NeverWrite v0.2.5

Manual installers

Choose the installer that matches your machine:

Platform	Architecture	Manual installer asset
macOS	Universal	NeverWrite_0.2.5_macOS_Universal.dmg
Windows	ARM64	NeverWrite_0.2.5_Windows_ARM64_Setup.exe
Windows	x64	NeverWrite_0.2.5_Windows_x64_Setup.exe
Linux	ARM64	NeverWrite-0.2.5-arm64.AppImage
Linux	x64	NeverWrite-0.2.5-x64.AppImage

Updater artifacts are also attached to the release for in-app updates.
Files ending in .app.tar.gz, .nsis.zip, .blockmap, or .sig are internal updater assets and are not intended for manual installation.

Browser extensions

Chrome MV3 manual install asset:

NeverWrite-Web-Clipper-v0.2.5-chrome-mv3.zip

Download the zip, unzip it, open chrome://extensions, enable Developer mode, and choose Load unpacked.

Firefox MV3 build artifact:

NeverWrite-Web-Clipper-v0.2.5-firefox-mv3.zip

This artifact is attached for testing and release traceability. Normal Firefox Release/Beta installation requires a Mozilla-signed package through AMO or self-distribution signing.

Release notes

Security note: NeverWrite's repository was audited for the May 2026 Mini Shai-Hulud npm supply-chain attack and no exposure was found. The repo does not contain the known malware indicators, does not depend on the affected TanStack/Mistral/UiPath/Squawk package sets, and its own GitHub workflows do not use the risky pull_request_target plus trusted-publishing/OIDC pattern involved in the attack. Cloning the repository and updating the app through this channel is safe.

Added

• Added Linux AppImage releases for x64 and ARM64, including Linux update feed support and AppImage updater integration. Thanks to @seifzellaban.
• Added Kilo API key setup in AI provider settings, with KILO_API_KEY detection, secure local persistence, logout cleanup, and setup-state validation alongside the existing Kilo CLI login flow.
• Added an in-app HTML viewer for vault .html and .htm files, including sandboxed script execution, relative asset loading, and restrictive network protections. You can now ask agents to create HTML documents or dashboards in your vault and preview them inside the app. Thanks to @spamsch.
• Added .html and .htm files to the default file tree so HTML documents appear without enabling the global all-files view. Thanks to @spamsch.

Changed

• Updated the embedded Claude ACP runtime to upstream 0.33.1, keeping the vendored Claude agent adapter aligned with current upstream behavior.
• Updated the embedded Codex agent runtime to 0.14.0, keeping subagents, permissions, history replay, and change-review metadata compatible with NeverWrite.
• Polished Linux-specific desktop packaging behavior, window chrome, updater handling, and cross-platform shortcut behavior as part of the AppImage release path.

Fixed

• Fixed chat Markdown rendering so slash-prefixed text is no longer converted into a clickable vault pill unless it resolves to a valid vault reference.
• Fixed dragging agent chats from the collapsed sidebar so the sidebar overlay stays active while the drag starts.
• Fixed inline file-review Accept and Reject buttons so decisions run on click release instead of immediately on press.
• Fixed review tabs for subagents so pending-change reviews show the subagent name instead of the generic runtime label.
• Fixed provider quota, rate-limit, and usage-limit failures so the chat shows a clear provider-limit message instead of treating the error like a setup or authentication failure.
• Fixed oversized saved AI session transcripts by compacting new saves and repairing previously inflated saved chats on load.
• Fixed vault scans, text-file reads, and watcher/upsert hashing for Markdown and text files that contain invalid UTF-8 bytes by decoding them lossily instead of failing the vault operation. Thanks to @kwojtaszek.
• Fixed Linux updater handling when a release feed is missing so the app can continue gracefully across Linux release variants.
• Fixed macOS single-architecture DMG post-processing so x64 and ARM64 release layouts are found correctly. Thanks to @spamsch.

Security

• Secured persisted AI provider secrets for Codex/OpenAI, Claude/Anthropic, Gemini/Google, and newly added Kilo API keys through OS credential storage instead of storing secret values in runtime setup JSON.
• Added migration for legacy plaintext AI provider setup data, transactional setup/logout persistence, fail-closed behavior when secure storage is unavailable, and broader redaction for native backend secret logs.

