archon

GitHub App auth for the bot, multi-user attribution, Slack UX overhaul, experimental /console, two new community providers (OpenCode and GitHub Copilot), Codex MCP support, and broad workflow/provider hardening.

Added

• GitHub App authentication for the bot: replaces the shared GITHUB_TOKEN PAT with a GitHub App + multi-installation routing. Each repo resolves to the installation that owns it; tokens are minted on demand, cached per installation, refreshed before expiry, and never persisted. Includes a loopback-only /internal/git-credential endpoint (with a hard 127.0.0.1 bind check, opt-out via ARCHON_ALLOW_INTERNAL_ON_PUBLIC_BIND=1) so long-running workflow git operations can transparently refresh installation tokens via a git-credential-archon helper installed into the worktree's .git/config (#1788).
• Per-user attribution: user_id is now plumbed from chat and forge adapters through the orchestrator into conversations, messages, workflow_runs, and isolation_environments. New users and user_identities tables map platform identities (Slack U-id, Telegram chat id, Discord snowflake, GitHub login) to an Archon-internal user, created lazily on first sight (#1783).
• Slack UX upgrade: interactive buttons, status reactions, and native slash commands replace the previous text-only flow. Approval gates, run status, and errors are now surfaced through Slack's UI primitives (#1757).
• Experimental run-centric console UI at /console, mounted as an isolated in-repo spike under packages/web/src/experiments/console/. Lint-guarded against importing production web modules so it can be dropped in or deleted cleanly (#1747).
• assistants.opencode provider: community provider that runs OpenCode as an embedded runtime, with per-node agent materialization, multi-agent sessions, structured output, token usage, and multi-agent MCP tool execution (#1384).
• GitHub Copilot community provider: registered as a builtIn: false provider in the registry (#1505).
• Codex MCP nodes: MCP server support for Codex workflow nodes via the shared loadMcpConfig module — pass mcp: <path> on a Codex node and the config is translated to Codex's mcp_servers overrides at runtime. MCP client errors are surfaced to the workflow author as system chunks when MCP is explicitly configured for the node (#1459).
• always_run node opt-out for resume caching: opt-out for nodes that must re-execute on every resume rather than being skipped as "already completed" (closes #1391, #1730).
• Pi deferred extension model resolution so Pi workflows can reference models that are only available after extension loading (#1509).
• Brand foundation page at https://archon.diy/brand/, sourced from packages/docs-web/src/content/docs/brand/ (#1745).
• New marketplace workflows: piv-system-evolution and archon-comprehensive-mr-review.

Changed

• Streaming chat continuity: typing indicators and message boundaries are more readable; rapid successive chunks no longer fragment visually (#1617).
• Web chat bubbles wrap long unbreakable strings instead of overflowing (fixes #1738, #1742).
• Web DAG builder recognizes loop and approval node types and renders them correctly (#1744).
• Web execution graph surfaces workflow-definition fetch errors instead of silently rendering an empty graph (#1683, #1698).
• Web copy-message button handles clipboard failures gracefully (#1564).
• Telegramify-markdown bumped to 1.3.3 for correct blockquote escaping (#1340).
• Webhook clones are placed in the workspace source/ subdirectory to match the standard workspace layout (#1554).
• Global workflows are now editable through the Web UI builder (#1557).
• safeSendMessage consolidated into executor-shared to remove duplication across executor variants (#1496).
• Direction docs: community-providers policy section added (#1736).

Fixed

• workflow approve/resume/reject no longer fail with "Workflow not found" when the run's working path is a worktree or workspace clone. Resume, approve, and reject now use codebase.default_cwd for workflow YAML discovery, falling back to working_path when no codebase record is found. Fixes #1663 (#1743).
• Resume interactive workflows on chat platforms: previously failed because the resume code path assumed web; now works for Slack and Telegram (#1756).
• Web approve/reject responses surface the CLI resume command so users can copy it directly instead of having to look it up (#1523).
• DEFAULT_AI_ASSISTANT is now read in createCodebase so the env var actually controls the default assistant for newly registered codebases (fixes #1703, #1746).
• Marketplace decide node hardened against non-JSON ai-review output so a prose-prefixed verdict doesn't crash the workflow.
• MCP config env vars now expand ${VAR_NAME} brace syntax in addition to $VAR_NAME (#1728).
• archon-refactor-safely persists read-only node outputs via bash bridges so downstream nodes can reference them (#1734).
• Workflow builder injects $ARGUMENTS into generated YAMLs so user arguments reach the first node (#1733).
• Codex provider: removed stale attemptController.abort() that crashed after SDK cleanup (#1735, #1739); fresh AbortController per retry attempt so a previously-aborted controller can't kill the new attempt (#1266, #1371).
• Claude provider rejects directory paths in claudeBinaryPath and expands npm platform-package directories (e.g. @anthropic-ai/claude-code-darwin-arm64) to the bundled binary (#1723, #1737).
• Default assistant resolution: now consults config + per-folder detection on every codebase registration, not just the first (#1729).
• Large node outputs are written to a temp file and referenced rather than inlined into bash substitution, preventing argument-list corruption on big payloads (fixes #1717, #1718).
• Forge clone auth resolves credentials via configured *_URL env vars rather than assuming github.com (fixes #1704, #1706); non-GitHub forge URLs authenticate via GITLAB_TOKEN / GITEA_TOKEN (fixes #1655, #1658).
• DAG multi-resume: completed node state is now preserved across multiple resume cycles instead of being recomputed (#1530).
• Bash node variables: user-controlled variables are passed via env vars, not shell substitution, to avoid quoting bugs and injection edge cases (#1651).
• Scripts: ARCHON_STATE_JSON marker extraction uses line-anchored regex so embedded marker-like strings in script output don't confuse the parser (#1695).
• Workflows: condition_json_parse_failed is now surfaced as a workflow error instead of silently skipping the conditional branch (#1673, #1694).