Store a default directory on workspace identities and auto-create bindings on first inbound message. Remove the bindings editor from the Identities UI and keep /dir as the advanced override.
Enforces workspace-scoped owpenbot identities/bindings via openwork-server, updates the Identities UI and Tauri status schema, and adds UX evidence screenshots.
* feat: proxy owpenbot via openwork-server
Unify client surface by routing owpenbot through /owpenbot/* (+ /w/:id/owpenbot/*), and move QR/token flows off interactive CLI calls. Sandbox mode keeps owpenbot internal (no extra published port) while preserving health + config via the edge.
* chore(desktop): refresh Cargo.lock
Update the Tauri crate lockfile so linux CI can run with --locked.
* feat(server): add scoped tokens, inbox/outbox, toy UI, and auth hardening
- TokenService with file-based persistence (tokens.json)
- /tokens CRUD (host auth), /whoami (client auth)
- Bearer token auth accepting OPENWORK_TOKEN or scoped tokens
- POST /workspace/:id/inbox (multipart upload)
- GET /workspace/:id/artifacts, /workspace/:id/artifacts/:id
- Toy UI at /ui with SSE, prompt send, inbox upload, outbox download
- Extended GET /capabilities with schemaVersion, serverVersion, approvals info
- Updated README with all new endpoints and auth model
* feat(headless): add sandbox runtime with Docker and Apple container backends
- --sandbox none|auto|docker|container CLI flag
- --sandbox-image, --sandbox-persist-dir, --sandbox-mount options
- Mount security: allowlist, blocked patterns, symlink resolution
- Docker backend: workspace/persist volumes, sidecar staging, entrypoint
- Apple container backend: --mount type=bind for ro mounts
- Sandbox mode proxies all OpenCode access through openwork-server
- Proxy health check (waitForHealthyViaProxy) avoids SDK auth issues
- Sandbox-specific check suite (runSandboxChecks) for --check mode
- Non-fatal verifyOpenworkServer in sandbox mode for version mismatches
- Updated README with sandbox docs and mount security
* feat(packaging): add Docker/docker-compose PaaS packaging
- Dockerfile (node:22-bookworm-slim, installs openwrk via npm)
- docker-compose.yml with workspace and data volumes
- README with usage instructions
* fix(headless): define sandbox owpenbot internal health port
* fix(owpenbot): make token saves fast and resilient
Persist Telegram/Slack tokens even when owpenbot is offline, bound adapter restarts to avoid long hangs, and refresh UI status with apply warnings.
* chore: update Cargo.lock
Keep desktop Cargo.lock in sync with the crate version so CI cargo --locked passes.
* feat(server): expose all workspaces and support mounted baseUrl
* feat(ui): keep tasks visible across workspaces
* feat(desktop): default engine runtime to openwrk
* feat(owpenbot): route chats by directory bindings
* feat(workspace): add Share modal in workspace menu
* feat(workspace): share workspace from session view
* feat(workspace): store OpenWork token per workspace
* feat(workspace): scope OpenWork sharing via /w/:id mounts
* fix(app): scope and defer reload prompts
Avoid reload-required spam by ignoring .opencode/openwork.json, scoping detection to the active workspace, and deferring prompts until sessions go idle. Add per-workspace auto-reload + optional resume so agent/skill/command updates apply without tearing down the UX.
* chore(desktop): sync Cargo.lock
Keep Cargo.lock consistent with the desktop crate version so CI can run cargo test --locked on Linux.