NeverWrite v0.2.4

Manual installers

Choose the installer that matches your machine:

Platform	Architecture	Manual installer asset
macOS	Universal	NeverWrite_0.2.4_macOS_Universal.dmg
Windows	ARM64	NeverWrite_0.2.4_Windows_ARM64_Setup.exe
Windows	x64	NeverWrite_0.2.4_Windows_x64_Setup.exe

Updater artifacts are also attached to the release for in-app updates.
Files ending in .app.tar.gz, .nsis.zip, or .sig are internal updater assets and are not intended for manual installation.

Browser extensions

Chrome MV3 manual install asset:

NeverWrite-Web-Clipper-v0.2.4-chrome-mv3.zip

Download the zip, unzip it, open chrome://extensions, enable Developer mode, and choose Load unpacked.

Firefox MV3 build artifact:

NeverWrite-Web-Clipper-v0.2.4-firefox-mv3.zip

This artifact is attached for testing and release traceability. Normal Firefox Release/Beta installation requires a Mozilla-signed package through AMO or self-distribution signing.

Release notes

Added

• Added file-tree context menu actions to add notes, folders, PDFs, and sidebar files directly to the current chat composer as context pills.
• Added "Add to New Chat" and "Add Selected to New Chat" actions from the file tree, opening a fresh agent chat with the currently selected/last active provider before attaching the chosen context.
• Added multi-selection-aware chat context actions for selected notes and sidebar files in the file tree.
• Added local app diagnostics logs for Electron main, renderer, and native backend events, with documented log locations and privacy notes.
• Added saved-chat crash recovery docs and recovery flow for AI conversations stored locally under each vault's .neverwrite/sessions/ directory.
• Added native saved-session resume support for Codex when available, with a saved-transcript fallback path when direct runtime resume is unavailable or fails.

Changed

• Changed file-tree path copy actions to consistently use "Copy Full Path" and copy absolute paths for notes, folders, PDFs, and sidebar files.

Fixed

• Fixed external vault refresh handling so ambiguous external deletes, including folders that look like Markdown notes, refresh the vault structure instead of leaving the file tree stale.
• Fixed closing active AI agent tabs so NeverWrite asks for confirmation consistently, including Cmd/Ctrl+W and multi-tab close paths. Thanks to @wtasg for the first contribution!
• Fixed Codex saved chats so restored, detached, resumed, or crash-recovered sessions keep enough transcript context to continue without losing the prior conversation.
• Fixed Codex subagent breadcrumb Open actions so they continue working after restore or resume even when the live sessionId differs from the saved history or runtime session id.
• Fixed detached windows and tab reattachment for AI chats so related parent, child, and sibling subagent sessions transfer and hydrate together instead of losing the agent tree.
• Fixed file-tree chat context targeting so context menu actions and drops attach to the intended chat, including newly opened chats whose composer is still mounting.
• Fixed normal native backend shutdown so expected sidecar exits no longer appear as app errors.

Security

• Hardened diagnostic log redaction for prompt, transcript, message, content, token, secret, authorization, and API key fields, including apiKey, api_key, api-key, and x-api-key variants.

NeverWrite v0.2.3

Manual installers

Choose the installer that matches your machine:

Platform	Architecture	Manual installer asset
macOS	Universal	NeverWrite_0.2.3_macOS_Universal.dmg
Windows	ARM64	NeverWrite_0.2.3_Windows_ARM64_Setup.exe
Windows	x64	NeverWrite_0.2.3_Windows_x64_Setup.exe

Updater artifacts are also attached to the release for in-app updates.
Files ending in .app.tar.gz, .nsis.zip, or .sig are internal updater assets and are not intended for manual installation.

Browser extensions

Chrome MV3 manual install asset:

NeverWrite-Web-Clipper-v0.2.3-chrome-mv3.zip

Download the zip, unzip it, open chrome://extensions, enable Developer mode, and choose Load unpacked.

