## **Description:**
**Context:**
This PR introduces an initial CSV preview feature for Zed, building upon
two previously merged infrastructure PRs:
- [#46341](https://github.com/zed-industries/zed/pull/46341) - Data
table dynamic column support (removed const generics)
- [#46190](https://github.com/zed-industries/zed/pull/46190) - Variable
row height mode for data tables
This implementation is based on the [original draft PR
#44344](https://github.com/zed-industries/zed/pull/44344), which has
been carefully decomposed into smaller, reviewable pieces.
---
#### **Features Included:**
**Core Infrastructure:**
- Live CSV parsing with smart debouncing (200ms cooldown)
- Performance monitoring with built-in timing metrics (not displayed in
UI yet)
- Automatic file change detection and re-parsing
- Support for quoted fields, multiline cells, and escaped characters
**Table Display:**
- Variable row height rendering with fallback to uniform mode
(switchable via settings)
- Draggable column resizing (reusing existing data table infrastructure)
- Row identifiers supporting both source line numbers and sequential row
numbers
- Configurable font rendering (UI font vs monospace)
- Tooltips showing full cell content on hover
**Interactive Features:**
- Column sorting (ascending/descending) with visual indicators
**Settings Panel:**
- Toggle between variable/uniform row rendering
- Font type selection (UI/monospace)
- Row identifier type configuration
- Debug information display
- Multiline cell rendering options
---
#### **Features Intentionally Removed for This PR:**
To reduce complexity and review scope, the following features were
temporarily reverted and will be reintroduced in subsequent PRs:
- ❌ Settings pannel with performance metrics overlay
- ❌ Cell selection (single, multiple, and range selections)
- ❌ Keyboard navigation with arrow keys and selection extension
- ❌ Copy functionality supporting CSV, TSV, and Markdown table formats
- ❌ Inline cell editing with file persistence
- ❌ Viewport following for large datasets
- ❌ Column filtering and search capabilities
These removals were done via "time-machine" commits that cleanly nuked
vertical slices of functionality from the complete implementation.
---
**Technical Implementation:**
The feature is organized into a dedicated `csv_preview` crate with the
following structure:
```
crates/csv_preview/
├── src/
│ ├── csv_preview.rs # Main view and coordination logic
│ ├── parser.rs # CSV parsing and editor integration
│ ├── settings.rs # Configuration types and defaults
│ ├── table_data_engine.rs # Data transformation logic
│ ├── renderer/ # UI rendering modules
│ │ ├── preview_view.rs # Main render implementation
│ │ ├── render_table.rs # Table component assembly
│ │ ├── table_cell.rs # Individual cell rendering
│ │ ├── table_header.rs # Header with sorting controls
│ │ └── row_identifiers.rs # Line number column
│ └── types/ # Core data structures
│ ├── table_like_content.rs
│ ├── coordinates.rs # Display vs data coordinate systems
│ └── table_cell.rs
```
**Key architectural decisions:**
- **Dual coordinate system**: Separates data indices from display
indices to support sorting/filtering
- **Component reuse**: Leverages existing `data_table` infrastructure
from the keymap editor
---
**Integration:**
- Registers `csv::OpenPreview` action (currently without default
keybindings)
- Follows the same workspace integration pattern as `markdown_preview`
and `svg_preview`
- Automatically detects `.csv` file extensions
- Tab integration with appropriate icons and naming
---
**Code Structure Note:**
Some code structures, types, and documentation may appear redundant or
over-engineered in this initial implementation. This is intentional -
the feature was developed as a complete system and then decomposed by
functionality rather than being built incrementally. The "extra"
infrastructure supports features that were removed for this PR but will
be reintroduced in subsequent ones.
This approach was chosen over extensive refactoring because:
1. The complete feature took 200+ commits to develop with significant
rewrites
2. Clean extraction of vertical slices was more feasible than rebuilding
incrementally
3. The end state will utilize all these components, making current
"redundancy" temporary
I apologize for any inconvenience this may cause during review, but the
alternative would have required significant refactoring effort just to
make intermediate states "prettier," which seemed counterproductive.
---
**Future Work:**
This lays the groundwork for upcoming PRs that will reintroduce the
removed features:
- Cell selection and keyboard navigation
- Copy functionality with multiple output formats
- Inline editing capabilities with undo/redo
- Column filtering and search
- TSV and other delimiter support
- Improved horizontal scrolling behavior
- Settings persistence
**Testing:**
Includes test fixtures demonstrating multiline cell handling, various
column counts, and edge cases.
---
**Release Notes:**
- N/A This is feature flagged
---------
Co-authored-by: Anthony Eid <anthony@zed.dev>
Closes#48434
In Dev Containers, failed git operations were surfaced with a generic
failure message, while the useful git output (stderr/stdout) was not
reliably available to users.
This happened because in devcontainers the git operation errors go
through an RPC layer and then got wrapped with `anyhow::Context` (e.g.
“sending pull request”); the toast displayed only that outer context via
`to_string()`, masking the underlying git stderr message.
This change ensures the full git operation output is preserved and
surfaced via Zed’s “See logs” flow in Dev Containers, matching the
information you get when running the same git command in a terminal.
### What you should expect in the UI
- You will see a generic toast like “git pull failed” / “git push
failed”.
- When clicking on the toast’s “See logs”, the log tab now contains the
full git error output (e.g. non-fast-forward hints, merge conflict
details, “local changes would be overwritten”, etc.), which previously
could be missing/too generic.
---
## Manual testing
Run inside a Dev Container and ensure git auth works (SSH keys/agent or
HTTPS credentials).
1. **Dirty-tree pull failure**
- Make remote ahead by 1 commit (push from another clone).
- Locally modify the same file without committing.
- In Zed: **Pull**
- **Expect:** toast “git pull failed” + **See logs** shows “local
changes would be overwritten…” (or equivalent).
2. **Non-fast-forward push failure**
- Ensure remote ahead.
- Locally create 1 commit.
- In Zed: **Push**
- **Expect:** toast “git push failed” + **See logs** shows “rejected
(non-fast-forward)” + hint to pull first.
3. **Merge-conflict pull failure**
- Create conflicting commits on the same lines (one local commit, one
remote commit).
- In Zed: **Pull**
- **Expect:** toast “git pull failed” + **See logs** shows conflict
output (“CONFLICT…”, “Automatic merge failed…”).
Release Notes:
- Fixed devcontainer git failure toasts so they show the actual git
error
---------
Co-authored-by: KyleBarton <kjb@initialcapacity.io>
#50176 added `recoverable_panic` to swallow mermaid panics, then #50280
fixed it in upstream. This PR removes the workaround so future panics
reach Sentry. Also bumps `mermaid-rs-renderer` to fix a hex parsing
panic.
Release Notes:
- N/A
Implements a basic web platform for the wasm32-unknown-unknown target
for gpui
Release Notes:
- N/A *or* Added/Fixed/Improved ...
---------
Co-authored-by: John Tur <john-tur@outlook.com>
Paving the way to remove `ExcerptId`. Done in this PR:
- Unshipped the stack trace view
- Get rid of `push_excerpts`
- Get rid of some callers of `remove_excerpts`
We still need to remove some calls to `remove_excerpts` and other APIs,
especially in `randomly_edit_excerpts` and collaboration.
Release Notes:
- The stack trace multibuffer view has been removed.
---------
Co-authored-by: Conrad Irwin <conrad.irwin@gmail.com>
The mermaid renderer can fail to render certain diagrams, and we already
have a fallback for that. It's not worth crashing Zed over it.
Wrapping `catch_unwind` alone doesn't work because our panic hooks
terminate the process before unwinding begins (we intentionally
terminate so the crash handler subprocess can generate a minidump), so
there was no way to gracefully handle panics from third-party code until
now (in rare cases where we need it, like in this case).
To handle this gracefully, we added `crashes::recoverable_panic` which
tells the panic hook to stand down on the current thread so the unwind
can proceed and be caught. This should be used sparingly since caught
panics bypass crash reporting.
Release Notes:
- Fixed a crash when rendering mermaid diagrams in markdown preview.
We don't want to show the sidebar to users if they have `disable_ai`
enabled because it's an AI focused feature. In the future if we add non
AI functionality to the sidebar we'll reenable it.
Before you mark this PR as ready for review, make sure that you have:
- [x] Added a solid test coverage and/or screenshots from doing manual
testing
- [x] Done a self-review taking into account security and performance
aspects
- [x] Aligned any UI changes with the [UI
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
Release Notes:
- N/A
- Enabled opening the Git Graph, with the corresponding commit detail
drawer open, from the commit view
- Redesigned the commit view's header and toolbar to allow addition of
the Git Graph icon button
- Redesigned icons for the Git Graph and commit view
https://github.com/user-attachments/assets/8efef60a-0893-4752-9b40-838da21ceb54
---
Before you mark this PR as ready for review, make sure that you have:
- [x] Added a solid test coverage and/or screenshots from doing manual
testing
- [x] Done a self-review taking into account security and performance
aspects
- [x] Aligned any UI changes with the [UI
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
Release Notes:
- N/A (_Git Graph is still feature flagged, so no release notes for
now_)
Closes #ISSUE
Before you mark this PR as ready for review, make sure that you have:
- [x] Added a solid test coverage and/or screenshots from doing manual
testing
- [x] Done a self-review taking into account security and performance
aspects
- [x] Aligned any UI changes with the [UI
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
Release Notes:
- N/A *or* Added/Fixed/Improved ...
We see a number of crashes in Sentry that appear to be crashes in
wasmtime.
This shouldn't happen, as wasmtime is designed to run untrusted code
"safely".
Looking into this, it seems likely that the problem is that we race with
wasmtime
when installing signal handlers. If wasmtime's handlers are installed
before ours,
then any signals that it intends to handle (like out of bounds memory
access) will
reach our handlers before its; which causes us to assume the app has
crashed.
This changes fixes our crash handler initialization to ensure we always
create
our signal handler first, and reverts a previous attempt to fix this
from #40883
Closes #ISSUE
Before you mark this PR as ready for review, make sure that you have:
- [ ] Added a solid test coverage and/or screenshots from doing manual
testing
- [ ] Done a self-review taking into account security and performance
aspects
- [ ] Aligned any UI changes with the [UI
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
Release Notes:
- Linux: Fixed crashes that could happen due to our crash handler
erroneously catching signals intended for wasmtime.
- Made hover/active styles, as well as clicks, work for the entire row,
capture the graph element, too (needed to make some manual hover and
other states management to pull that off)
- Used the existing `Chip` component for the branch chip instead of a
local recreation
- Adjusted spacing and sizing of commit detail panel, including button
labels truncation and tooltip content
- Added diff stat numbers for the changed files, to match the commit
view
- Standardized the commit avatar component across the git graph, the
commit view, and the file history view
- Added scrollbar to the changed files uniform list
- Removed author name display redundancy (kept only email)
- Made the commit detail UI have a min-width
<img width="750" height="1964" alt="Screenshot 2026-02-23 at 11 31@2x"
src="https://github.com/user-attachments/assets/d1433bd8-5edb-4829-882b-52b1bffbd6db"
/>
---
Before you mark this PR as ready for review, make sure that you have:
- [x] Added a solid test coverage and/or screenshots from doing manual
testing
- [x] Done a self-review taking into account security and performance
aspects
- [x] Aligned any UI changes with the [UI
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
Release Notes:
- N/A
---------
Co-authored-by: Anthony Eid <anthony@zed.dev>
Duplicates are defined as cursor positions that have an approximate
Jaccard similarity greater than 0.5 (over token 5-grams).
From the resulting clusters of near-duplicates, we select up to N
examples that are maximally different from each other.
Release Notes:
- N/A
Third attempt to land this improvement: (#45577, #44273)
The previous PR didn’t work on Intel MacBooks because I made a wrong
assumption about the unified memory check. `has_unified_memory` only
tells us that the CPU and GPU share memory. It does not mean we’re
running on an Apple GPU family.
Memoryless textures are only supported on Apple GPUs. Some Intel Macs
report unified memory, but they don’t support memoryless textures, which
is why the previous change failed there.
So instead of relying on unified memory, we now explicitly check that
we’re running on an Apple GPU family before enabling memoryless
textures.
Before you mark this PR as ready for review, make sure that you have:
- [ ] Added a solid test coverage and/or screenshots from doing manual
testing
- [X] Done a self-review taking into account security and performance
aspects
- [ ] Aligned any UI changes with the [UI
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
Release Notes:
- Reduced memory usage on macOS
---------
Signed-off-by: Marco Mihai Condrache <52580954+marcocondrache@users.noreply.github.com>
Closes#15196, #46918
- fix: notebook_ui, use buffer so that notebooks open in remote/WSL
settings.
- fix: add musl in nix for cross-compilation, without this remote server
doesn't build inside NixOS
Release Notes:
- Implement WSL and SSH remote kernels (crates/repl/src/kernels/*) and
wire up spawn/kill kernel proto messages and client requests.
This PR makes it so the user gets signed out upon receiving an
Unauthorized response when acquiring an LLM token.
This is a re-landing of #49661.
Closes CLO-324.
Release Notes:
- N/A
#2874 on steroids
Before you mark this PR as ready for review, make sure that you have:
- [ ] Added a solid test coverage and/or screenshots from doing manual
testing
- [ ] Done a self-review taking into account security and performance
aspects
- [ ] Aligned any UI changes with the [UI
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
Release Notes:
- N/A
---------
Co-authored-by: Eric Holk <eric@zed.dev>
This reverts commit 1d66bbe06f.
Needs 2 more fixes:
* enter does not move to the first excerpt anymore
* there could be situations when a narrowed search does not decrease the
excerpt enough to see the result onscreen
Release Notes:
- N/A
This PR adds the `AnnouncementToast` component that we can use whenever
a new version introduces a new and special feature that's worthy of a
flashier announcement. We can pick the specific version we want to
target, and instead of showing the regular "View Release Notes" toast,
we'd show this new one instead.
For now, everything is turned off as we're not sure yet which version we
will be targeting for an upcoming release.
<img width="550" height="1964" alt="Screenshot 2026-02-18 at 9 06@2x"
src="https://github.com/user-attachments/assets/19930b15-261b-416f-992e-6e28447beb27"
/>
Release Notes:
- N/A
Before you mark this PR as ready for review, make sure that you have:
- [ ] Added a solid test coverage and/or screenshots from doing manual
testing
- [ ] Done a self-review taking into account security and performance
aspects
- [ ] Aligned any UI changes with the [UI
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
Release Notes:
- N/A
This PR updates Collab to make it validate access tokens through Cloud
instead of doing it in-house.
We're reusing the `GET /client/users/me` endpoint—which is what we also
call on the client—to validate the user's access token.
We only need to do this when establishing a WebSocket connection, so the
increased latency of a network hop shouldn't be a problem.
Closes CLO-308.
Release Notes:
- N/A
This PR adds a button in the `git: branch diff` view that allows to
quickly and easily send the entire diff to your last used agent for a
review. What this does is automatically submits a (pre-written and
generic) prompt to the last agents you were using in the agent panel
with the whole content of your diff.
<img width="750" height="1964" alt="Screenshot 2026-02-18 at 3 35@2x"
src="https://github.com/user-attachments/assets/493d8cf4-4815-4b01-91a0-6a39ad6219fe"
/>
Release Notes:
- Added a "Review Branch" button in the `git: branch diff` view so that
the whole diff can be quickly sent for review to an agent.
---------
Co-authored-by: Bennet Bo Fenner <bennetbo@gmx.de>
This PR removes onboarding modals for features that were announced, at
this point, a long time ago: Git v1, Debugger, and Agent Panel v1. This
cleans up the actions list a bit when you search for "onboarding". I
left the ACP and Claude Code ones, though; they were the two more recent
ones, but we should be able to remove them soon enough, too.
Release Notes:
- N/A
Removes the feature flag around listing and loading existing sessions
for external agents.
Release Notes
- acp: Expose session history for all external agents that support it.
Co-authored-by: Bennet Bo Fenner <bennetbo@gmx.de>
Before you mark this PR as ready for review, make sure that you have:
- [ ] Added a solid test coverage and/or screenshots from doing manual
testing
- [x] Done a self-review taking into account security and performance
aspects
- [x] Aligned any UI changes with the [UI
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
Release Notes:
- N/A
Closes#49067
See https://github.com/zed-industries/notify/pull/2 for more details
Note: notify already fixed this upstream, and I'm planning on using
their crate as our dependency once their v9 is officially released.
