1.2] - 2026-03-14

Added

• Added a provider abstraction layer for OAuth-backed integrations, including a reusable provider registry and shared OAuth helpers.
• Added regression coverage for release metadata extraction so tagged releases read notes from the versioned changelog section.

Changed

• Changed the release pipeline to be fully tag-driven by removing the manual Release PR workflow and creating GitHub Releases directly from stable tag pushes.
• Changed OpenAI Codex provider internals to use the shared provider/OAuth architecture for future provider expansion.

Fixed

• Fixed LiteLLM provider tool calls so forwarded tool parameters reach the provider correctly.

aish v0.1.1

[0.1.1] - 2026-03-13

Added

• Added built-in OpenAI Codex OAuth support.
• Added a manual Release PR workflow to prepare version bumps and release notes before publication.
• Added a unified Release Preparation workflow that validates the target version and dry-runs release bundles before the final release.

Changed

• Changed the release pipeline to publish Linux binary bundles for amd64 and arm64, with install and smoke-test verification in CI.
• Changed release metadata handling so version normalization, changelog extraction, and previous-tag discovery are generated consistently for release workflows.

Removed

• Removed Debian package publishing from the release path; new releases should be installed from the published binary bundle instead of a .deb package.

Fixed

• Fixed bundle install and uninstall scripts so packaged binaries, services, and install layout are handled consistently.
• Fixed Linux bundle smoke tests to match the installer layout used by release artifacts.
• Fixed startup welcome screen rendering regressions.
• Fixed official website redirection failures.

What's Changed

• Remove blog link from ROADMAP.md by @MicalLee0415 in #5
• Remove auto dependbot by @jexShain in #6
• support switching language template, optimize pr creation template by @jexShain in #8
• Init CI workflow by @F16shen in #9
• chore: remove extra docs by @F16shen in #11
• remove titoken cache data files by @F16shen in #12
• fix: Official website redirection failure issue by @LJTian in #14
• fix: surface raw litellm error messages by @F16shen in #22
• update demo_show.gif by @jexShain in #23
• fix: restore startup welcome screen rendering by @F16shen in #24
• feat: add built-in OpenAI Codex OAuth support by @guanzi008 in #25
• Create release workflow by @F16shen in #40
• ci: streamline release workflow by @F16shen in #42
• docs: align bundle install guidance by @F16shen in #43
• ci: fix release PR changelog extraction by @F16shen in #44

New Contributors

• @MicalLee0415 made their first contribution in #5
• @jexShain made their first contribution in #6
• @F16shen made their first contribution in #9
• @LJTian made their first contribution in #14
• @guanzi008 made their first contribution in #25

Full Changelog: v0.1.0...v0.1.1

aish_0.1.0

AI Shell (aish) Release Notes

v0.1.0 (Initial Release) — 2026-03-06

AI Shell is an AI-powered shell for everyday terminal work. It brings Q&A, explanations, suggestions, and troubleshooting directly into the terminal without changing your existing command-line habits, while also providing safety confirmation and blocking mechanisms based on security policies and sandbox availability to reduce the risk of accidental operations.

I. Version Overview

• Built-in terminal AI assistant: In aish, you can start AI requests directly by typing ;. This lets you ask questions, explain commands, request solutions, and use tools to complete tasks without leaving the command line.
• Multi-model, multi-provider integration: Built on LiteLLM, it supports a variety of mainstream model providers and allows custom API Base configuration.
• Security mechanisms for AI operations: Provides risk-level assessment and confirmation/blocking for AI-triggered commands and changes, depending on sandbox capabilities.
• Skills mechanism (extensible and hot-reloadable): Supports loading Skills from specified directories and hot reloading them during runtime.

II. Core Features and Capabilities

1. Terminal Interaction and AI Collaboration

• Interactive REPL shell: Standard commands run normally with full PTY support and compatibility with common interactive programs.
• AI mode: Input starting with ; (or the Chinese full-width ；) triggers an AI request. Within a conversation, you can combine tool usage to run commands, read or edit files, and troubleshoot issues.
• Terminal UI: Built on Rich, with support for streaming output, thinking indicators, and Ctrl+C interruption with input recovery for long conversations or tasks.
• System diagnostic capabilities: Includes built-in diagnostic workflows for log analysis and troubleshooting scenarios, and can produce structured conclusions and suggestions with the help of tools and Skills.