Firefox MV3 build artifact:

NeverWrite-Web-Clipper-v0.2.3-firefox-mv3.zip

This artifact is attached for testing and release traceability. Normal Firefox Release/Beta installation requires a Mozilla-signed package through AMO or self-distribution signing.

Release notes

Added

• Added a "release notes" button in Settings → Updates that opens the latest GitHub release in the user's browser.
• Added pane-native drag and drop for Agents sidebar threads: drag a chat or subagent from the sidebar onto a pane, tab strip, or pane edge to open it there, move the existing chat tab without duplicating it, or create a new split pane.
• Added a floating drag preview for Agents sidebar threads, including the thread title, runtime, and active/error state while dragging.

Changed

• Changed file-tree drag behavior so dropping existing notes, PDFs, and files onto editor panes opens them as tabs instead of inserting embed markup into the active note.
• Changed file-tree and external file drops to use the same pane-native targeting as workspace tabs: drop on a pane center to open there, on a tab strip to choose the tab position, or on a pane edge to create a split. Drops over the AI composer still attach to the chat composer instead of opening editor panes.
• Polished the chat composer expand/collapse button: the diagonal arrows now point toward the natural corners (top-right / bottom-left when collapsed, inward when expanded) and the button gains a subtle hover highlight that matches the other composer controls.

Fixed

• Fixed AI chat tabs restored from saved history so their persisted:* identifiers no longer leak into live runtime commands, preventing repeated "AI session not found" errors when switching between a Markdown note and an empty or saved chat in the same pane.
• Fixed workspace tab dragging so file-attachment drag events emitted by tabs no longer clear the pane split/drop preview.

NeverWrite v0.2.2

Manual installers

Choose the installer that matches your machine:

Platform	Architecture	Manual installer asset
macOS	Universal	NeverWrite_0.2.2_macOS_Universal.dmg
Windows	ARM64	NeverWrite_0.2.2_Windows_ARM64_Setup.exe
Windows	x64	NeverWrite_0.2.2_Windows_x64_Setup.exe

Updater artifacts are also attached to the release for in-app updates.
Files ending in .app.tar.gz, .nsis.zip, or .sig are internal updater assets and are not intended for manual installation.

Browser extensions

Chrome MV3 manual install asset:

NeverWrite-Web-Clipper-v0.2.2-chrome-mv3.zip

Download the zip, unzip it, open chrome://extensions, enable Developer mode, and choose Load unpacked.

Firefox MV3 build artifact:

NeverWrite-Web-Clipper-v0.2.2-firefox-mv3.zip

This artifact is attached for testing and release traceability. Normal Firefox Release/Beta installation requires a Mozilla-signed package through AMO or self-distribution signing.

Release notes

Changed

• Updated the embedded Claude ACP runtime to the latest upstream 0.31.4 snapshot, keeping NeverWrite aligned with Claude Code v2.1.123 and picking up upstream runtime dependency fixes.

Security

• Updated the embedded Claude ACP runtime's vendored dependencies to include upstream Hono security fixes for JSX tag validation and chunked request body limits.

Fixed

• Fixed Codex subagent threads so their sidebar Working state now follows the child agent's own turn lifecycle instead of relying on parent-thread breadcrumbs.
• Fixed subagent completion handling so child threads return to idle when their ACP turn completes, aborts, or shuts down, even when the parent thread is not actively open.
• Fixed stale Codex subagent turn completion events so an older completed turn can no longer mark a reactivated child agent as idle while it is already working on a newer turn.
• Fixed subagent reactivation so resumed or still-running child agents are no longer incorrectly marked idle by parent interaction_end, resume_end, or waiting_end breadcrumbs.
• Fixed subagent reactivation in the sidebar so live child sessions can return to Working from backend lifecycle updates while root sessions remain protected from stale streaming updates.
• Fixed multi-subagent waiting updates so a completed child no longer causes every sibling subagent under the same parent to stop showing as working.
• Fixed Codex ACP lifecycle projection by emitting structured turn lifecycle metadata and structured waiting-status metadata for subagents.