Release Notes:
- Fix panic that could occur when navigating external code
This PR removes the `GET /rpc_server_snapshot` endpoint from Collab, as
it is not being used (and also didn't seem to be functional).
Release Notes:
- N/A
This PR removes the `cloud-thinking-effort` feature flag to ship the
thinking effort UI for the Zed provider.
Release Notes:
- Added support for controlling thinking effort levels with supported
models using the Zed provider.
Closes #ISSUE
Before you mark this PR as ready for review, make sure that you have:
- [ ] Added a solid test coverage and/or screenshots from doing manual
testing
- [ ] Done a self-review taking into account security and performance
aspects
- [ ] Aligned any UI changes with the [UI
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
Release Notes:
- N/A *or* Added/Fixed/Improved ...
---------
Co-authored-by: Zed Zippy <234243425+zed-zippy[bot]@users.noreply.github.com>
Closes#45135
Since neither the project search nor file finder search was showing
project's root name, including it in the history was unnecessary,
especially when the user had `project_panel.hide_root` set to `true`.
Release Notes:
- Made file finder to respect `project_panel.hide_root` settings
---------
Co-authored-by: Kirill Bulatov <kirill@zed.dev>
This PR adds the ability to, within the Recent Projects modal/popover,
quickly add a project in the recent projects section to the current
workspace. Note that this is currently limited to local projects only.
https://github.com/user-attachments/assets/6b72af11-9c94-45d3-a7df-76869b942727
Release Notes:
- Workspace: Enabled quickly adding a recent project to the current
workspace.
Closes #N/A (no existing issue - implemented to enable image input for
Bedrock models)
This PR enables the "@" image mention feature for Bedrock models that
support vision capabilities.
**Changes:**
- Added `supports_images()` method to Bedrock `Model` enum
- Wired up image support in the Bedrock language model provider
- Added `MessageContent::Image` handling to convert base64 images to
Bedrock's expected format
- Added tool result image support
**Supported models:** Claude 3/3.5/4 family, Amazon Nova Pro/Lite, Meta
Llama 3.2 Vision, Mistral Pixtral
Release Notes:
- Added image input support for Amazon Bedrock models with vision
capabilities
Remove the `AgentsPanel` (from the `agent_ui_v2` crate) and the utility
pane infrastructure from the codebase.
The Agents Panel was a separate panel gated behind the `agent-v2`
feature flag that was redundant with the existing Agent Panel. Utility
panes were a layout concept (secondary panes next to the editor,
separate from dock panels) whose only consumer was `AgentThreadPane` in
the Agents Panel.
### Changes
- Deleted the entire `agent_ui_v2` crate (`agents_panel.rs`,
`agent_thread_pane.rs`)
- Deleted `workspace/src/utility_pane.rs`
- Removed `UtilityPane`, `UtilityPaneHandle`, `UtilityPanePosition`,
`MinimizePane`, `ClosePane` from `workspace/src/dock.rs`
- Removed all utility pane fields, methods, and render blocks from
`workspace.rs`
- Removed all aside toggle code from `pane.rs` and `pane_group.rs`
- Removed `agents_panel_dock` setting from agent settings and
`default.json`
- Removed all `agent_ui_v2` references from `main.rs`, `zed.rs`, and
Cargo.toml files
- Cleaned up test code in `tool_permissions.rs` and `agent_ui.rs`
Closes AI-17
(No release notes because this was all feature-flagged.)
Release Notes:
- N/A
Release Notes:
- Fixed an issue where a request could fail if an MCP server with names
containing whitespace was used
## Summary
When multiple MCP servers expose tools with the same name, Zed
disambiguates them by prefixing the tool name with the server ID from
settings.json. If the server ID contains spaces or special characters
(e.g., `"Azure DevOps"`), the resulting tool name like `Azure
DevOps_echo` violates Anthropic's API pattern `^[a-zA-Z0-9_-]{1,128}$`,
causing API errors:
> "Received an error from the Anthropic API: tools.0.custom.name: String
should match pattern '^[a-zA-Z0-9_-]{1,128}$'"
## Solution
Convert server IDs to snake_case (using the `heck` crate already
available in the workspace) before using them as prefixes during tool
name disambiguation.
| Server ID in settings.json | Disambiguated Tool Name |
|---------------------------|------------------------|
| `"Azure DevOps"` | `azure_dev_ops_echo` |
| `"My MCP Server"` | `my_mcp_server_echo` |
## Test plan
- [x] Added test case for server name with spaces ("Azure DevOps") in
`test_mcp_tool_truncation`
- [x] Verified existing tests pass
- [x] Manually tested with two MCP servers having overlapping tool names
After (left), Before (right):
<img width="2880" height="1800" alt="Screenshot_20251228_163249"
src="https://github.com/user-attachments/assets/09c4e8f0-e282-4620-9db3-3e2c7d428d15"
/>
🤖 Generated with (some) help from [Claude
Code](https://claude.com/claude-code)
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Co-authored-by: Bennet Bo Fenner <bennetbo@gmx.de>
This PR adds ability to select and test audio input/output devices for
use in collaboration setting (which is what the team at Zed relies
heavily on). Currently, we only ever used whatever the system default is
and it worked well until it didn't - for some reason, when I am on my
Linux laptop, I am unable to force Zed to use my external mic +
headphones via external USB audio interface. With this PR, now I can
list all available devices and select the one I want.
There are still a couple of caveats that we should be aware of:
* I've decided to list *all* available devices meaning on Linux it is
quite possible that you may discover that what your desktop environment
is reporting to you is a significantly shorter list than what your sound
framework/hw is actually exposing. I think this makes sense given my
inexperience with audio drivers/devices and frameworks on various OSes
so that we get full control over what is available with the goal of
being able to come up with some filtering heuristic as we go along.
* We currently populate the list of available audio devices only once at
startup meaning if you unplug your device while you have Zed running
this will not register until you restart Zed which is a PITA. However,
in order to keep the changes manageable I thought it would be best to do
minimal work in this regard now, and iterate on this some more in the
near future. After all, we don't really monitor device changes on any
platform except macOS anyhow, so it might be the case that when I get
round to implementing this I will have the opportunity to tackle both at
the same time.
* In order to get a valid list of all audio devices using `cpal` crate
(which is the building block of `rodio`), I had to bump `cpal` to 0.17,
and pin `rodio` to a more recent commit sha as a result, so if you see
any regressions, lemme know and/or feel free to revert this PR.
* Finally, I've done my best to integrate this with the settings UI, but
I am sure more could be done in terms of styling, etc.
Some screenshots:
<img width="1152" height="949" alt="Screenshot From 2026-02-12 11-40-04"
src="https://github.com/user-attachments/assets/e147c153-1902-49d6-bf68-3ac317a6a7b0"
/>
<img width="1152" height="949" alt="Screenshot From 2026-02-12 11-40-16"
src="https://github.com/user-attachments/assets/b4e9a2f8-b38e-4de0-b910-067cc432b5bc"
/>
Release Notes:
- Added ability to select audio input/output devices as part of
Collaboration page in Settings. Added ability to test selected devices
with a simple playback loop routing input directly into output for
easier debugging of your audio devices.
---------
Co-authored-by: Zed Zippy <234243425+zed-zippy[bot]@users.noreply.github.com>
Follow-up to https://github.com/zed-industries/zed/pull/46641.
In the PR linked above, I had introduced a dropdown that'd show up in
the title bar when the workspace contained more than one project.
Although that helped improve the multi-project use case, it created some
quirky designs:
- The project dropdown and the recent project pickers looked too
different from one another
- The transition between the 2 project case to the 1 project scenario,
from the dropdown, was not great, because you'd be then seeing the
bigger recent projects picker
- The `workspace: switch project` action was still reachable in the
command palette even if you had one project in the workspace
So, what this PR does is essentially fixing all of this by consolidating
it all in the Recent Projects picker. If you are in a multi-project
scenario, the picker will display a section with all of the projects on
the workspace allowing you to activate each one of them. The picker also
looks simpler when you reach it by clicking on the project name in the
title bar, as opposed to through the keybinding. I've then removed the
project dropdown code as well as the action, given we don't need them
anymore due to the consolidation. Lastly, I tackled the inconsistent
wording used between "Folders", "Projects", and "Workspaces".
Here's the result:
https://github.com/user-attachments/assets/9d8ef3e3-e57b-4558-9bc0-dcc401dec469
- [x] Code Reviewed
- [x] Manual QA
Release Notes:
- Workspace: Improved the recent projects picker by making it also
display active projects in case of a multi-project workspace.
Release Notes:
- Added agent panel restoration. Now restarting your editor won't cause
your thread to be forgotten.
---------
Co-authored-by: Anthony Eid <56899983+Anthony-Eid@users.noreply.github.com>
Co-authored-by: Eric Holk <eric@zed.dev>
Co-authored-by: Danilo Leal <67129314+danilo-leal@users.noreply.github.com>
Co-authored-by: Anthony Eid <anthony@zed.dev>
Co-authored-by: Mikayla Maki <mikayla.c.maki@gmail.com>
Co-authored-by: Cameron Mcloughlin <cameron.studdstreet@gmail.com>
Closes#48683
Per the devcontainer spec, `.devcontainer.json` in the project root is
a valid config location. It is only used when no configurations are
found inside `.devcontainer/`.
Extract `find_configs_in_snapshot` for testability and add tests.
Release Notes:
- Added support for `.devcontainer.json` in project root
Currently, whenever Zed has a new version available for download, the
update button shows up in the status bar. Problem is: that status bar
slot can also display other buttons/information, such as problems with
your language server or general errors. In case the two things exist (a
problem and a new version), just one of them would be displayed, which
is not great; you should be able to see both. Additionally, given we
ship new versions pretty often, I've frequently saw feedback about
wanting to hide away the new version button... at least temporarily
while there's no immediate interest in upgrading.
So, this PR tackles all of that. The button to update a new version is
moved up to the title bar, nearby your avatar, and you have the ability
to dismiss, which effectively just moves the button from the title bar
to inside your user menu.
https://github.com/user-attachments/assets/e3f1d76d-9b85-4bee-a70f-e22dd5e7fdb3
Release Notes:
- Moved the update Zed button to the title bar and allowed it to be
dismissed.
---------
Co-authored-by: Conrad Irwin <conrad.irwin@gmail.com>
Various improvements to settings UI for granular tool permissions,
extracted from a larger change:
- Add **copy_path** tool to the permissions configuration list
- Replace local `RuleType` enum with `ToolPermissionMode` from the
settings crate
- Improve rule summary display: singular "1 rule" instead of always "1
rules", show invalid pattern count
- Add **terminal command parsing preview** — uses `extract_commands` to
split chained commands (`&&`, `||`, `;`) so the preview matches the real
permission engine's behavior
- Add **verdict label** showing the authoritative permission decision
(Allow/Deny/Confirm)
- Log disagreements between the pattern preview and the engine's
authoritative verdict
- Display **invalid regex patterns section** with compilation error
details
- Add regex validation error banner (dismissible) on tool config pages
- Add **compile-time validated** `tool_index` for macro-generated render
functions (fails to compile if a tool ID is misspelled)
- Update move_path/copy_path regex explanations for multi-input tools
- Add test validating all tools have `ToolInfo` entries or are in the
exclusion list
- Add `clear_on_confirm()` — clears the input after confirming (used for
"add pattern" inputs)
- Add editor reconciliation fix — when settings change externally (e.g.
editing settings.json), syncs the cached editor text when not focused
- Rename "Configure Tool Rules" → "Tool Permissions" in the settings
sidebar
- Update description text
- Add `regex_validation_error` field to `SettingsWindow` (cleared on
page navigation)
(No release notes because granular tool permissions are behind a feature
flag.)
Release Notes:
- N/A
---------
Co-authored-by: Danilo Leal <daniloleal09@gmail.com>
Follow-up to #47420 and #44193.
#47420 fixed child-exit status handling via upstream alacritty change
(https://github.com/alacritty/alacritty/pull/8825). However,
stable/preview/nightly builds still reproduced hangs that dev builds did
not.
The root cause matches #44193: spawned children inherit crash-handler
Mach exception ports and hang. We already reset exception ports in
`util::command::new_smol_command` and
`util::set_pre_exec_to_start_new_session`, but PTY child spawning in
`alacritty_terminal` was not covered.
This PR updates `alacritty_terminal` to include PTY `pre_exec`
exception-port reset:
9d9640d4e5
Upstream:
- https://github.com/alacritty/alacritty/pull/8835
Release Notes:
- Fixed terminal tasks hanging on macOS when a spawned process is killed
by a signal.
Fixes#48357
## Summary
- Bumps `tree-sitter-go` from `0.23` to `0.25`
- This fixes wrong syntax highlighting with chained indexing in Go (e.g.
`a[b][c] = 0` being incorrectly parsed as a type instantiation
expression instead of an index expression)
- The upstream fix
([tree-sitter/tree-sitter-go#160](https://github.com/tree-sitter/tree-sitter-go/issues/160))
landed in v0.25.0, which gives index expressions a higher dynamic
precedence over type instantiation expressions
- Updated `runnables.scm` to account for the new `statement_list` node
that wraps statements inside blocks in tree-sitter-go 0.25
## Test plan
- [x] `cargo test -p languages` — all 47 tests pass
- Verified that existing Go runnables queries (table tests, subtests,
test detection) work with the updated grammar
Release Notes:
- Fixed wrong syntax highlighting with chained indexing in Go (e.g.
`a[b][c]`) by bumping tree-sitter-go to 0.25
Bump the runtimed ecosystem packages to their 1.0 releases:
- `jupyter-protocol`: 0.10.0 → 1.1.0
- `jupyter-websocket-client`: 0.15.0 → 1.0.0
- `nbformat`: 0.15.0 → 1.0.0
- `runtimelib`: 0.30.0 → 1.1.0
One breaking change: `MimeType::Json` now wraps `serde_json::Value`
directly instead of `serde_json::Map<String, Value>`, so the redundant
`Value::Object(...)` wrapping in `outputs.rs` was removed.
Closes#41649
More Quality of Life improvements and Bug Fixes are coming in new PRs
after this is merged.
Release Notes:
- Fixes startup for R kernels and Python kernels on windows.
Move shell command parsing logic (`extract_commands` and supporting
code) from the agent crate into a new `shell_command_parser` crate so it
can be reused by `agent_servers` for ACP permission checking.
Release Notes:
- N/A
It's happeningggggg
Release Notes:
- Changed the Agent Panel so that the Active Thread is restored on
restart.
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Co-authored-by: Danilo Leal <daniloleal09@gmail.com>
Co-authored-by: Anthony Eid <anthony@zed.dev>
Co-authored-by: Danilo Leal <67129314+danilo-leal@users.noreply.github.com>
Co-authored-by: Richard Feldman <richard@zed.dev>
Co-authored-by: Zed Zippy <234243425+zed-zippy[bot]@users.noreply.github.com>
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [git2](https://redirect.github.com/rust-lang/git2-rs) |
workspace.dependencies | patch | `0.20.2` → `0.20.4` |
---
> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.
### GitHub Vulnerability Alerts
####
[GHSA-j39j-6gw9-jw6h](https://redirect.github.com/rust-lang/git2-rs/issues/1211)
If the Buf struct is dereferenced immediately after calling new() or
default() on the Buf struct, a null pointer is passed to the unsafe
function slice::from_raw_parts. According to the safety section
documentation of the function, data must be non-null and aligned even
for zero-length slices or slices of ZSTs. Thus, passing a null pointer
will lead to undefined behavior.
