* fix desktop preload fetch typing
* rename desktop app to Hermes Studio
* rename desktop package to Hermes Studio
* update Hermes Studio desktop icons
* configure desktop signing and app id
* force desktop api calls to local server
* isolate desktop agent bridge ports
* bundle MCP support in desktop Python
* change desktop default port to 8748
* restore webui production port copy
* Add desktop packaging workflow
* Add desktop package homepage
* Fix desktop default credential prompt
* Suppress default credential prompt on desktop
* Publish desktop artifacts on release; reduce CI to PR smoke test
Add desktop-release.yml triggered on release publish (mirroring
docker-publish.yml) to build all platforms and upload .dmg/.exe/
.AppImage/.deb to the GitHub Release.
Trim build.yml desktop job to a PR-only Linux x64 smoke test, since
release artifacts are now produced by desktop-release.yml. This drops
per-push and macOS/Windows packaging from regular CI.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
* Fix desktop Hermes data home on Windows
---------
Co-authored-by: xingzhi <chuzihao.czh@alibaba-inc.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Move TTS routes behind auth middleware and attach JWT to local
proxy requests from the frontend. Previously both /api/hermes/tts
and /api/tts/proxy/audio/speech were publicly accessible without
authentication, allowing unauthenticated callers to consume Edge
TTS resources through the server.
Changes:
- server: move ttsRoutes from public to protected route section
- client: auto-attach JWT when baseUrl is a local path (/...)
and no external API key is configured
- client: import getApiKey() instead of raw localStorage access
Adds an input field for the DingTalk AI Card template ID under
Platform Settings, plus the matching DINGTALK_CARD_TEMPLATE_ID
env mapping so the value is persisted to the active profile and
forwarded to the hermes agent (which already supports AI Cards
via extra.card_template_id).
Closes#1035
The authStatus() controller previously returned the first users
username to unauthenticated clients. The frontend never used this
value — `fetchAuthStatus()` in LoginView.vue discards the return
value entirely. Remove the field to prevent username enumeration.
Changes:
- server: drop `username` from authStatus response body
- server: remove unused `findFirstUser` import
- client: remove `username` from AuthStatus interface
* feat: add session deep links for chats
* feat: add deep links for history and group chat
* Fix profile-aware session deep links
---------
Co-authored-by: Maxim Kirilyuk <werserk@inbox.ru>
ekko