NeverWrite v0.2.1

Manual installers

Choose the installer that matches your machine:

Platform	Architecture	Manual installer asset
macOS	Universal	NeverWrite_0.2.1_macOS_Universal.dmg
Windows	ARM64	NeverWrite_0.2.1_Windows_ARM64_Setup.exe
Windows	x64	NeverWrite_0.2.1_Windows_x64_Setup.exe

Updater artifacts are also attached to the release for in-app updates.
Files ending in .app.tar.gz, .nsis.zip, or .sig are internal updater assets and are not intended for manual installation.

Browser extensions

Chrome MV3 manual install asset:

NeverWrite-Web-Clipper-v0.2.1-chrome-mv3.zip

Download the zip, unzip it, open chrome://extensions, enable Developer mode, and choose Load unpacked.

Firefox MV3 build artifact:

NeverWrite-Web-Clipper-v0.2.1-firefox-mv3.zip

This artifact is attached for testing and release traceability. Normal Firefox Release/Beta installation requires a Mozilla-signed package through AMO or self-distribution signing.

Release notes

Added

• Added Web Clipper release artifacts to the 0.2.1 GitHub Release pipeline, including Chrome MV3 manual-install and Firefox MV3 testing/signing zips.
• Added working ChatGPT account sign-in for the Codex runtime through the ACP authentication flow, including backend logout support.
• Added Anthropic API key sign-in as an explicit Claude provider option.

Changed

• Hardened Claude sign-in options so remote or no-browser environments use the appropriate terminal login method, while local environments keep Claude subscription, Anthropic Console, API key, and gateway choices.
• Hardened Gemini Google sign-in so the terminal launch explicitly maps the UI method to the Gemini CLI oauth-personal auth type instead of relying on ambiguous defaults.

Fixed

• Fixed AI provider setup status so finding a runtime binary no longer incorrectly marks the provider as connected.
• Fixed terminal sign-in state so providers become connected only after the sign-in process exits successfully.
• Fixed AI sign-in terminals so refreshes no longer restart the active auth session or reopen duplicate browser tabs.
• Fixed AI sign-in terminals so they open focused and scrolled to the beginning of the auth prompt, allowing interactive choices such as Gemini Google sign-in to receive Enter correctly.
• Fixed AI provider setup recognition after restart by detecting persisted CLI account credentials for Codex, Claude, Gemini, and Kilo.
• Fixed AI provider logout so local auth state and Google Cloud environment settings are cleared consistently.
• Fixed Claude gateway setup so remote HTTP URLs are rejected by the backend, localhost HTTP remains allowed, and gateway-with-token setups stay labeled as gateway auth.
• Fixed Windows runtime lookup for CLI shims that depend on PATHEXT, such as .cmd and .exe launchers.
• Fixed Gemini startup on Windows so NeverWrite prefers the executable .cmd shim over npm's extensionless shim, avoiding CreateProcessW Win32 launch failures.
• Fixed Gemini Google sign-in hydration so NeverWrite marks the provider as connected as soon as the Gemini CLI reports successful authentication, instead of waiting for the login terminal process to exit.
• Fixed Gemini ACP sessions on Windows by stripping verbatim \\?\ path prefixes before launching the Node-based CLI, avoiding EISDIR: illegal operation on a directory, lstat 'C:' failures.
• Fixed Gemini model and mode changes so NeverWrite uses Gemini's supported ACP session/set_model and session/set_mode requests instead of the unsupported session/set_config_option request.
• Fixed Codex subagent persistence so background subagent threads are saved when they are created or receive tool, status, plan, image, permission, or input events while their chat tab is closed, using the subagent's own vault path for delayed saves.
• Documented a Codex subagent edge case where models may try to combine a full-history fork with explicit child role, model, or reasoning-effort overrides; Codex rejects that combination and the parent may retry visibly with a non-forked launch.

NeverWrite v0.2.0

Manual installers

Choose the installer that matches your machine:

Platform	Architecture	Manual installer asset
macOS	Universal	NeverWrite_0.2.0_macOS_Universal.dmg
Windows	ARM64	NeverWrite_0.2.0_Windows_ARM64_Setup.exe
Windows	x64	NeverWrite_0.2.0_Windows_x64_Setup.exe

Updater artifacts are also attached to the release for in-app updates.
Files ending in .app.tar.gz, .nsis.zip, or .sig are internal updater assets and are not intended for manual installation.