---
### Release Notes
<details>
<summary>rust-lang/git2-rs (git2)</summary>
###
[`v0.20.4`](https://redirect.github.com/rust-lang/git2-rs/compare/git2-0.20.3...git2-0.20.4)
[Compare
Source](https://redirect.github.com/rust-lang/git2-rs/compare/git2-0.20.3...git2-0.20.4)
###
[`v0.20.3`](https://redirect.github.com/rust-lang/git2-rs/compare/git2-0.20.2...git2-0.20.3)
[Compare
Source](https://redirect.github.com/rust-lang/git2-rs/compare/git2-0.20.2...git2-0.20.3)
</details>
---
### Configuration
📅 **Schedule**: Branch creation - "" in timezone America/New_York,
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
Release Notes:
- N/A
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi45NS4yIiwidXBkYXRlZEluVmVyIjoiNDIuOTUuMiIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [time](https://time-rs.github.io)
([source](https://redirect.github.com/time-rs/time)) |
workspace.dependencies | patch | `0.3.44` → `0.3.47` |
---
> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.
### GitHub Vulnerability Alerts
####
[CVE-2026-25727](https://redirect.github.com/time-rs/time/security/advisories/GHSA-r6v5-fh4h-64xc)
### Impact
When user-provided input is provided to any type that parses with the
RFC 2822 format, a Denial of Service attack via stack exhaustion is
possible. The attack relies on formally deprecated and rarely-used
features that are part of the RFC 2822 format used in a malicious
manner. Ordinary, non-malicious input will never encounter this
scenario.
### Patches
A limit to the depth of recursion was added in v0.3.47. From this
version, an error will be returned rather than exhausting the stack.
### Workarounds
Limiting the length of user input is the simplest way to avoid stack
exhaustion, as the amount of the stack consumed would be at most a
factor of the length of the input.
---
### Release Notes
<details>
<summary>time-rs/time (time)</summary>
###
[`v0.3.47`](https://redirect.github.com/time-rs/time/blob/HEAD/CHANGELOG.md#0347-2026-02-05)
[Compare
Source](https://redirect.github.com/time-rs/time/compare/v0.3.46...v0.3.47)
##### Security
- The possibility of a stack exhaustion denial of service attack when
parsing RFC 2822 has been
eliminated. Previously, it was possible to craft input that would cause
unbounded recursion. Now,
the depth of the recursion is tracked, causing an error to be returned
if it exceeds a reasonable
limit.
This attack vector requires parsing user-provided input, with any type,
using the RFC 2822 format.
##### Compatibility
- Attempting to format a value with a well-known format (i.e. RFC 3339,
RFC 2822, or ISO 8601) will
error at compile time if the type being formatted does not provide
sufficient information. This
would previously fail at runtime. Similarly, attempting to format a
value with ISO 8601 that is
only configured for parsing (i.e. `Iso8601::PARSING`) will error at
compile time.
##### Added
- Builder methods for format description modifiers, eliminating the need
for verbose initialization
when done manually.
- `date!(2026-W01-2)` is now supported. Previously, a space was required
between `W` and `01`.
- `[end]` now has a `trailing_input` modifier which can either be
`prohibit` (the default) or
`discard`. When it is `discard`, all remaining input is ignored. Note
that if there are components
after `[end]`, they will still attempt to be parsed, likely resulting in
an error.
##### Changed
- More performance gains when parsing.
##### Fixed
- If manually formatting a value, the number of bytes written was one
short for some components.
This has been fixed such that the number of bytes written is always
correct.
- The possibility of integer overflow when parsing an owned format
description has been effectively
eliminated. This would previously wrap when overflow checks were
disabled. Instead of storing the
depth as `u8`, it is stored as `u32`. This would require multiple
gigabytes of nested input to
overflow, at which point we've got other problems and trivial
mitigations are available by
downstream users.
###
[`v0.3.46`](https://redirect.github.com/time-rs/time/blob/HEAD/CHANGELOG.md#0346-2026-01-23)
[Compare
Source](https://redirect.github.com/time-rs/time/compare/v0.3.45...v0.3.46)
##### Added
- All possible panics are now documented for the relevant methods.
- The need to use `#[serde(default)]` when using custom `serde` formats
is documented. This applies
only when deserializing an `Option<T>`.
- `Duration::nanoseconds_i128` has been made public, mirroring
`std::time::Duration::from_nanos_u128`.
- Various methods for truncating components have been added, avoiding
the need to call the fallible
`replace` methods multiple times.
For `PrimitiveDateTime`, `UtcDateTime`, and `OffsetDateTime`:
- `truncate_to_day`
For `Time`, `PrimitiveDateTime`, `UtcDateTime`, and `OffsetDateTime`:
- `truncate_to_hour`
- `truncate_to_minute`
- `truncate_to_second`
- `truncate_to_millisecond`
- `truncate_to_microsecond`
##### Changed
- The minimum supported Rust version is now 1.88.0.
- Significant performance gains in numerous locations. No public APIs
were changed or removed as
part of this.
- The size of `error::ComponentRange`, along with types that contain it,
has been significantly
reduced.
##### Fixed
- The `PartialOrd` and `Ord` implementations of `UtcOffset` now return
the expected result.
###
[`v0.3.45`](https://redirect.github.com/time-rs/time/blob/HEAD/CHANGELOG.md#0345-2026-01-13)
[Compare
Source](https://redirect.github.com/time-rs/time/compare/v0.3.44...v0.3.45)
##### Added
- `time::format_description::StaticFormatDescription` type alias for
`&'static [BorrowedFormatItem<'static>]`. This is the type returned by
the
`time::macros::format_description!` macro.
##### Changed
- The minimum supported Rust version is now 1.83.0.
- All floating point methods on `Duration` are now `const fn`.
- All setters on `Parsed` are now `const fn`.
- The `serde` dependency has been replaced with `serde_core`, This
reduces compile times by not
including unused parts of `serde`.
- `Date::from_julian_day` uses a new algorithm, resulting in an
approximately 16% performance
improvement. This method is used internally by numerous other methods.
- `util::is_leap_year` uses a new algorithm, resulting in an
approximately 8% performance
improvement.
</details>
---
### Configuration
📅 **Schedule**: Branch creation - "" in timezone America/New_York,
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
Release Notes:
- N/A
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi45NS4yIiwidXBkYXRlZEluVmVyIjoiNDIuOTUuMiIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
TODO:
- [x] Review code
- [x] Decide whether to keep ignored API tests
Release Notes:
- Fixed a bug where cancelling a thread mid-thought would cause further
anthropic requests to fail
- Fixed a bug where the model configured on a thread would not be
persisted alongside that thread
Fixes#36818
Release Notes:
- Added new `global_lsp_settings.request_timeout` setting to configure
the maximum timeout duration for LSP-related operations.
Code inspired by [prior
implementation](https://github.com/zed-industries/zed/pull/38443),
though with a few tweaks here & there (like using `serde:default` and
keeping the pre-defined constant in the LSP file).
---------
Co-authored-by: Kirill Bulatov <mail4score@gmail.com>
Co-authored-by: Kirill Bulatov <kirill@zed.dev>
- **build: remove assistant_slash_commands dependency in
assistant_text_thread**
- **diagnostics: Do not depend on search**
- **Remove terminal_view's dependency on search**
- **sever breadcrumbs <-> editor dep (for the sake of terminal_view)**
Release Notes:
- N/A
Previously, some settings migrations only operated on root-level keys
and missed settings nested under platform keys (`macos`, `linux`, etc.),
channel keys (`nightly`, `stable`, etc.), or profile blocks. This fixes
migrations to recurse into those nested locations.
Also fixes `m_2026_02_02` to gracefully skip when `edit_predictions` is
not an object (e.g. `true`) instead of bailing and aborting the entire
migration chain.
Release Notes:
- Fixed settings migrations to correctly handle settings nested under
platform, channel, or profile keys.
This allows us to switch the prompt format without client-side changes.
If we want to experiment with prompt formats or models other than the
currently-deployed one, we can use the raw endpoint, and do prompt
construction and output processing on the client.
This also adds an optional environment parameter to the raw endpoint, so
that we can use that endpoint in the new scheme where we're deploying to
separate environments for different zeta prompt versions.
Release Notes:
- N/A
Closes#46506
Release Notes:
- Fixed an issue where the codestral URL used for credentials would be
different than the one used for requests causing authentication errors
Currently we always compute breadcrumbs and sticky headers on every
editor paint which is not cheap to do especially in bigger files, moving
this off to be computed on event handling where they change and then
caching them can save serveral milliseconds per render in bigger files.
This also puts matching brackets refreshing and document highlights on a
background task, as this tends to block the main task for prolonged time
as well.
Release Notes:
- N/A *or* Added/Fixed/Improved ...
Part of #7450
Big thanks to @macmv for pushing this forwards so much!
Rebased version of https://github.com/zed-industries/zed/pull/39539 as
working on an in-org branch simplifies a lot of things for us)
Release Notes:
- Added LSP semantic tokens highlighting support
---------
Co-authored-by: Neil Macneale V <neil.macneale.v@gmail.com>
Co-authored-by: Kirill Bulatov <kirill@zed.dev>
Co-authored-by: Zed Zippy <234243425+zed-zippy[bot]@users.noreply.github.com>
- Keyboard navigation where you can traverse through cells using up and
down arrow
- Jupyter Logo added
- Initialize kernel as shutdown for more predictable behavior
- Ability to create .ipynb files with bare essential metadata.
- Optimize editor initialization to avoid cloning the entire notebook
and shortcuts
Release Notes:
- N/A
---------
Co-authored-by: Danilo Leal <daniloleal09@gmail.com>
This PR adds a page in the settings UI, under the AI section, that
allows to interact and customize permissions for tool calling for each
tool available to Zed's native agent.
Release Notes:
- AI: Added a settings page in the settings editor that allows to
customize tool call permissions for each tool.
---------
Co-authored-by: Richard Feldman <oss@rtfeldman.com>
Previously, Ollama would not show up as available until you opened some
UI that prompted connecting to Ollama, like the agent panel or the edit
prediction settings.
Release Notes:
- N/A
Closes https://github.com/zed-industries/zed/issues/15968
Release Notes:
- Added the ability to use Ollama as an edit prediction provider
---------
Co-authored-by: Oleksiy Syvokon <oleksiy@zed.dev>
Co-authored-by: Ben Kunkle <ben@zed.dev>
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [jsonwebtoken](https://redirect.github.com/Keats/jsonwebtoken) |
workspace.dependencies | major | `9.3` → `10.0` |
---
> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.
### GitHub Vulnerability Alerts
####
[GHSA-h395-gr6q-cpjc](https://redirect.github.com/Keats/jsonwebtoken/security/advisories/GHSA-h395-gr6q-cpjc)
## Summary:
It has been discovered that there is a Type Confusion vulnerability in
jsonwebtoken, specifically, in its claim validation logic.
When a standard claim (such as nbf or exp) is provided with an incorrect
JSON type (Like a String instead of a Number), the library’s internal
parsing mechanism marks the claim as “FailedToParse”. Crucially, the
validation logic treats this “FailedToParse” state identically to
“NotPresent”.
This means that if a check is enabled (like: validate_nbf = true), but
the claim is not explicitly marked as required in required_spec_claims,
the library will skip the validation check entirely for the malformed
claim, treating it as if it were not there. This allows attackers to
bypass critical time-based security restrictions (like “Not Before”
checks) and commit potential authentication and authorization bypasses.
## Details:
The vulnerability stems from the interaction between the TryParse enum
and the validate function in
[src/validation.rs](https://redirect.github.com/Keats/jsonwebtoken/blob/master/src/validation.rs).
1. The TryParse Enum: The library uses a custom TryParse enum to handle
claim deserialization:
```
enum TryParse<T> {
Parsed(T),
FailedToParse, // Set when deserialization fails (e.g. type mismatch)
NotPresent,
}
```
If a user sends {“nbf”: “99999999999”} (legacy/string format), serde
fails to parse it as u64, and it results in TryParse::FailedToParse.
1. The Validation Logic Flaw (src/validation.rs): In
Validation::validate, the code checks for exp and nbf
like this:
```
// L288-291
if matches!(claims.nbf, TryParse::Parsed(nbf) if options.validate_nbf && nbf > now + options.leeway) {
return Err(new_error(ErrorKind::ImmatureSignature));
}
```
This matches! macro explicitly looks for TryParse::Parsed(nbf).
• If claims.nbf is FailedToParse, the match returns false.
• The if block is skipped.
• No error is returned.
1. The “Required Claims” Gap: The only fallback mechanism is the
“Required Claims” check:
```
// Lines 259-267
for required_claim in &options.required_spec_claims {
let present = match required_claim.as_str() {
"nbf" => matches!(claims.nbf, TryParse::Parsed(_)),
// ...
};
if !present { return Err(...); }
}
```
If “nbf” IS in required_spec_claims, FailedToParse will fail the
matches!(..., Parsed(_)) check, causing the present to be false, and
correctly returning an error.
However, widely accepted usage patterns often enable validation flags
(validate_nbf = true) without adding the claim to the required list,
assuming that enabling validation implicitly requires the claim’s
validity if it appears in the token. jsonwebtoken seems to violate this
assumption.
Environment:
• Version: jsonwebtoken 10.2.0
• Rust Version: rustc 1.90.0
• Cargo Version: cargo 1.90.0
• OS: MacOS Tahoe 26.2
POC:
For demonstrating, Here is this simple rust code that demonstrates the
bypass. It attempts to validate a token with a string nbf claiming to be
valid only in the far future.
create a new project:
```
cargo new nbf_poc; cd nbf_poc
```
add required dependencies:
```
cargo add serde --features derive
cargo add jsonwebtoken --features rust_crypto
cargo add serde_json
```
replace the code in src/main.rs with this:
```
use jsonwebtoken::{decode, Validation, Algorithm, DecodingKey, Header, EncodingKey, encode};
use serde::{Deserialize, Serialize};
#[derive(Debug, Serialize, Deserialize)]
struct Claims {
sub: String,
nbf: String, // Attacker sends nbf as a String
exp: usize,
}
fn main() {
let key: &[u8; 24] = b"RedMouseOverTheSkyIsBlue";
// nbf is a String "99999999999" (Far future)
// Real nbf should be a Number.
let my_claims: Claims = Claims {
sub: "krishna".to_string(),
nbf: "99999999999".to_string(),
exp: 10000000000,
};
let token: String = encode(&Header::default(), &my_claims, &EncodingKey::from_secret(key)).unwrap();
println!("Forged Token: {}", token);
// 2. Configure Validation
let mut validation: Validation = Validation::new(Algorithm::HS256);
validation.validate_nbf = true; // Enable NBF check
// We do NOT add "nbf" to required_spec_claims (default behavior)
// We decode to serde_json::Value to avoid strict type errors in our struct definition hiding the library bug.
// The library sees the raw JSON with string "nbf".
let result: Result<jsonwebtoken::TokenData<serde_json::Value>, jsonwebtoken::errors::Error> = decode::<serde_json::Value>(
&token,
&DecodingKey::from_secret(key),
&validation
);
match result {
Ok(_) => println!("Token was accepted despite malformed far-future 'nbf'!"),
Err(e) => println!("Token rejected. Error: {:?}", e),
}
}
```
run cargo run
expected behaviour:
```
Forged Token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJrcmlzaG5hIiwibmJmIjoiOTk5OTk5OTk5OTkiLCJleHAiOjEwMDAwMDAwMDAwfQ.Fm3kZIqMwqIA6sEA1w52UOMqqnu4hlO3FQStFmbaOwk
```
Token was accepted despite malformed far-future 'nbf'!
Impact:
If an application uses jsonwebtoken nbf (Not Before) to schedule access
for the future (like “Access granted starting tomorrow”).
By sending nbf as a string, an attacker can bypass this restriction and
access the resource immediately.
and for the exp claim (this is unlikely but still adding), If a
developer sets validate_exp = true but manually handles claim presence
(removing exp from required_spec_claims), an attacker can send a string
exp (e.g., “never”) and bypass expiration checks entirely. The token
becomes valid forever.