2. Tool Invocation and File/Code Operations

• Tool call suite (built in for AI): bash_exec, python_exec, read_file, write_file, edit_file, ask_user, system_diagnose_agent, skill.

  • bash_exec: Executes non-interactive shell commands.
  • python_exec: Executes Python code.
  • read_file: Reads file contents.
  • write_file: Overwrites file contents.
  • edit_file: Edits files through string replacement.
  • ask_user: Interrupts execution to ask the user for options or input.
  • system_diagnose_agent: A diagnostic agent.
  • skill: Invokes a Skill.

• Cross-file operation capabilities: Supports reading and editing multiple files to complete batch changes, and can verify those changes by running commands, including tests, through bash_exec.

• Built-in command compatibility: Provides dedicated handling for commands that modify shell state: cd, pushd, popd, export, unset, dirs, pwd, history.

3. Skill Extension Mechanism and Hot Reloading

• Skill configuration and loading: Supports loading Skills from the user directories ~/.config/aish/skills/ (or $AISH_CONFIG_DIR/skills) and ~/.claude/skills/. If names conflict, Skills in the user directory take precedence.
• Skill metadata and permissions: Uses YAML front matter in SKILL.md to describe capabilities, allowed_tools, and related metadata.
• Hot reloading: Monitors Skill directories during runtime. Added, removed, or modified Skills automatically take effect on the next tool-list build or Skill invocation (lazy reload), without requiring a restart.
• Large-output offloading: If bash_exec output exceeds a threshold, it is written to disk and only a preview is shown, along with the path to the full output file. In PTY mode, a limited number of bytes is retained, and the excess is written to an offload file. Both the threshold and directory are configurable.

4. Security and Risk Control

• AI command safety detection: AI-triggered commands and changes are assessed by risk level (LOW / MEDIUM / HIGH), with explainable reasons for each match.

• Confirmation and blocking mechanism: When the sandbox is available or a policy rule is matched, MEDIUM-risk actions require confirmation and HIGH-risk actions are blocked. If the sandbox is unavailable, handling falls back to the sandbox_off_action rule, which may allow, require confirmation for, or block the action.

• Sandbox and policies: The sandbox is preferred for risk analysis. If the sandbox is unavailable, fallback actions defined in security policies are applied instead, such as requiring confirmation or blocking the action.

  • System-level policy: /etc/aish/security_policy.yaml
  • User-level policy: ~/.config/aish/security_policy.yaml (a template is generated automatically if it does not exist)
  • Enabling the sandbox service is recommended for full protection.

• Optional whitelist: Supports pre-approving specific AI commands, effective only when the sandbox is available, to reduce repeated confirmations.

III. Observability and Configuration

• Configuration system: Supports configuration files, environment variables, and command-line arguments together. Priority is: command-line arguments > environment variables > configuration files. Output language can be configured or auto-detected.
• Interactive configuration and model switching: On first run, a wizard guides the user through selecting a provider/model and verifying tool calls. /setup allows reconfiguration, and /model <name> validates and switches the model.
• Observability (optional): Langfuse can be enabled for LLM observability and tracing. It is disabled by default.
• History and session persistence: Command and AI-request history is written to SQLite in WAL mode, supporting cross-session queries. The database path can be configured through session_db_path.

IV. Known Limitations and Future Plans

• Long-running tasks and large output: Output generated by long-running commands or large-result commands may exceed the model's context limit and may not be processed in full. In such cases, it is recommended that users run those commands directly in the shell.

• Context trimming and budget: Supports configuring max_llm_messages, max_shell_messages, and an optional context_token_budget. Context is automatically trimmed when limits are exceeded.

• Sandbox unavailability: If the sandbox is unavailable, security capabilities are significantly reduced.

• Planned improvements:

  • Better support for long-running tasks
  • Improved terminal rendering and interaction, with better performance for large contexts
  • Ongoing refinement of functionality and security based on user feedback
  • Improved sandbox error handling
  • Enhanced Skill execution and extensibility

V. Compatibility

• Primarily intended for Linux interactive terminal environments.
• Runtime environment: Python 3.10+.
• Verified on:
  • Deepin V25
  • Ubuntu 24.04

Sandbox capabilities and interaction experience may vary across platforms and distributions.

VI. Community

• Join our Discord to connect with other users and developers.