Browser extensions

Chrome MV3 manual install asset:

NeverWrite-Web-Clipper-v0.2.0-chrome-mv3.zip

Download the zip, unzip it, open chrome://extensions, enable Developer mode, and choose Load unpacked.

Firefox MV3 build artifact:

NeverWrite-Web-Clipper-v0.2.0-firefox-mv3.zip

This artifact is attached for testing and release traceability. Normal Firefox Release/Beta installation requires a Mozilla-signed package through AMO or self-distribution signing.

Release notes

Added

• Added GitHub Release downloads for the Web Clipper: a Chrome MV3 zip for manual install and a Firefox MV3 build artifact for testing/signing workflows.
• Added Codex subagents as first-class sidebar sessions, so running agents stay available even after their chat tabs are closed. Please welcome your copernicos and galileos! / Warning, there's a bug with persistence of subagents, please update to 0.2.1 as soon as is available.
• Added dedicated threads for each Codex subagent, including independent review tabs and inline review for file changes made by each agent.
• Added parent chat breadcrumbs with inline actions for opening subagent threads, plus persistent parent-child grouping across restarts.

Changed

• Removed the redundant collapse-all control from the note outline so the panel starts directly with the document structure while preserving per-section collapsing.
• Aligned file-oriented search across Search Files & Notes, New Tab, @ mentions, and [[ ]] wikilink suggestions so all-files mode treats Markdown notes as files first, ranking file name and path matches before note title matches while keeping title search as a fallback.
• Updated wikilink suggestions in all-files mode to display Markdown note file names consistently with the file extension setting, so notes can appear as example.md when extensions are enabled without changing the inserted wikilink target.
• Made the wikilink suggestion popup horizontally scrollable so long note names and vault paths can be inspected without widening the popup.

Fixed

• Fixed a mismatch where the file-oriented search notice promised file-name-first behavior, but Search Files & Notes and New Tab still used older title/path scoring.
• Fixed @ mention suggestions in all-files mode so note titles remain searchable as a fallback after file name and path matches.

NeverWrite v0.1.2

Manual installers

Choose the installer that matches your machine:

Platform	Architecture	Manual installer asset
macOS	Universal	NeverWrite_0.1.2_macOS_Universal.dmg
Windows	ARM64	NeverWrite_0.1.2_Windows_ARM64_Setup.exe
Windows	x64	NeverWrite_0.1.2_Windows_x64_Setup.exe

Updater artifacts are also attached to the release for in-app updates.
Files ending in .app.tar.gz, .nsis.zip, or .sig are internal updater assets and are not intended for manual installation.

Release notes

Fixed

• Fixed macOS DMG release validation so GitHub-built desktop release artifacts are staged and checked correctly.
• Fixed opening and using vaults on Windows rclone/WinFsp mounted drives that do not support path canonicalization, without compromising security layer.
• Fixed the drag preview disappearing when dragging items from an expanded sidebar onto editor panes or the chat composer.
• Fixed sticky folder headers in the file tree so they read as a distinct frosted plate, with the same visible blur treatment in both the docked sidebar and the Arc-style peek overlay.
• Fixed detached windows so agent conversations, review tabs, and terminal tabs keep their state when opened, moved, or reattached across windows.

NeverWrite v0.1.1

Manual installers

Choose the installer that matches your machine:

Platform	Architecture	Manual installer asset
macOS	Universal	NeverWrite_0.1.1_macOS_Universal.zip
Windows	ARM64	NeverWrite_0.1.1_Windows_ARM64_Setup.exe
Windows	x64	NeverWrite_0.1.1_Windows_x64_Setup.exe

Updater artifacts are also attached to the release for in-app updates.
Files ending in .app.tar.gz, .nsis.zip, or .sig are internal updater assets and are not intended for manual installation.

Release notes

Fixed

• Fixed the GitHub-built desktop app packaging so the bundled Claude ACP runtime includes its production dependencies.
• Prevented a failed AI runtime startup from blocking provider settings, note loading, and other backend requests indefinitely.
• Improved AI provider settings so providers show as checking while runtime inventory is loading instead of incorrectly offering installs.