---
### Release Notes
<details>
<summary>Keats/jsonwebtoken (jsonwebtoken)</summary>
###
[`v10.3.0`](https://redirect.github.com/Keats/jsonwebtoken/blob/HEAD/CHANGELOG.md#1030-2026-01-27)
[Compare
Source](https://redirect.github.com/Keats/jsonwebtoken/compare/v10.2.0...v10.3.0)
- Export everything needed to define your own CryptoProvider
- Fix type confusion with exp/nbf when not required
###
[`v10.2.0`](https://redirect.github.com/Keats/jsonwebtoken/blob/HEAD/CHANGELOG.md#1020-2025-11-06)
[Compare
Source](https://redirect.github.com/Keats/jsonwebtoken/compare/v10.1.0...v10.2.0)
- Remove `Clone` bound from decode functions
###
[`v10.1.0`](https://redirect.github.com/Keats/jsonwebtoken/blob/HEAD/CHANGELOG.md#1010-2025-10-18)
[Compare
Source](https://redirect.github.com/Keats/jsonwebtoken/compare/v10.0.0...v10.1.0)
- add `dangerous::insecure_decode`
- Implement TryFrom \&Jwk for DecodingKey
###
[`v10.0.0`](https://redirect.github.com/Keats/jsonwebtoken/blob/HEAD/CHANGELOG.md#1000-2025-09-29)
[Compare
Source](https://redirect.github.com/Keats/jsonwebtoken/compare/v9.3.1...v10.0.0)
- BREAKING: now using traits for crypto backends, you have to choose
between `aws_lc_rs` and `rust_crypto`
- Add `Clone` bound to `decode`
- Support decoding byte slices
- Support JWS
</details>
---
### Configuration
📅 **Schedule**: Branch creation - "" in timezone America/New_York,
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
Release Notes:
- N/A
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi45NS4yIiwidXBkYXRlZEluVmVyIjoiNDIuOTUuMiIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Marshall Bowers <git@maxdeviant.com>
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [bytes](https://redirect.github.com/tokio-rs/bytes) |
workspace.dependencies | minor | `1.10.1` → `1.11.1` |
---
> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.
### GitHub Vulnerability Alerts
####
[GHSA-434x-w66g-qw3r](https://redirect.github.com/tokio-rs/bytes/security/advisories/GHSA-434x-w66g-qw3r)
# Details
In the unique reclaim path of `BytesMut::reserve`, the condition
```rs
if v_capacity >= new_cap + offset
```
uses an unchecked addition. When `new_cap + offset` overflows `usize` in
release builds, this condition may incorrectly pass, causing `self.cap`
to be set to a value that exceeds the actual allocated capacity.
Subsequent APIs such as `spare_capacity_mut()` then trust this corrupted
`cap` value and may create out-of-bounds slices, leading to UB.
This behavior is observable in release builds (integer overflow wraps),
whereas debug builds panic due to overflow checks.
## PoC
```rs
use bytes::*;
fn main() {
let mut a = BytesMut::from(&b"hello world"[..]);
let mut b = a.split_off(5);
// Ensure b becomes the unique owner of the backing storage
drop(a);
// Trigger overflow in new_cap + offset inside reserve
b.reserve(usize::MAX - 6);
// This call relies on the corrupted cap and may cause UB & HBO
b.put_u8(b'h');
}
```
# Workarounds
Users of `BytesMut::reserve` are only affected if integer overflow
checks are configured to wrap. When integer overflow is configured to
panic, this issue does not apply.
---
### Release Notes
<details>
<summary>tokio-rs/bytes (bytes)</summary>
###
[`v1.11.1`](https://redirect.github.com/tokio-rs/bytes/blob/HEAD/CHANGELOG.md#1111-February-3rd-2026)
[Compare
Source](https://redirect.github.com/tokio-rs/bytes/compare/v1.11.0...v1.11.1)
- Fix integer overflow in `BytesMut::reserve`
###
[`v1.11.0`](https://redirect.github.com/tokio-rs/bytes/blob/HEAD/CHANGELOG.md#1110-November-14th-2025)
[Compare
Source](https://redirect.github.com/tokio-rs/bytes/compare/v1.10.1...v1.11.0)
- Bump MSRV to 1.57
([#​788](https://redirect.github.com/tokio-rs/bytes/issues/788))
##### Fixed
- fix: `BytesMut` only reuse if src has remaining
([#​803](https://redirect.github.com/tokio-rs/bytes/issues/803))
- Specialize `BytesMut::put::<Bytes>`
([#​793](https://redirect.github.com/tokio-rs/bytes/issues/793))
- Reserve capacity in `BytesMut::put`
([#​794](https://redirect.github.com/tokio-rs/bytes/issues/794))
- Change `BytesMut::remaining_mut` to use `isize::MAX` instead of
`usize::MAX`
([#​795](https://redirect.github.com/tokio-rs/bytes/issues/795))
##### Internal changes
- Guarantee address in `slice()` for empty slices.
([#​780](https://redirect.github.com/tokio-rs/bytes/issues/780))
- Rename `Vtable::to_*` -> `Vtable::into_*`
([#​776](https://redirect.github.com/tokio-rs/bytes/issues/776))
- Fix latest clippy warnings
([#​787](https://redirect.github.com/tokio-rs/bytes/issues/787))
- Ignore `BytesMut::freeze` doctest on wasm
([#​790](https://redirect.github.com/tokio-rs/bytes/issues/790))
- Move `drop_fn` of `from_owner` into vtable
([#​801](https://redirect.github.com/tokio-rs/bytes/issues/801))
</details>
---
### Configuration
📅 **Schedule**: Branch creation - "" in timezone America/New_York,
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
Release Notes:
- N/A
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi45NS4yIiwidXBkYXRlZEluVmVyIjoiNDIuOTUuMiIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Follow-up to #46337
`project_panel` tests enable `remote/test-support` (via
`workspace`/`project`), which adds `RemoteConnectionOptions::Mock`. But
without `remote_connection/test-support`, the match arm for that variant
isn't compiled, causing a non-exhaustive match error when testing the
crate in isolation.
CI doesn't catch this because `git_ui` happens to enable
`remote_connection/test-support` during workspace-wide tests.
Release Notes:
- N/A
Closes#48097
Release Notes:
- Fixed Copilot instances not being cleared up after their window is
closed.
- Copilot edit prediction provider now respects `disable_ai` setting.
The indent guide computation was using visible list indices directly to
access entries, instead of mapping through `logical_indices` first. This
caused incorrect depths to be read from hidden entries when a folder was
collapsed, resulting in stray vertical lines extending to unrelated folders.
Closes#48189
Release Notes:
- Fixed a visual bug in the Git Panel where collapsing a folder in tree
view would cause indent guide lines to incorrectly extend to unrelated
folders below it.
This branch:
1. teaches `--diff `command line option to to recurse into folders if
provided.
2. Adds a `MultiDiffView` that shows _all_ changed files in a single,
scrollable view.
This is necessary to provide a smooth user experience for `jj` and Zed
users who wish to use Zed as their jj difftool.
I'm not fully sure how this change interacts with
https://github.com/zed-industries/zed/pull/44936, or what plans y'all
have in mind.
Here's a screenshot of the resulting behavior:
<img width="1090" height="950" alt="Screenshot 2025-12-17 at 9 10 52 AM"
src="https://github.com/user-attachments/assets/8efd09b4-974f-4059-9f94-539c484c6d4a"
/>
I setup zed to handle jj diffs by adding the following to my jj config:
```toml
[aliases]
zdiff = ["diff", "--tool", "zed"]
[merge-tools.zed]
program = "/Users/dbarsky/Developer/zed/target/debug/cli"
# omit diff-invocation-mode to keep the default (JJ passes two dirs)
diff-args = [
"--zed", "/Users/dbarsky/Developer/zed/target/debug/zed",
"--wait",
"--new",
"--diff",
"$left",
"$right",
]
```
Release Notes:
- `--diff`, if provided with folders instead of files, will recurse into
those directories.
- Added a `MultiDiffView`, which will show all changed files within a
single, scrollable view.
**AI Disclosure**: Pretty much all of this code was written using Codex
with GPT-5.1-Codex. I edited by hand and tested this.
---------
Co-authored-by: Lukas Wirth <lukas@zed.dev>
Closes: #46593#32635#47924
Co-authored-by: Anthony Eid <hello@anthonyeid.me>
Co-authored-by: Cole Miller <cole@zed.dev>
Release Notes:
- Fixed issues with signing into Copilot via the Settings UI
---------
Co-authored-by: Anthony Eid <hello@anthonyeid.me>
Co-authored-by: Cole Miller <cole@zed.dev>
Co-authored-by: Zed Zippy <234243425+zed-zippy[bot]@users.noreply.github.com>
Co-authored-by: Anthony Eid <anthony@zed.dev>
This PR moves the `CollabNotification` component from the collab_ui
crate to the UI crate, so that we can add a component preview to it. It
also fixes problems with text truncation and other little details.
<img width="700" height="1674" alt="Screenshot 2026-01-29 at 4 07@2x"
src="https://github.com/user-attachments/assets/6aca6cff-564a-4729-b505-c02d8c3af97f"
/>
Release Notes:
- Collab: Fixed overflowing text in project sharing and call
notifications.
Reapplies #44273
I included metal-rs upgrade so we can get this working on Intel-based
Macs
cc: @JosephTLyons @notpeter @rtfeldman @Anthony-Eid
Release Notes:
- Reduced memory usage on Apple-silicon Macs by using shared memory
where appropriate
---------
Signed-off-by: Marco Mihai Condrache <52580954+marcocondrache@users.noreply.github.com>
Reverts zed-industries/zed#47799
Now that we have a week to let this be tested in Nightly we can merge it
again
Release Notes:
- Fix to many file descriptors error in MacOS
<img width="1110" height="280" alt="Screenshot 2026-01-28 at 3 35 52 PM"
src="https://github.com/user-attachments/assets/4d467e2c-2e7b-4ec7-bc87-6f0df8e667f0"
/>
<img width="1094" height="411" alt="Screenshot 2026-01-28 at 3 40 54 PM"
src="https://github.com/user-attachments/assets/f559df93-e72e-4457-ba1b-f7d6239f3285"
/>
Previously, if a user configured `^ls` as an always-allow pattern, an
attacker could craft a command like `ls && rm -rf /` which would be
auto-approved because the regex only matched the beginning of the
command string.
Now the command is parsed into individual sub-commands (`ls`, `rm -rf
/`) and EACH sub-command must match an allow pattern for auto-approval.
This prevents shell injection attacks using operators like:
- `&&` and `||` (boolean operators)
- `;` and `&` (sequential/background execution)
- `|` (pipes)
- Newlines
- Command substitution (`$()` and backticks)
- Process substitution (`<()` and `>()`)
## Matching Logic
- **always_deny**: if ANY sub-command matches, deny the entire command
- **always_confirm**: if ANY sub-command matches, require confirmation
(unless always_deny matched, in which case deny)
- **always_allow**: ALL sub-commands must match for auto-approval
(unless always_confirm or always_deny matched, in which case defer to
those)
- If parsing fails, or if the shell is unsupported, then always_allow is
disabled for this command
As usual, `always_allow_tool_actions` supercedes all of these. If it is
`true`, then we always allow all tool calls, no questions asked.
## Shell Compatibility
The shell parser only supports POSIX-like command chaining syntax (`&&`,
`||`, `;`, `|`).
**Supported shells:** Posix (sh, bash, dash, zsh), Fish 3.0+, PowerShell
7+/Pwsh, Cmd, Xonsh, Csh, Tcsh
**Unsupported shells:** Nushell (uses `and`/`or` keywords), Elvish (uses
`and`/`or` keywords), Rc (Plan 9 shell - no `&&`/`||` operators)
For unsupported shells:
- The "Always allow" UI options are hidden for the terminal tool
- If the user has `always_allow` patterns configured in settings, they
will see a `Deny` with an explanatory error message
(No release notes because granular tool permissions are behind a feature
flag.)
Release Notes:
- N/A
---------
Co-authored-by: Zed Zippy <234243425+zed-zippy[bot]@users.noreply.github.com>
Brought the Markdown output up to date with how Markdown is used in the
Agent panel. This fixed an issue with outputs that were too large for
the execution view as well as made sure that markdown would wrap.
<img width="3222" height="2334" alt="image"
src="https://github.com/user-attachments/assets/c65efa53-b792-4529-909a-9117053e30be"
/>
Release Notes:
- N/A
- Remove the newlines in the unzip command string, which made it not
work.
- Fix spawning the terminal and tasks. Unfortunately, the Windows
OpenSSH server has limitations that require rather ugly workarounds.
Release Notes:
- N/A
Closes#47064Closes#20806
The previous implementation used Zed's custom fsevent crate, which
spawned a dedicated thread for each watched path. On large projects,
this could result in 100+ threads just for filesystem watching.
This PR removes the `fsevent` crate and switches to using `notify's`
FsEventWatcher directly. The notify implementation maintains a single
FSEvents stream that watches all paths on one thread. When paths are
added or removed, the stream is stopped, the path list is updated, and
the stream is restarted.
Ref: https://github.com/notify-rs/notify/blob/main/notify/src/fsevent.rs
As a result, Zed now uses one thread for filesystem watching regardless
of how many paths are watched.
Release Notes:
- On macOS, Zed now uses significantly fewer resources when watching
filesystem changes
---------
Signed-off-by: Marco Mihai Condrache <52580954+marcocondrache@users.noreply.github.com>
Co-authored-by: Anthony Eid <anthony@zed.dev>
This is in preparation of merging
https://github.com/zed-industries/zed/pull/47322, because our MacWatcher
implementation was able to watch root directories, and I wanted to
maintain that behavior to decrease the chance of any bugs occurring from
a merge
Note: Release candidate 9 for Notify was created two days ago which
means that a new version is coming out soon. We should update to v9 once
it's released to include bug fixes from upstream.
Release Notes:
- N/A
# Add "Reopen with Encoding" feature (Local/Single user)
## Summary
This PR adds a "Reopen with Encoding" feature to allow users to manually
specify an encoding and reload the active buffer.
This feature allows users to explicitly specify the encoding and reload
the file to resolve garbled text caused by incorrect detection.
## Changes
1. Added encoding picker logic to `encoding_selector`
- Implemented a modal UI accessible via the command palette, shortcuts,
or by clicking the encoding status in the status bar.
- Allows users to select from a list of supported encodings (Shift JIS,
EUC-JP, UTF-16LE, etc.).
2. Updated Buffer logic (crates/language)
- Added a `force_encoding_on_next_reload` flag to the Buffer struct.
- Updated the `reload` method to check this flag and apply the following
logic:
- **Non-Unicode (e.g., Shift JIS):** Bypasses heuristics (like BOM
checks) to force the specified encoding.
- **Unicode (e.g., UTF-8):** Performs standard BOM detection. This
ensures that the BOM is correctly handled/consumed when switching back
to UTF-8.
3. UI / Keymap
- Made the encoding status in the status bar (ActiveBufferEncoding)
clickable.
- Added default keybindings:
- macOS: cmd-k n
- Linux/Windows: ctrl-k n
- Windows: ctrl-k n
## Limitations & Scope
To ensure stability and keep the PR focused, the following scenarios are
intentionally out of scope:
1. **Collaboration and Remote Connections**
- Encoding changes are disabled when collaboration (is_shared) or SSH
remote connections (is_via_remote_server) are active.
- **Reason:** Synchronizing encoding state changes between host/guest or
handling remote reloads involves complex synchronization logic. This PR
focuses on local files only.
`Remote Connection (SSH/WSL)`
|Via status bar|Via shortcut/command|
|:---:|:---:|
|<img width="767" height="136" alt="remote_tooltip"
src="https://github.com/user-attachments/assets/6c7cb293-2486-4f6d-a3ff-2086d939398e"
width="400" />|<img width="742" height="219" alt="remote_shortcut"
src="https://github.com/user-attachments/assets/5448f199-2066-4baf-b349-a983ab2fa77a"
width="400" />|
`Collaboration Session `
|Via status bar|Via shortcut/command|
|:---:|:---:|
|<img width="734" height="86" alt="collab_tooltip"
src="https://github.com/user-attachments/assets/37de99a9-dd33-4c78-98bf-20654d41fdd0"
/>|<img width="720" height="182" alt="collab_pop"
src="https://github.com/user-attachments/assets/91d03ea7-f029-442a-8236-55234576f7ed"
/>|
2. Dirty State
- The feature is disabled if the buffer has unsaved changes to prevent
data loss during reload.
|Via status bar|Via shortcut/command|
|:---:|:---:|
|<img width="545" height="103" alt="local_dirty_tooltip"
src="https://github.com/user-attachments/assets/d9ae658e-52b3-4ecd-9873-d0ec8bd51b5d"
/>|<img width="707" height="178" alt="local_dirty_pop"
src="https://github.com/user-attachments/assets/d170ea1e-9fcb-42e7-aa3e-0555b4a19d86"
/>|
3. Files detected as Binary
Files that worktree detects as "binary" (e.g., UTF-16 files without BOM
containing non-ASCII characters) are not opened in the editor, so this
feature cannot be triggered.
**Future Work**: Fixing this would require modifying crates/worktree
heuristics or exposing a "Force Open as Text" action for InvalidItemView
to trigger. Given the scope and impact, this is deferred to a future PR.
## Test Plan
I verified the feature and BOM handling using the following scenarios:
### Preparation
Used the following test files:
-
[**test_utf8.txt**](https://github.com/user-attachments/files/24548803/test_utf8.txt):
English-only text file. No BOM.
-
[**test_utf8_bom.txt**](https://github.com/user-attachments/files/24548822/test_utf8_bom.txt):
English-only text file. With BOM.
-
[**test_utf8_jp_bom.txt**](https://github.com/user-attachments/files/24548825/test_utf8_jp_bom.txt):
UTF-8 with BOM file containing Japanese characters.
-
[**test_shiftjis_jp.txt**](https://github.com/user-attachments/files/24548827/test_shiftjis_jp.txt):
Shift-JIS file containing Japanese characters (content designed to
trigger misdetection, e.g., using only half-width katakana).
Used an external editor (VS Code or Notepad) for verification.
### Case 1: English-only file behavior
1. Open an English-only UTF-8 file (test_utf8.txt).
2. Reopen as Shift JIS.
3. **Result:**
- Text appearance remains unchanged (since ASCII is compatible).
- Status bar updates to "Shift JIS".
### Case 2: Fixing Mojibake
1. Open a Shift-JIS file (test_shiftjis_jp.txt) that causes detection
failure.
※Confirm it opens with mojibake
2. Select Shift JIS from the status bar selector.
3. **Result:**
- Mojibake is resolved, and Japanese text is displayed correctly.
- Status bar updates to "Shift JIS".
### Case 3: Unicode file with BOM behavior
1. Open an English-only UTF-8 with BOM file (test_utf8_bom.txt).
2. Reopen as `Shift JIS`.
3. **Result:**
- The BOM bytes are displayed as mojibake at the beginning of the file.
- The rest of the English text is displayed normally (ASCII
compatibility).
- Status bar updates to "Shift JIS".
### Case 4: Non-Unicode file with BOM behavior
1. Open a UTF-8 with BOM file containing Japanese
(test_utf8_jp_bom.txt).
2. Reopen as Shift JIS.
3. **Result:**
- The BOM bytes at the start are displayed as mojibake.
- The Japanese text body is displayed as mojibake (UTF-8 bytes
interpreted as Shift JIS).
- Status bar updates to "Shift JIS" (no BOM indicator).
### Case 5: Revert to Unicode
1. From the state in Case 4 (Shift JIS with mojibake), reopen as UTF-8.
2. **Result:**
- The BOM mojibake at the start disappears (consumed).
- The text returns to normal.
- Status bar updates to "UTF-8 (BOM)".
### Case 6: External BOM removal (State sync)
1. Open a UTF-8 with BOM file in Zed (test_utf8_bom.txt).
2. Open the same file in an external editor and save it as UTF-8 (No
BOM).
3. Refocus Zed.
4. **Result:**
- Text appearance remains unchanged.
- The (BOM) indicator disappears from the status bar.
- Saving in Zed and checking externally confirms the BOM is gone.
### Case 7: External BOM addition
1. From the state in Case 6 (UTF-8 No BOM), save as UTF-8 with BOM in
the external editor.
2. Refocus Zed.
3. **Result:**
- The (BOM) indicator appears in the status bar.
- Saving in Zed and checking externally confirms the BOM is present.
### Case 8: External Encoding Change (Auto-detect sync)
1. Open an English-only UTF-8 file in Zed (`test_utf8.txt`).
* *Status bar shows: "UTF-8".*
2. Open the same file in an external editor and save it as **UTF-16LE
with BOM**.
3. Refocus Zed.
4. **Result:**
* The text remains readable (no mojibake).
* **Status bar automatically updates to "UTF-16LE (BOM)".** (Verifies
that `buffer.encoding` is correctly updated during reload).
Release Notes:
- Added "Reopen with Encoding" feature (currently supported for local
files).
---------
Co-authored-by: Conrad Irwin <conrad.irwin@gmail.com>
Following the changes to the namespace caching, CI in the extensions
broke because cache conflicts arose there seemingly. Trying to set the
target here more explicitly in an effort to fix this.
Release Notes:
- N/A
## Summary
Fixes#47540 - Anthropic Claude models not appearing in GitHub Copilot
Chat model picker.
## Problem
Users reported that Anthropic Claude models (Claude Sonnet 4, Claude
Opus 4, etc.) were not appearing in the model picker when using GitHub
Copilot Chat, even though:
- The GitHub Copilot API returns these models
- The models have `model_picker_enabled: true`
- Users have valid Copilot subscriptions with access to these models
## Root Cause
The issue was in the `ModelSupportedEndpoint` enum deserialization. The
enum only defined two variants:
```rust
pub enum ModelSupportedEndpoint {
#[serde(rename = "/chat/completions")]
ChatCompletions,
#[serde(rename = "/responses")]
Responses,
}
```
Anthropic Claude models use the `/v1/messages` endpoint, which wasn't
defined. When deserializing the API response, serde failed with:
```
Error("unknown variant `/v1/messages`, expected `/chat/completions` or `/responses`")
```
Because the crate uses resilient deserialization via
`deserialize_models_skip_errors()`, the entire Claude model was silently
skipped rather than causing a hard failure. This meant users saw no
error - the models simply didn't appear.
## Solution
### 1. Added `/v1/messages` endpoint variant
```rust
pub enum ModelSupportedEndpoint {
#[serde(rename = "/chat/completions")]
ChatCompletions,
#[serde(rename = "/responses")]
Responses,
#[serde(rename = "/v1/messages")]
Messages, // NEW: Anthropic models use this endpoint
#[serde(other)]
Unknown, // NEW: Future-proofing for unknown endpoints
}
```
### 2. Removed incorrect `dedup_by()` call
The previous code deduplicated models by family:
```rust
.dedup_by(|a, b| a.capabilities.family == b.capabilities.family)
```
This incorrectly filtered out model variants that share the same family
(e.g., `claude-sonnet-4` and `claude-sonnet-4-thinking`). Removed this
call to preserve all model variants.
### 3. Removed unused import
Removed `use itertools::Itertools;` which was only used for the
now-removed `dedup_by()`.
## Changes
| File | Change |
|------|--------|
| `crates/copilot_chat/src/copilot_chat.rs` | Added `Messages` and
`Unknown` variants to `ModelSupportedEndpoint` enum |
| `crates/copilot_chat/src/copilot_chat.rs` | Removed `.dedup_by()` call
that incorrectly filtered models |
| `crates/copilot_chat/src/copilot_chat.rs` | Removed unused
`itertools::Itertools` import |
| `crates/copilot_chat/src/copilot_chat.rs` | Added 8 new unit tests |
## Test Coverage
Added 8 new unit tests to ensure the fix works and prevent regression:
| Test | Purpose |
|------|---------|
| `test_models_with_pending_policy_deserialize` | Verifies models with
non-"enabled" policy states deserialize correctly (they're filtered
later) |
| `test_multiple_anthropic_models_preserved` | Verifies multiple Claude
models are not incorrectly deduplicated |
| `test_models_with_same_family_both_preserved` | Verifies models
sharing the same family (e.g., thinking variants) are both preserved |
| `test_mixed_vendor_models_all_preserved` | Verifies models from
different vendors (OpenAI, Anthropic, Google) are all preserved |
| `test_model_with_messages_endpoint_deserializes` | **Critical test**:
Verifies `/v1/messages` endpoint deserializes correctly |
| `test_model_with_unknown_endpoint_deserializes` | Verifies unknown
future endpoints deserialize to `Unknown` variant |
| `test_model_with_multiple_endpoints` | Verifies models with multiple
endpoints deserialize correctly |
| `test_supports_response_method` | Verifies the `supports_response()`
method logic for endpoint routing |
### Test Results
```
running 10 tests
test tests::test_model_with_messages_endpoint_deserializes ... ok
test tests::test_model_with_multiple_endpoints ... ok
test tests::test_model_with_unknown_endpoint_deserializes ... ok
test tests::test_models_with_pending_policy_deserialize ... ok
test tests::test_models_with_same_family_both_preserved ... ok
test tests::test_mixed_vendor_models_all_preserved ... ok
test tests::test_multiple_anthropic_models_preserved ... ok
test tests::test_resilient_model_schema_deserialize ... ok
test tests::test_supports_response_method ... ok
test tests::test_unknown_vendor_resilience ... ok
test result: ok. 10 passed; 0 failed; 0 ignored; 0 measured; 0 filtered out
```
## How to Test Manually
1. Sign in to GitHub Copilot in Zed
2. Open the model picker (Agent panel → model selector dropdown)
3. Verify that Anthropic Claude models appear in the list:
- Claude Sonnet 4
- Claude Opus 4
- Other Claude variants (if enabled in your GitHub Copilot settings)
## Checklist
- [x] Code compiles without errors
- [x] `./script/clippy --package copilot_chat` passes with no warnings
- [x] All unit tests pass
- [x] Change is focused on a single bug fix
- [x] No unrelated refactoring or feature additions
<img width="320" height="400" alt="Screenshot 2026-01-24 at 11 57 21 PM"
src="https://github.com/user-attachments/assets/d5e17e1b-da80-4f4d-a218-d50d35114a21"
/>
Release Notes:
- Fixed Anthropic models not appearing in the Copilot Chat model picker
---------
Co-authored-by: Piotr Osiewicz <24362066+osiewicz@users.noreply.github.com>
Closes#38168Closes#42414
We were already using `ExitStatusExt::from_raw()` to construct an
`ExitStatus`, but we were passing in the exit code from
alacritty_terminal's `ChildExit` event. This worked fine on Windows
where `from_raw()` expects an exit code, but on Unix, `from_raw()`
([read
more](https://doc.rust-lang.org/std/os/unix/process/trait.ExitStatusExt.html#tymethod.from_raw))
expects a raw wait status from `waitpid()` and not an exit code.
When a child process was killed by a signal (e.g., SIGSEGV),
`ExitStatus::code()` returns `None` since only normal exits have an exit
code. This caused the terminal to hang because we weren't properly
detecting the exit.
One fix would have been to remove the dependency on `ExitStatus`
entirely, but using the raw wait status gives us more information, we
can now detect exit codes, signal terminations, and more.
The actual fix was upstream in `alacritty_terminal` to send the raw wait
status instead of just the exit code.
Currently using forked patch
https://github.com/zed-industries/alacritty/tree/v0.16-child-exit-patch
which is based on v0.25.1.
Upstream PR: https://github.com/alacritty/alacritty/pull/8825
Release Notes:
- Fixed terminal hanging when a child process is killed by a signal
(e.g., SIGSEGV from null pointer dereference).
- **title_bar: Extract platform_title_bar from title_bar**
- **file_finder no longer depends on search and agent_servers no longer
depend on language_models**
Release Notes:
- N/A
---------
Co-authored-by: Zed Zippy <234243425+zed-zippy[bot]@users.noreply.github.com>
Users had trouble signing in due to us relying on the Copilot::global
being set, which was never the case. We've decided to use a dedicated
LSP instance just for handling auth of Copilot Chat and other goodies.
That instance is subscribed to by local Copilot instances for projects.
When the Auth instance changes it's state, local instances are prompted
to re-check their own sign in status.
Closes#47352
Co-authored-by: dino <dinojoaocosta@gmail.com>
Release Notes:
- Fixed authentication issues with Copilot.
---------
Co-authored-by: dino <dinojoaocosta@gmail.com>
Co-authored-by: Zed Zippy <234243425+zed-zippy[bot]@users.noreply.github.com>
We might interface with the LSP using URL heres across remotes that have
differing path styles which then breaks every now and then when we have
windows to unix connections. This should helps us fix these occurences
more correctly
Release Notes:
- N/A *or* Added/Fixed/Improved ...
Closes#26866
### Summary
Adds a git graph to Zed, accessible via the `git_graph::Open` action if
a project has an active repository. There's still more to do, but this
is a solid foundation to expand upon. The code structure is in line with
Zed's codebase and shouldn't require architectural changes to add
missing features.
The git graph can be opened via the command palette (`git graph: open`)
or by binding a key to `git_graph::Open`. It's available when the
project has an active git repository.
### Architecture
Similar to the Debugger, the git graph is split between a data layer and
a view/UI layer. When the view layer is rendering, it queries the data
layer for its active state. This setup allows the data layer to lazily
request graph data (only when needed for rendering), abstracts collab
from the view layer, allows most of the data loading to happen on a
background thread, and makes caching easy to implement.
#### Graph Loading
The graph data is loaded in two phases:
1. `Repository::graph_data()` streams commit structure (SHA, parents,
refs) in chunks of 1000 via `git log`
2. `CommitDataReader` lazily fetches full commit details (author,
timestamp, subject) on-demand using a persistent `git cat-file --batch`
process
This two-phase approach makes the initial loading of the graph as fast
as possible, because `git log` takes significantly longer when all the
needed graph data is queried through it. Zed then lazily loads commits
in the user's viewport through `cat-file --batch`. This makes scrolling
to any place in the graph extremely snappy and benefits the
collaborative architecture by only fetching data needed to render the
graph. It also allows Zed to share commit data between different graph
visualizations (e.g., date order vs. topological order).
#### Performance
Tested on both the Zed and LLVM repositories with good performance in
both cases. The two-phase loading approach and lazy fetching keep the UI
responsive even with large commit histories.
#### Testing
I added property testing that builds randomized commit graphs and
verifies that the graph is constructed correctly. This also works as an
integration test and will be expanded in the future to test collab graph
visualization, graph filtering, commit actions, etc.
### New Crate
- `git_graph` (GPL-licensed) — contains UI and graph computation logic
### Not Yet Implemented
- Remote repository support (collab)
- Filtering by branch
- Commit actions (checkout, cherry-pick, etc.)
- Search
- Open commit view for selected commit
- Resizable columns
- Column filtering
#### Reference
<img width="1624" height="976" alt="Screenshot 2025-01-22 at 8 15 39 PM"
src="https://github.com/user-attachments/assets/0f10924a-3964-462f-b320-42d84d02f7bf"
/>
Special thanks to [Alberto Slavica](https://github.com/pyundev) for
submitting #44405, which was a good base to work off of.
Release Notes:
- git: Add initial version of git graph
---------
Co-authored-by: pyundev <pyundev@users.noreply.github.com>
Co-authored-by: Cole Miller <cole@zed.dev>
Co-authored-by: Zed Zippy <234243425+zed-zippy[bot]@users.noreply.github.com>
This PR adds a thinking toggle for controlling whether to use thinking
for a model in the Zed provider:
<img width="645" height="142" alt="Screenshot 2026-01-22 at 12 34 01 PM"
src="https://github.com/user-attachments/assets/9aa543fe-e708-4840-8b38-1a6fbcb78388"
/>
Previously we would create separate "Thinking" variants of the models
that supported thinking in the model selector.
This only applies to Anthropic models in the Zed provider, currently.
This is gated behind the `cloud-thinking-toggle` feature flag.
Release Notes:
- N/A
---------
Co-authored-by: Neel <neel@zed.dev>
- **settings: Do not leak type serialization into downstream crates**
- **worktree: Separate integration tests into separate target**
Release Notes:
- N/A
This PR implements a UI for the side-by-side diff, using blocks to align
the two sides and adding a coherent `SplitEditorElement`.
Release Notes:
- N/A
---------
Co-authored-by: cameron <cameron.studdstreet@gmail.com>
Co-authored-by: Anthony Eid <hello@anthonyeid.me>
Co-authored-by: Zed Zippy <234243425+zed-zippy[bot]@users.noreply.github.com>
## Summary
Implements user-defined slash commands for the agent panel. Users can
create markdown files in `~/.config/zed/commands/` (user-wide) or
`.zed/commands/` (project-specific) that expand into templated text when
invoked via `/command_name` in the chat interface.
## Features
- **File-based commands**: Create `.md` files that become slash commands
- **Template expansion**: Use `$1`, `$2`, etc. for positional arguments,
or `$ARGUMENTS` for all args
- **Namespacing**: Subdirectories create namespaced commands (e.g.,
`frontend/component.md` → `/frontend:component`)
- **Project & user scopes**: Project commands in `.zed/commands/`, user
commands in config dir
- **Claude compatibility**: Can symlink `~/.claude/commands/` for
compatibility
- **Caching**: Commands are cached and watched for file changes
- **Error handling**: Graceful degradation with error display in UI
## Feature Flag
Behind `user-slash-commands` feature flag.
## Testing
52 unit/integration tests covering parsing, validation, expansion, file
loading, symlinks, and error handling.
---
Release Notes:
- N/A (behind feature flag)
---------
Co-authored-by: Zed Zippy <234243425+zed-zippy[bot]@users.noreply.github.com>
This PR removes the `open-ai-responses-api` feature flag and makes it so
all OpenAI requests to the Zed provider use the Responses API.
We've been running this in Nightly/Preview for a week now without any
issues.
Closes CLO-104.
Release Notes:
- N/A
Closes#47098
The root cause of this issue is related to how `Poetry` (and the
upstream `pet-poetry` library) handles path hashing. While perhaps it's
an upstream behavior, we can easily fix it on the Zed side.
The related code are
7ce845210d/crates/languages/src/python.rs (L1181-L1211)
In my debugging, I found that `worktree_root` takes the form
`/home/user/project`, but `config.workspace_directories` often ends up
as `/home/user/project/`(with a trailing slash). Normally this wouldn't
be an issue, but `Poetry` generates environment names based on the hash
of the absolute path. Since the hashes for `/home/user/project` and
`/home/user/project/` are different, `pet-poetry` fails to find the
environment.
The fix is straightforward: we just need to ensure the trailing `/` is
removed so the hashes match.
Release Notes:
- Fixed poetry environment not discovered on linux
Closes#46502
The issue here was that we were not looking into the sub page stack when
looking headers up, resulting in an out of bounds index. This PR fixes
this.
Due to me also fixing another small bug in the UI (and adding proper
support for the breadcrumbs), I had to move quite some stuff around here
to get this to work. Namely, I made the `sub_page_stack` a field on the
`SettingsWindow` and now only store the `active_language` in a global to
ensure that we store scroll positions properly for all sub pages. For
that to work with the edit prediction provider page, I had to remove the
struct there and could just move that into a method, which was a nice
side effect there I suppose.
Release Notes:
- Fixed a crash that could occur when trying to edit edit prediction
providers in the settings UI.
While at it, annotate more functions that are potentially related to
language parsing in buffers.
Also, on macOS, in order to actually have callstack frames properly
recorded by Tracy, you need to manually run `dsymutil` on the binary.
Release Notes:
- N/A
This reduces total code-size of the project crate by ~25%, and reduces
release build time by ~35s thanks to
@osiewicz's proposed fix https://github.com/smol-rs/async-task/issues/66
Release Notes:
- N/A
Co-authored-by: Piotr <piotr@zed.dev>
Adds the ability to create a dev container definition from scratch.
Additionally, separates devcontainer logic out into its own crate, since
it was getting sufficiently complex to separate from the
`recent_projects` crate.
A screen recording of the modal experience:
https://github.com/user-attachments/assets/f6cf95e1-eb7b-4ca3-86c7-c1cbc26ca557
Release Notes:
- Added modal to initialize a dev container definition in the project
with `projects: initialize dev container`
- Added podman support for dev container actions with the `use_podman`
setting
- Improved devcontainer error handling
---------
Co-authored-by: Sam Coward <idoru42@gmail.com>
Rustfmt surrendered here because that method grew a bit too large. This
splits this up into smaller methods in an effort to combat this and make
the code more maintainable.
Release Notes:
- N/A
Closes #ISSUE
Moves the settings content definitions into their own crate, so that
they are compiled+cached separately from settings, primarily to avoid
recompiles due to changes in gpui. In that vain many gpui types such as
font weight/features, and `SharedString` were replaced in the content
crate, either with `*Content` types for font/modifier things, or
`String`/`Arc<str>` for `SharedString`. To make the conversions easy a
new trait method in the settings crate named `IntoGpui::into_gpui`
allows for `into()` like conversions to the gpui types in
`from_settings` impls.
Release Notes:
- N/A
---------
Co-authored-by: Piotr Osiewicz <24362066+osiewicz@users.noreply.github.com>
Static schemas (tasks, snippets, jsonc, keymap, action/*, tsconfig,
package_json, inspector_style) are now computed once on first access
using LazyLock and returned immediately via Task::ready().
These schemas never change at runtime because:
- tasks, snippets, jsonc, inspector_style are derived from static Rust
types
- tsconfig, package_json are bundled JSON files (include_str!)
- keymap and action/* depend only on registered actions, which are
collected at compile/link time via the inventory crate (extensions
cannot add actions)
This eliminates foreground thread blocking for these schema requests.
**New functions added to KeymapFile:**
- `generate_json_schema_from_inventory()`: generates keymap schema
without App context
- `get_action_schema_by_name()`: looks up single action schema without
App context
Release Notes:
- N/A
---------
Co-authored-by: Ben Kunkle <ben@zed.dev>
Closes#40322
When users run multi-line terminal commands, the confirmation dialog was
only showing the first line with '- N more lines' truncated. This meant
dangerous commands like 'rm -rf' or 'sudo' operations could be hidden
from view, creating a security risk.
Now terminal commands always display in full, with scroll support for
very long commands (20+ lines) to keep the confirmation buttons visible.
Other tools continue using truncation for better UI efficiency since
they don't pose the same security concerns.
Release Notes:
- Agent: Fixed terminal command truncation in the agent panel to better
expose long commands (e.g., potentially dangerous multi-line commands
are now fully visible before execution)
---------
Co-authored-by: Danilo Leal <daniloleal09@gmail.com>
Co-authored-by: dino <dinojoaocosta@gmail.com>
- **copilot: Fix double lease panic when signing out**
- **Extract copilot_chat into a separate crate**
- **Do not use re-exports from copilot**
- **Use new SignIn API**
- **Extract copilot_ui out of copilot**
Closes#7501
Release Notes:
- Fixed Copilot providing suggestions from different Zed windows.
- Copilot edit predictions now support jumping to unresolved
diagnostics.
Feature flagged for now as we test this out with actual agents to see if
we need to provide any more feedback to the RFD before committing to the
current setup.
Release Notes:
- N/A
This makes sure that all of the work we do for caching/refreshing
session history is reused everywhere we need to access the list.
Very important for external agents so we aren't rerequesting history on
every search or recent list update. Puts the reloading of history in one
place
Release Notes:
- N/A
This one does `fim_prefix`, `fim_middle`, and `fim_suffix` in that
order, in the prompt, instead of putting the current middle last.
Release Notes:
- N/A
---------
Co-authored-by: Agus Zubiaga <agus@zed.dev>
Co-authored-by: Ben Kunkle <ben@zed.dev>
This PR introduces a project dropdown when working with multiple
folders/projects in one workspace. Here are some interaction details
that I hope improves the UX of working on this scenario significantly:
- The dropdown shows the currently "active" project, which is determined
by:
- Either the file you're currently editing
- Or the file you have just recently switched to
- Some example cases:
- If you are focused on file from project A but switch to project B in
the titlebar, nothing happens. However, as soon as you type on the file
from project A, the title bar will update and your active project will
return to being project A.
- If you're focused on file from project A and change tabs to a file
from project B, the title bar will update, showing project B as the
active one.
- The content you'll see in the branch picker will correspond to the
currently active project
- It's still possible to reach the "Recent Projects" picker through the
project dropdown
- It's possible to do all interactions (trigger dropdown, select active
project, and remove project from workspace) with the keyboard
https://github.com/user-attachments/assets/e2346757-74df-47c5-bf4d-6354623b6f47
Note that this entire UX is valid only for a multiple folder workspace
scenario; nothing changes for the single project case.
Release Notes:
- Workspace: Improved the UX of working with multiple projects in the
same workspace through introducing a project dropdown that more clearly
shows the currently active project as well as allowing you to change it.
This fixes an issue that we noticed in particular with Mercury edit
predictions.
* [x] fix storage to not go stale
* [x] exclude excerpts that intersect the cursor excerpt
* [x] see if string representation of excerpts can be cached, to avoid
rebuilding it on every prediction
Release Notes:
- N/A
---------
Co-authored-by: Ben Kunkle <ben@zed.dev>
This should move almost all access of the threadstore behind the trait,
which unlocks external agents supplying the list
Release Notes:
- N/A
---------
Co-authored-by: Zed Zippy <234243425+zed-zippy[bot]@users.noreply.github.com>
The scheduler integration (#44810) removed the special handling for
realtime audio tasks that spawn them on a dedicated thread. This caused
a panic in the Mac dispatcher when RealtimeAudio priority was passed to
the regular dispatch path.
This restores the original behavior: RealtimeAudio tasks are spawned on
a dedicated thread via dispatcher.spawn_realtime(), using a bounded
channel to send runnables to it.
Release Notes:
- N/A
Release Notes:
- N/A
TL;DR: There was a closed issue 7 hours ago that changed ashpd version,
it needed another bump.
A dependency of gpui called ashpd has a fix in v0.12.1, GPUI has the
0.12 version. After forking zed and patching the gpui source to be mine
with 0.12.1 it was able to use GPUI as a dependency and compile the
project. The error I was getting and the recomendation to do this PR can
be seen in this [closed issue from
ashpd](https://github.com/bilelmoussaoui/ashpd/issues/325).
After changing the dependecy I hit cargo check:
```bash
Finished `dev` profile [unoptimized + debuginfo] target(s) in 4m 24s
```
And cargo run:
```bash
Compiling zed v0.220.0 (/home/user/git/xaviduds/zed/crates/zed)
Finished `dev` profile [unoptimized + debuginfo] target(s) in 9m 44s
Running `target/debug/zed`
```
Zed compiled and opened:
<img width="1920" height="1042" alt="image"
src="https://github.com/user-attachments/assets/8bc524d1-bc4a-43f8-9da4-b02faecca30c"
/>
Release Notes:
- N/A
Description:
E.g. Instead of saying:
2026-01-07T09:08:42-06:00 ERROR [crates/snippet_provider/src/lib.rs:46]
failed to parse snippet
Caused by:
expected an integer
Now the logs give more valuable information like:
2026-01-07T10:47:39-06:00 ERROR [crates/snippet_provider/src/lib.rs:48]
invalid snippet in /Users/oscarvarto/Library/Application
Support/Zed/extensions/installed/django-snippets/./snippets/python.json
(re_path)
`ashpd` 0.11 is incompatible with recent zbus/zvariant releases, causing
a compilation error in Linux. Bumping to 0.12 fixes it.
See: https://github.com/bilelmoussaoui/ashpd/issues/323
To reproduce:
```toml
[package]
name = "test-gpui"
version = "0.1.0"
edition = "2021"
[dependencies]
gpui = { git = "https://github.com/zed-industries/zed" }
```
```bash
...
Compiling ashpd v0.11.0
error[E0277]: the trait bound `AppID: Basic` is not satisfied
--> /home/neulus/.cargo/registry/src/index.crates.io-1949cf8c6b5b557f/ashpd-0.11.0/src/documents/mod.rs:391:16
|
391 | self.0.call("Info", &(doc_id.into())).await
| ^^^^ unsatisfied trait bound
|
help: the trait `Basic` is not implemented for `AppID`
--> /home/neulus/.cargo/registry/src/index.crates.io-1949cf8c6b5b557f/ashpd-0.11.0/src/app_id.rs:10:1
|
10 | pub struct AppID(String);
| ^^^^^^^^^^^^^^^^
= help: the following other types implement trait `Basic`:
&B
BusName<'_>
ErrorName<'_>
InterfaceName<'_>
MemberName<'_>
NonZero<i16>
NonZero<i32>
NonZero<i64>
and 35 others
= note: required for `HashMap<AppID, Vec<Permission>>` to implement `zbus::zvariant::Type`
= note: 1 redundant requirement hidden
= note: required for `(file_path::FilePath, HashMap<AppID, Vec<Permission>>)` to implement `zbus::zvariant::Type`
note: required by a bound in `proxy::Proxy::<'a>::call`
--> /home/neulus/.cargo/registry/src/index.crates.io-1949cf8c6b5b557f/ashpd-0.11.0/src/proxy.rs:172:40
|
166 | pub(crate) async fn call<R>(
| ---- required by a bound in this associated function
...
172 | R: for<'de> Deserialize<'de> + Type,
| ^^^^ required by this bound in `Proxy::<'a>::call`
error[E0277]: the trait bound `DocumentID: Basic` is not satisfied
--> /home/neulus/.cargo/registry/src/index.crates.io-1949cf8c6b5b557f/ashpd-0.11.0/src/documents/mod.rs:500:16
|
500 | self.0.call_versioned("GetHostPaths", &(doc_ids,), 5).await
| ^^^^^^^^^^^^^^ unsatisfied trait bound
|
help: the trait `Basic` is not implemented for `DocumentID`
--> /home/neulus/.cargo/registry/src/index.crates.io-1949cf8c6b5b557f/ashpd-0.11.0/src/app_id.rs:98:1
|
98 | pub struct DocumentID(String);
| ^^^^^^^^^^^^^^^^^^^^^
= help: the following other types implement trait `Basic`:
&B
BusName<'_>
ErrorName<'_>
InterfaceName<'_>
MemberName<'_>
NonZero<i16>
NonZero<i32>
NonZero<i64>
and 35 others
= note: required for `HashMap<DocumentID, file_path::FilePath>` to implement `zbus::zvariant::Type`
note: required by a bound in `proxy::Proxy::<'a>::call_versioned`
--> /home/neulus/.cargo/registry/src/index.crates.io-1949cf8c6b5b557f/ashpd-0.11.0/src/proxy.rs:195:40
|
188 | pub(crate) async fn call_versioned<R>(
| -------------- required by a bound in this associated function
...
195 | R: for<'de> Deserialize<'de> + Type,
| ^^^^ required by this bound in `Proxy::<'a>::call_versioned`
For more information about this error, try `rustc --explain E0277`.
error: could not compile `ashpd` (lib) due to 2 previous errors
```
Release Notes:
- N/A
## Motivation
This PR unifies the async execution infrastructure between GPUI and
other components that depend on the `scheduler` crate (such as our cloud
codebase). By having a scheduler that lives independently of GPUI, we
can enable deterministic testing across the entire stack - testing GPUI
applications alongside cloud services with a single, unified scheduler.
## Summary
This PR completes the integration of the `scheduler` crate into GPUI,
unifying async execution and enabling deterministic testing of GPUI
combined with other components that depend on the scheduler crate.
## Key Changes
### Scheduler Integration (Phases 1-5, previously completed)
- `TestDispatcher` now delegates to `TestScheduler` for timing, clock,
RNG, and task scheduling
- `PlatformScheduler` implements the `Scheduler` trait for production
use
- GPUI executors wrap scheduler executors, selecting `TestScheduler` or
`PlatformScheduler` based on environment
- Unified blocking logic via `Scheduler::block()`
### Dead Code Cleanup
- Deleted orphaned `crates/gpui/src/platform/platform_scheduler.rs`
(older incompatible version)
## Intentional Removals
### `spawn_labeled` and `deprioritize` removed
The `TaskLabel` system (`spawn_labeled`, `deprioritize`) was removed
during this integration. It was only used in a few places for test
ordering control.
cc @maxbrunsfeld @as-cii - The new priority-weighted scheduling in
`TestScheduler` provides similar functionality through
`Priority::High/Medium/Low`. If `deprioritize` is important for specific
test scenarios, we could add it back to the scheduler crate. Let me know
if this is blocking anything.
### `start_waiting` / `finish_waiting` debug methods removed
Replaced by `TracingWaker` in `TestScheduler` - run tests with
`PENDING_TRACES=1` to see backtraces of pending futures when parking is
forbidden.
### Realtime Priority removed
The realtime priority feature was unused in the codebase. I'd prefer to
reintroduce it when we have an actual use case, as the implementation
(bounded channel with capacity 1) could potentially block the main
thread. Having a real use case will help us validate the design.
## Testing
- All GPUI tests pass
- All scheduler tests pass
- Clippy clean
## Architecture
```
┌─────────────────────────────────────────────────────────────┐
│ GPUI │
│ ┌──────────────────────┐ ┌────────────────────────────┐ │
│ │ gpui::Background- │ │ gpui::ForegroundExecutor │ │
│ │ Executor │ │ - wraps scheduler:: │ │
│ │ - scheduler: Arc< │ │ ForegroundExecutor │ │
│ │ dyn Scheduler> │ └────────────┬───────────────┘ │
│ └──────────┬───────────┘ │ │
│ │ │ │
│ └──────────┬──────────────────┘ │
│ ▼ │
│ ┌───────────────────────┐ │
│ │ Arc<dyn Scheduler> │ │
│ └───────────┬───────────┘ │
│ ┌──────────────┴──────────────┐ │
│ ▼ ▼ │
│ ┌──────────────────┐ ┌────────────────────┐ │
│ │ PlatformScheduler│ │ TestScheduler │ │
│ │ (production) │ │ (deterministic) │ │
│ └──────────────────┘ └────────────────────┘ │
└─────────────────────────────────────────────────────────────┘
```
Release Notes:
- N/A
---------
Co-authored-by: Antonio Scandurra <me@as-cii.com>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Co-authored-by: Yara <git@yara.blue>
Co-authored-by: Zed Zippy <234243425+zed-zippy[bot]@users.noreply.github.com>
This PR adds support for using the OpenAI Responses API through the Zed
provider.
This is gated behind the `open-ai-responses-api` feature flag.
Part of CLO-34.
Release Notes:
- N/A
This PR adds the foundation for the subagents feature:
- Add `SubagentsFeatureFlag` with staff-disabled default
- Create `SubagentTool` struct with input schema for
task/summary/context-low prompts
- Register `SubagentTool` conditionally when feature flag is enabled
- Tool returns stub message 'not yet implemented' for now
Release Notes:
- N/A
---------
Co-authored-by: Amp <amp@ampcode.com>
Co-authored-by: Mikayla Maki <mikayla@zed.dev>
Co-authored-by: Yara <yara@zed.dev>
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
|
[aws-sdk-bedrockruntime](https://redirect.github.com/awslabs/aws-sdk-rust)
| workspace.dependencies | minor | `1.112.0` → `1.113.0` |
---
> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.
### GitHub Vulnerability Alerts
####
[GHSA-g59m-gf8j-gjf5](https://redirect.github.com/awslabs/aws-sdk-rust/security/advisories/GHSA-g59m-gf8j-gjf5)
## **Summary**
This notification is related to the use of specific values for the
region input field when calling AWS services. An actor with access to
the environment in which the SDK is used could set the region input
field to an invalid value.
A defense-in-depth enhancement has been implemented in the AWS SDK for
Rust. This enhancement validates that a region used to construct an
endpoint URL is a valid host label. The change was released on November
6, 2025. This advisory is informational to help customers understand
their responsibilities regarding configuration security.
## **Impact**
Customer applications could be configured to improperly route AWS API
calls to non-existent or non-AWS hosts. While the SDK was functioning
safely within the requirements of the shared responsibility model,
additional safeguards have been added to support secure customer
implementations.
**Impacted versions**: All versions prior to [November 6, 2025
release](https://redirect.github.com/awslabs/aws-sdk-rust/releases/tag/release-2025-11-06)
## **Patches**
On November 6, 2025, an enhancement [1] was made to the AWS SDK for Rust
release, which validates the formatting of a region, providing
additional safeguards.
## **Workarounds**
No workarounds are needed, but as always developers should ensure that
their application is following security best practices:
- Implement proper input validation in your application code
- Update to the latest AWS SDK for Rust release on a regular basis
- Follow AWS security best practices [2] for SDK configuration
## **References**
Contact AWS Security via the vulnerability reporting page or email
[aws-security@amazon.com](mailto:aws-security@amazon.com).
## **Acknowledgement**
AWS Security thanks Guy Arazi for bringing these customer security
considerations to our attention through the coordinated disclosure
process.
[1]
[https://github.com/smithy-lang/smithy-rs/pull/4383](https://redirect.github.com/smithy-lang/smithy-rs/pull/4383)
[2] https://docs.aws.amazon.com/sdk-for-rust/latest/dg/security.html
---
### Configuration
📅 **Schedule**: Branch creation - "" in timezone America/New_York,
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
Release Notes:
- N/A
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi43NC41IiwidXBkYXRlZEluVmVyIjoiNDIuNzQuNSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [aws-sdk-kinesis](https://redirect.github.com/awslabs/aws-sdk-rust) |
dependencies | minor | `1.91.0` → `1.95.0` |
---
> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.
### GitHub Vulnerability Alerts
####
[GHSA-g59m-gf8j-gjf5](https://redirect.github.com/awslabs/aws-sdk-rust/security/advisories/GHSA-g59m-gf8j-gjf5)
## **Summary**
This notification is related to the use of specific values for the
region input field when calling AWS services. An actor with access to
the environment in which the SDK is used could set the region input
field to an invalid value.
A defense-in-depth enhancement has been implemented in the AWS SDK for
Rust. This enhancement validates that a region used to construct an
endpoint URL is a valid host label. The change was released on November
6, 2025. This advisory is informational to help customers understand
their responsibilities regarding configuration security.
## **Impact**
Customer applications could be configured to improperly route AWS API
calls to non-existent or non-AWS hosts. While the SDK was functioning
safely within the requirements of the shared responsibility model,
additional safeguards have been added to support secure customer
implementations.
**Impacted versions**: All versions prior to [November 6, 2025
release](https://redirect.github.com/awslabs/aws-sdk-rust/releases/tag/release-2025-11-06)
## **Patches**
On November 6, 2025, an enhancement [1] was made to the AWS SDK for Rust
release, which validates the formatting of a region, providing
additional safeguards.
## **Workarounds**
No workarounds are needed, but as always developers should ensure that
their application is following security best practices:
- Implement proper input validation in your application code
- Update to the latest AWS SDK for Rust release on a regular basis
- Follow AWS security best practices [2] for SDK configuration
## **References**
Contact AWS Security via the vulnerability reporting page or email
[aws-security@amazon.com](mailto:aws-security@amazon.com).
## **Acknowledgement**
AWS Security thanks Guy Arazi for bringing these customer security
considerations to our attention through the coordinated disclosure
process.
[1]
[https://github.com/smithy-lang/smithy-rs/pull/4383](https://redirect.github.com/smithy-lang/smithy-rs/pull/4383)
[2] https://docs.aws.amazon.com/sdk-for-rust/latest/dg/security.html
---
### Configuration
📅 **Schedule**: Branch creation - "" in timezone America/New_York,
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
Release Notes:
- N/A
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi43NC41IiwidXBkYXRlZEluVmVyIjoiNDIuNzQuNSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [aws-sdk-s3](https://redirect.github.com/awslabs/aws-sdk-rust) |
dependencies | minor | `1.108.0` → `1.112.0` |
---
> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.
### GitHub Vulnerability Alerts
####
[GHSA-g59m-gf8j-gjf5](https://redirect.github.com/awslabs/aws-sdk-rust/security/advisories/GHSA-g59m-gf8j-gjf5)
## **Summary**
This notification is related to the use of specific values for the
region input field when calling AWS services. An actor with access to
the environment in which the SDK is used could set the region input
field to an invalid value.
A defense-in-depth enhancement has been implemented in the AWS SDK for
Rust. This enhancement validates that a region used to construct an
endpoint URL is a valid host label. The change was released on November
6, 2025. This advisory is informational to help customers understand
their responsibilities regarding configuration security.
## **Impact**
Customer applications could be configured to improperly route AWS API
calls to non-existent or non-AWS hosts. While the SDK was functioning
safely within the requirements of the shared responsibility model,
additional safeguards have been added to support secure customer
implementations.
**Impacted versions**: All versions prior to [November 6, 2025
release](https://redirect.github.com/awslabs/aws-sdk-rust/releases/tag/release-2025-11-06)
## **Patches**
On November 6, 2025, an enhancement [1] was made to the AWS SDK for Rust
release, which validates the formatting of a region, providing
additional safeguards.
## **Workarounds**
No workarounds are needed, but as always developers should ensure that
their application is following security best practices:
- Implement proper input validation in your application code
- Update to the latest AWS SDK for Rust release on a regular basis
- Follow AWS security best practices [2] for SDK configuration
## **References**
Contact AWS Security via the vulnerability reporting page or email
[aws-security@amazon.com](mailto:aws-security@amazon.com).
## **Acknowledgement**
AWS Security thanks Guy Arazi for bringing these customer security
considerations to our attention through the coordinated disclosure
process.
[1]
[https://github.com/smithy-lang/smithy-rs/pull/4383](https://redirect.github.com/smithy-lang/smithy-rs/pull/4383)
[2] https://docs.aws.amazon.com/sdk-for-rust/latest/dg/security.html
---
### Configuration
📅 **Schedule**: Branch creation - "" in timezone America/New_York,
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
Release Notes:
- N/A
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi43NC41IiwidXBkYXRlZEluVmVyIjoiNDIuNzQuNSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Some code got added to `workspace` that prevents us from running tests
for the `edit_prediction(cli)` crates specifically without the
`test-support` feature flag.
Release Notes:
- N/A
Co-authored-by: Ben Kunkle <ben@zed.dev>
The `vim` crate's tests depend on `git_ui`, which transitively depends
on `recent_projects` with `test-support` enabled. This causes
`recent_projects` to include RemoteConnectionOptions::Mock` variant
handling. However, `git_ui` was not enabling its `test-support` feature,
causing compilation failures when the Mock variant was expected but not
available.
This commit enables the `test-support` feature for both `git_ui` and
`title_bar` dev-dependencies in the `vim` crate, ensuring the Mock
variant is consistently available during testing.
Release Notes:
- N/A
Adds a new `ep split` command that splits JSONL datasets into multiple
output files with stratification by `repository_url` when present.
Example usage:
ep split input.jsonl train.jsonl=80% valid.jsonl=rest
Release Notes:
- N/A
Hi Zed team thank you for the awesome editor!
I recently stumbled upon a markdown sequence that seems to cause a crash
```md
- [ ] -
\
-
```
*easier to read escape characters below
```rust
let crash_input = "-\t[\t] -\r\\\n-"
println!("{}", crash_input)
```
## how to reproduce
1. copy the markdown above
2. save the file
3. `[shift]` + `[cmd]` + `p` to open the command palette
4. select `markdown: open preview`
5. crash
I've confirmed that the issue is a bug in pulldown-cmark version 12, and
has been resolved in version
[v0.13.0](https://github.com/pulldown-cmark/pulldown-cmark/releases/tag/v0.13.0)
and specifically fixed in
https://github.com/pulldown-cmark/pulldown-cmark/pull/1017
this PR simply bumps the pulldown-cmark version in zed which resolves
the crash on my local machine.
## recording
https://github.com/user-attachments/assets/dc77132f-0d43-40f3-9841-0bf34fe714fb
Release Notes:
- Fixes crash due to markdown parsing via bumping pulldown-cmark
## Context / Related PRs This PR is the third part of the encoding
support improvements, following:
- #44819: Introduced initial legacy encoding support (Shift-JIS, etc.).
- #45243: Fixed UTF-16 saving behavior and improved binary detection.
## Summary
This PR implements a status bar item that displays the character
encoding of the active buffer (e.g., `UTF-8`, `Shift_JIS`). It provides
visibility into the file's encoding and indicates the presence of a Byte
Order Mark (BOM).
## Features
- **Encoding Indicator**: Displays the encoding name in the status bar.
- **BOM Support**: Appends `(BOM)` to the encoding name if a BOM is
detected (e.g., `UTF-8 (BOM)`).
- **Configuration**: The active_encoding_button setting in status_bar
accepts "enabled", "disabled", or "non_utf8". The default is "non_utf8",
which displays the indicator for all encodings except standard UTF-8
(without BOM).
- **Settings UI**: Provides a dropdown menu in the Settings UI to
control this behavior.
- **Documentation**: Updated `configuring-zed.md` and
`visual-customization.md`.
## Implementation Details
- Created `ActiveBufferEncoding` component in
`crates/encoding_selector`.
- The click handler for the button is currently a **no-op**.
Implementing the functionality to reopen files with a specific encoding
has potential implications for real-time collaboration (e.g., syncing
buffer interpretation across peers). Therefore, this PR focuses strictly
on the visualization and configuration aspects to keep the scope simple
and focused.
- Updated schema and default settings to include
`active_encoding_button`.
## Screenshots
<img width="487" height="104" alt="image"
src="https://github.com/user-attachments/assets/041f096d-ac69-4bad-ac53-20cdcb41f733"
/>
<img width="454" height="99" alt="image"
src="https://github.com/user-attachments/assets/ed76daa2-2733-484f-bb1f-4688357c035a"
/>
## Configuration
To hide the button, add the following to `settings.json`:
```json
"status_bar": {
"active_encoding_button": "disabled"
}
```
- **enabled**: Always show the encoding.
- **disabled**: Never show the encoding.
- **non_utf8**: Shows for non-UTF-8 encodings and UTF-8 with BOM. Only
hides for standard UTF-8 (Default).
<img width="1347" height="415" alt="image"
src="https://github.com/user-attachments/assets/7f4f4938-3320-4d21-852c-53ee886d9a44"
/>
## Heuristic Limitations:
The underlying detection logic (implemented in #44819 and #45243)
prioritizes UTF-8 opening performance and does not guarantee perfect
detection for all encodings. We consider this margin of error
acceptable, similar to the behavior seen in VS Code. A future "Reopen
with Encoding" feature would serve as the primary fallback for any
misdetections.
Release Notes:
- Added a status bar item to display the active file's character encoding (e.g. `UTF-16`). This shows for non-utf8 files by default and can be configured with `{"status_bar":{"active_encoding_button":"disabled|enabled|non_utf8"}}`
Now when the agent reads images (which the tool now explicitly
advertises to agents that it is capable of; previously the tool said it
could only read text even though it can actually read images), we see
them in the thread, and also they are auto-expanded by default so you
can see them when scrolling through:
<img width="725" height="1019" alt="Screenshot 2026-01-06 at 2 57 11 PM"
src="https://github.com/user-attachments/assets/5c908bad-48f2-46c2-afaa-7f189a178e05"
/>
This also adds a visual regression test that verifies images render
correctly in the agent thread view.
Unlike our previous visual tests, this one only renders the agent panel,
not the entire Zed window.
The "screenshot" it generates (rendered to a Metal texture) is from
completely mocked/simulated data structures, and looks like this:
<img width="546" height="984" alt="Screenshot 2026-01-06 at 2 54 41 PM"
src="https://github.com/user-attachments/assets/89a0921f-59e9-4dfe-94b2-4c3b625a851b"
/>
## Changes
- **New visual test**: `agent_thread_with_image` renders an
`AcpThreadView` containing a tool call with image content (the Zed app
icon)
- **Test infrastructure**: Added `StubAgentServer` helper and required
feature flags for visual testing
- **Test-support API**: Added `expand_tool_call()` method to
`AcpThreadView` to allow expanding tool calls for visual testing
- **Baseline screenshot**: Included baseline image showing the Zed logo
rendered in a tool call output
## How to run
```bash
# Run the visual tests
cargo run -p zed --bin visual_test_runner --features visual-tests
# Update baselines if UI intentionally changed
UPDATE_BASELINE=1 cargo run -p zed --bin visual_test_runner --features visual-tests
```
Release Notes:
- N/A
---------
Co-authored-by: Zed Zippy <234243425+zed-zippy[bot]@users.noreply.github.com>
Co-authored-by: Amp <amp@ampcode.com>
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [rsa](https://redirect.github.com/RustCrypto/RSA) |
workspace.dependencies | patch | `0.9.9` → `0.9.10` |
---
> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.
### GitHub Vulnerability Alerts
####
[GHSA-9c48-w39g-hm26](https://redirect.github.com/RustCrypto/RSA/security/advisories/GHSA-9c48-w39g-hm26)
When creating a RSA private key from its components, the construction
panics, instead of returning an error, when one of the primes is `1`.
Discovered by Christian Reitter from [Radically Open
Security](https://www.radicallyopensecurity.com/) during a security
review for [Proton AG](https://proton.me/).
---
### Release Notes
<details>
<summary>RustCrypto/RSA (rsa)</summary>
###
[`v0.9.10`](https://redirect.github.com/RustCrypto/RSA/compare/v0.9.9...v0.9.10)
[Compare
Source](https://redirect.github.com/RustCrypto/RSA/compare/v0.9.9...v0.9.10)
</details>
---
### Configuration
📅 **Schedule**: Branch creation - "" in timezone America/New_York,
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
Release Notes:
- N/A
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi42OS4xIiwidXBkYXRlZEluVmVyIjoiNDIuNjkuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Release Notes:
- Fixed an issue on macOS where audio playback would become temporarily
scrambled when doing lots of IO operations, such as when running `git
pull` or `git checkout` while in a call.
Breadcrumb visual reorchestration which makes a couple of key changes:
- Breadcrumbs are now displayed in file headers for multibuffer views.
Singleton buffers are unchanged.
- Multibuffer views now have collapse/expand all buttons available in
the toolbar
- Search in multibuffer views now takes up less space, by occupying the
primary toolbar location erstwhile taken up by breadcrumbs
<img width="1721" height="823" alt="Screenshot 2025-12-22 at 4 15 41 PM"
src="https://github.com/user-attachments/assets/38e924f7-fe9e-4c83-84fb-2eee98137f43"
/>
<img width="1722" height="762" alt="Screenshot 2025-12-22 at 4 15 51 PM"
src="https://github.com/user-attachments/assets/ccc98ca3-75ce-4aca-bceb-890817b0f04d"
/>
Release Notes:
- Moved breadcrumbs to file headers in multibuffer views
- Added collapse/expand all options for multibuffer views
- Improved use of space for multibuffer search by taking the place of
the former breadcrumb toolbar location
---------
Co-authored-by: Danilo Leal <daniloleal09@gmail.com>
Co-authored-by: Zed Zippy <234243425+zed-zippy[bot]@users.noreply.github.com>
Subpixel text rendering is now implemented on Windows and Linux.
Comparison screenshots:
|Before|After|
| ------------- | ------------- |
| <img width="400"
src="https://github.com/user-attachments/assets/9d720d2c-2ec4-4adf-a83f-7c2d81d30025"
/> | <img width="400"
src="https://github.com/user-attachments/assets/8fd7dc2a-8ca0-4f71-86cd-55460f568f7a"
/> |
Release Notes:
- Added support for subpixel (ClearType-style) text rendering. This
improves the legibility of text on standard DPI displays. Subpixel
rendering is enabled by default on Windows and Linux and can be
configured using the `text_rendering_mode` setting.
---------
Co-authored-by: Max Brunsfeld <maxbrunsfeld@gmail.com>
## Screenshot testing
Adds visual testing infrastructure for GPUI that captures screenshots by
rendering directly to Metal textures. The
The screenshots end up in `target/visual_tests/` and look like this:
<img width="2560" height="1600" alt="workspace_with_editor2"
src="https://github.com/user-attachments/assets/54112343-4af1-4347-9bab-f099de97dd29"
/>
<img width="2560" height="1600" alt="project_panel2"
src="https://github.com/user-attachments/assets/0cd54b61-dace-4398-a28e-0b4d7c2968f6"
/>
### Key Features
- **Direct texture capture**: Screenshots are captured by rendering the
scene to a Metal texture and reading pixels directly from GPU memory,
rather than using ScreenCaptureKit
- **No visibility requirements**: Windows don't need to be visible on
screen since we read directly from the render pipeline
- **Deterministic output**: Captures exactly what GPUI renders, not what
the OS compositor displays
- **No permissions needed**: Doesn't require Screen Recording permission
like ScreenCaptureKit would
### Running the Visual Tests
```bash
# Run visual tests (compares against baselines)
cargo run -p zed --bin visual_test_runner --features visual-tests
# Update baseline images (when UI intentionally changes)
UPDATE_BASELINE=1 cargo run -p zed --bin visual_test_runner --features visual-tests
# View the captured screenshots
open target/visual_tests/
```
### Implementation
- `Window::render_to_image()` - Renders the current scene to a texture
and returns an `RgbaImage`
- `MetalRenderer::render_to_image()` - Core implementation that renders
to a non-framebuffer-only texture
- `VisualTestAppContext` - Test context that uses real macOS platform
rendering
- `VisualTestAppContext::capture_screenshot()` - Synchronous screenshot
capture using direct texture rendering
### Usage
```rust
let mut cx = VisualTestAppContext::new();
let window = cx.open_window(...)?;
let screenshot: RgbaImage = cx.capture_screenshot(window.into())?;
```
Release Notes:
- N/A
---------
Co-authored-by: Amp <amp@ampcode.com>
Add support for OpenAI's /responses endpoint for models that don't
support /chat/completions API. This enables compatibility with newer
model variants (`gpt-5-codex`, `gpt-5-pro`, `o3-pro`, etc) while
maintaining compatibility with existing configs
Changes:
- Add `supports_chat_completions` flag to model capabilities that
defaults to true for existing behavior
- Implement responses API client with streaming support as per [OpenAI
documentation](https://app.stainless.com/api/spec/documented/openai/openapi.documented.yml).
- Add `ResponseEventMapper` to convert responses events to completion
events for maintainer simplicity
- Update UI to allow toggling `chat_completions` capability
- Add `gpt-5-codex` model
Closes#38858
Release Notes:
- Added support for `gpt-5-codex` model
---------
Co-authored-by: Bennet Bo Fenner <bennet@zed.dev>
Generates a training or evaluation example from a
chronologically-ordered commit. This is a port from the Python codebase
(except for the reorder_patch.rs, which was originally written in Rust
in).
Release Notes:
- N/A
This PR removes the ability to retrieve a Supermaven API key from
Collab.
This was staff-gated (at least, on the server), and judging by the logs,
no one is using it.
Release Notes:
- N/A
* Fix some bugs in capture of EP examples from running app
* Tweak markdown format for EP examples
* Store repo and revision in TOML front matter
* Represent cursor position using a comment line
* Allow multiple expected patches in evals
* Remove line-based scoring criteria for evals
* Add a `synthesize` subcommand to the EP cli that generates examples
from git commits
Release Notes:
- N/A
This makes this take the LSP adapter delegate instead of the binary
itself.
Despite us passing `LanguageServerBinaryOptions` with `allow_download:
false`, extensions would still try to download the binary because it was
never implemented for these to respect that. This would cause us to try
to download all langauge servers provided by extensions when opening a
settings file and/or requesting the JSON schema for that.
This PR fixes this by passing the LSP adapter delegate instead, so the
few language servers which actually want to have the binary for
resolving the initialization options can decide on this by themselves.
With that, we no longer download all language servers for the schema
request
Release Notes:
- N/A
This PR reworks the (still feature-gated) side-by-side diff view to use
a different approach to representing the multibuffers on the left- and
right-hand sides.
Previously, these two multibuffers used identical sets of buffers and
excerpts, and were made to behave differently by adding a new knob to
the multibuffer controlling how diffs are displayed. Specifically, the
left-hand side multibuffer would filter out the added range of each hunk
from the excerpts using a new `FilteredInsertedHunk` diff transform, and
the right-hand side would simply not show the deleted sides of expanded
hunks. This approach has some problems:
- Line numbers, and actions that navigate by line number, behaved
incorrectly for the left-hand side.
- Syntax highlighting and other features that use the buffer syntax tree
also behaved incorrectly for the left-hand side.
In this PR, we've switched to using independent buffers to build the
left-hand side. These buffers are constructed using the base texts for
the corresponding diffs, and their lifecycle is managed by `BufferDiff`.
The red "deleted" regions on the left-hand side are represented by
`BufferContent` diff transforms, not `DeletedHunk` transforms. This
means each excerpt on the left represents a contiguous slice of a single
buffer, which fixes the above issues by construction.
The tradeoff with this new approach is that we now have to manually
synchronize excerpt ranges from the right side to the left, which we do
using `BufferDiffSnapshot::row_to_base_text_row`.
Release Notes:
- N/A
---------
Co-authored-by: cameron <cameron.studdstreet@gmail.com>
Co-authored-by: HactarCE <6060305+HactarCE@users.noreply.github.com>
Co-authored-by: Miguel Raz Guzmán Macedo <miguel@zed.dev>
Co-authored-by: Anthony <anthony@zed.dev>
Co-authored-by: Cameron <cameron@zed.dev>
This PR improves the `edit prediction: Capture Example` in several ways:
* fixed bugs in how the uncommitted diff was calculated
* added a `edit_predictions.examples_dir` setting that can be set in
order to have the action automatically save examples into the given
folder
* moved the action into the `edit_predictions` crate, in preparation for
collecting this data passively from end users, when they have opted in
to data sharing, similar to what we did for Zeta 1
Release Notes:
- N/A
Closes#18287
Release Notes:
- Added autocomplete for lsp initialization_options
## Description
This MR adds the following code-changes:
- `initialization_options_schema` to the `LspAdapter` to get JSON
Schema's from the language server
- Adds a post-processing step to inject schema request paths into the
settings schema in `SettingsStore::json_schema`
- Adds an implementation for fetching the schema for rust-analyzer which
fetches it from the binary it is provided with
- Similarly for ruff
<img width="857" height="836" alt="image"
src="https://github.com/user-attachments/assets/3cc10883-364f-4f04-b3b9-3c3881f64252"
/>
## Open Questions(Would be nice to get some advice here)
- Binary Fetching:
- I'm pretty sure the binary fetching is suboptimal. The main problem
here was getting access to the delegate but i figured that out
eventually in a way that i _hope_ should be fine.
- The toolchain and binary options can differ from what the user has
configured potentially leading to mismatches in the autocomplete values
returned(these are probably rarely changed though). I could not really
find a way to fetch these in this context so the provided ones are for
now just `default` values.
- For the trait API it is just provided a binary, since i wanted to use
the potentially cached binary from the CachedLspAdapter. Is that fine
our should the arguments be passed to the LspAdapter such that it can
potentially download the LSP?
- As for those LSPs with JSON schema files in their repositories i can
add the files to zed manually e.g. in
languages/language/initialization_options_schema.json, which could cause
mismatches with the actual binary. Is there a preferred approach for Zed
here also with regards to updating them?
Closes #ISSUE
Uses the existing `--dump-all-actions` arg on the Zed binary to generate
an asset of all of our actions so that the `docs_preprocessor` can
injest it, rather than depending on the Zed crate itself to collect all
action names
Release Notes:
- N/A *or* Added/Fixed/Improved ...
---------
Co-authored-by: Zed Zippy <234243425+zed-zippy[bot]@users.noreply.github.com>
Closes #ISSUE
A [modal dialog](https://en.wikipedia.org/wiki/Modal_window) window is a
window that demands the user's immediate attention and blocks
interaction with other parts of the application until it's closed.
- On Windows this is done by disabling the parent window when the dialog
window is created and re-enabling the parent window when closed.
- On Wayland this is done using the
[`XdgDialog`](https://wayland.app/protocols/xdg-dialog-v1) protocol,
which hints to the compositor that the dialog should be modal. While
compositors like GNOME and KDE block parent interaction automatically,
the XDG specification does not guarantee this behavior, compositors may
deliver events to the parent window unfiltered. Since the specification
explicitly requires clients to implement event filtering logic
themselves, this PR implements client-side blocking in GPUI to ensure
consistent modal behavior across all Wayland compositors, including
those like Hyprland that don't block parent interaction.
- On X11 this is done by enabling the application window property
[`_NET_WM_STATE_MODAL`](https://specifications.freedesktop.org/wm/latest/ar01s05.html#id-1.6.8)
state.
I'm unable to implement this on MacOS as I lack the experience and the
hardware to test it. If anyone is interested on implementing this let me
know.
|Window|Linux (wayland)| Linux (x11) |MacOS|
|-|-|-|-|
|<video
src="https://github.com/user-attachments/assets/bfd0733a-445d-4b63-ac6b-ebe098a7dc74"></video>|<video
src="https://github.com/user-attachments/assets/024cd6ec-ff81-4250-a5be-5d207a023f8c"></video>|
N/A | <video
src="https://github.com/user-attachments/assets/656e60a5-26b2-4ee2-8368-1fbbe872453c"></video>|
TODO:
- [x] Block parent interaction client-side on X11
Release Notes:
- Added modal dialog window kind on GPUI
---------
Co-authored-by: Jason Lee <huacnlee@gmail.com>
Co-authored-by: Anthony Eid <anthony@zed.dev>
Co-authored-by: Anthony Eid <hello@anthonyeid.me>
## Summary
Addresses #16965
This PR adds support for **opening and saving** files with legacy
encodings (non-UTF-8).
Previously, Zed failed to open files encoded in Shift-JIS, EUC-JP, Big5,
etc., displaying a "Could not open file" error screen. This PR
implements automatic encoding detection upon opening and ensures the
original encoding is preserved when saving.
## Implementation Details
1. **Worktree (Loading)**:
* Updated `load_file` to use `chardetng` for automatic encoding
detection.
* Files are decoded to UTF-8 internal strings for editing, while
preserving the detected `Encoding` metadata.
2. **Language / Buffer**:
* Added an `encoding` field to the `Buffer` struct to store the detected
encoding.
3. **Worktree (Saving)**:
* Updated `write_file` to accept the stored encoding.
* **Performance Optimization**:
* **UTF-8 Path**: Uses the existing optimized `fs.save` (streaming
chunks directly from Rope), ensuring no performance regression for the
vast majority of files.
* **Legacy Encoding Path**: Implemented a fallback that converts the
Rope to a contiguous `String/Bytes` in memory, re-encodes it to the
target format (e.g., Shift-JIS), and writes it to disk.
* *Note*: This fallback involves memory allocation, but it is necessary
to support legacy encodings without refactoring the `fs` crate's
streaming interfaces.
## Changes
- `crates/worktree`:
- Add dependencies: `encoding_rs`, `chardetng`.
- Update `load_file` to detect encoding and decode content.
- Update `write_file` to handle re-encoding on save.
- `crates/language`: Add `encoding` field and accessors to `Buffer`.
- `crates/project`: Pass encoding information between Worktree and
Buffer.
- `crates/vim`: Update `:w` command to use the new `write_file`
signature.
## Verification
I validated this manually using a Rust script to generate test files
with various encodings.
**Results:**
* ✅ **Success (Opened & Saved correctly):**
* **Japanese:** `Shift-JIS` (CP932), `EUC-JP`, `ISO-2022-JP`
* **Chinese:** `Big5` (Traditional), `GBK/GB2312` (Simplified)
* **Western/Unicode:** `Windows-1252` (CP1252), `UTF-16LE`, `UTF-16BE`
* ⚠️ **limitations (Detection accuracy):**
* Some specific encodings like `KOI8-R` or generic `Latin1` (ISO-8859-1)
may partially display replacement characters (`?`) depending on the file
content length. This is a known limitation of the heuristic detection
library (`chardetng`) rather than the saving logic.
Release Notes:
- Added support for opening and saving files with legacy encodings
(Shift-JIS, Big5, etc.)
---------
Co-authored-by: CrazyboyQCD <53971641+CrazyboyQCD@users.noreply.github.com>
Co-authored-by: Conrad Irwin <conrad.irwin@gmail.com>
Closes#10910
Follow up work continuing from the last PR
https://github.com/zed-industries/zed/pull/42659. Add the UI element for
displaying vim like which-key menu.
https://github.com/user-attachments/assets/3dc5f0c9-5a2f-459e-a3db-859169aeba26
Release Notes:
- Added a which-key like modal with a compact, single-column panel
anchored to the bottom-right. You can enable with `{"which_key":
{"enabled": true}}` in your settings.
---------
Co-authored-by: Conrad Irwin <conrad.irwin@gmail.com>
Co-authored-by: Zed Zippy <234243425+zed-zippy[bot]@users.noreply.github.com>
