{"id":92864,"name":"github.com/steipete/peekaboo","ecosystem":"swift","repository_url":"https://github.com/steipete/peekaboo","issues_count":4,"created_at":"2026-05-21T04:01:37.010Z","updated_at":"2026-05-21T04:01:37.010Z","purl":"pkg:swift/github.com/steipete/peekaboo","metadata":{"id":14497511,"name":"github.com/steipete/peekaboo","ecosystem":"swiftpm","description":null,"homepage":null,"licenses":null,"normalized_licenses":[],"repository_url":"https://github.com/steipete/peekaboo","keywords_array":null,"namespace":null,"versions_count":0,"first_release_published_at":null,"latest_release_published_at":"2026-05-25T04:22:49.446Z","latest_release_number":null,"last_synced_at":"2026-05-25T04:22:49.623Z","created_at":"2026-05-25T04:22:49.313Z","updated_at":"2026-05-25T04:22:49.681Z","registry_url":"https://swiftpackageindex.com/steipete/peekaboo","install_command":null,"documentation_url":"https://swiftpackageindex.com/steipete/peekaboo/documentation","metadata":{},"repo_metadata":{},"repo_metadata_updated_at":"2026-05-25T04:22:49.648Z","dependent_packages_count":0,"downloads":null,"downloads_period":null,"dependent_repos_count":0,"rankings":{"downloads":null,"dependent_repos_count":17.6884806735553,"dependent_packages_count":14.144661308840414,"stargazers_count":null,"forks_count":null,"docker_downloads_count":null,"average":15.916570991197858},"purl":"pkg:swift/github.com/steipete/peekaboo","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/swiftpm/github.com/steipete/peekaboo","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/swiftpm/github.com/steipete/peekaboo","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/swiftpm/github.com/steipete/peekaboo/dependencies","status":null,"funding_links":[],"critical":null,"issue_metadata":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/swiftpackageindex.com/packages/github.com%2Fsteipete%2Fpeekaboo/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/swiftpackageindex.com/packages/github.com%2Fsteipete%2Fpeekaboo/version_numbers","latest_version_url":"https://packages.ecosyste.ms/api/v1/registries/swiftpackageindex.com/packages/github.com%2Fsteipete%2Fpeekaboo/latest_version","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/swiftpackageindex.com/packages/github.com%2Fsteipete%2Fpeekaboo/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/swiftpackageindex.com/packages/github.com%2Fsteipete%2Fpeekaboo/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/swiftpackageindex.com/packages/github.com%2Fsteipete%2Fpeekaboo/codemeta","maintainers":[],"registry":{"name":"swiftpackageindex.com","url":"https://swiftpackageindex.com","ecosystem":"swiftpm","default":true,"packages_count":13077,"maintainers_count":0,"namespaces_count":2456,"keywords_count":0,"github":"SwiftPackageIndex","metadata":{"funded_packages_count":1647},"icon_url":"https://github.com/SwiftPackageIndex.png","created_at":"2022-11-28T16:45:05.949Z","updated_at":"2026-04-03T06:40:40.403Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/swiftpackageindex.com/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/swiftpackageindex.com/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/swiftpackageindex.com/namespaces"}},"unique_repositories_count":4,"unique_repositories_count_past_30_days":4,"recent_issues":[{"uuid":"4509179043","node_id":"PR_kwDOSl5V0s7eqzM3","number":3,"state":"closed","title":"build(deps): bump the swift-deps group in /apps/macos with 3 updates","user":"dependabot[bot]","labels":["dependencies","swift_package_manager"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-24T04:44:30.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-23T18:06:28.000Z","updated_at":"2026-05-24T04:44:39.000Z","time_to_close":38282,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"swift-deps","update_count":3,"packages":[{"name":"github.com/apple/swift-log","old_version":"1.12.0","new_version":"1.12.1","repository_url":"https://github.com/apple/swift-log"},{"name":"github.com/sparkle-project/sparkle","old_version":"2.9.1","new_version":"2.9.2","repository_url":"https://github.com/sparkle-project/Sparkle"},{"name":"github.com/steipete/peekaboo","old_version":"3.2.1","new_version":"3.2.2","repository_url":"https://github.com/steipete/Peekaboo"}],"path":"/apps/macos","ecosystem":"swift"},"body":"Bumps the swift-deps group in /apps/macos with 3 updates: [github.com/apple/swift-log](https://github.com/apple/swift-log), [github.com/sparkle-project/sparkle](https://github.com/sparkle-project/Sparkle) and [github.com/steipete/peekaboo](https://github.com/steipete/Peekaboo).\n\nUpdates `github.com/apple/swift-log` from 1.12.0 to 1.12.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apple/swift-log/releases\"\u003egithub.com/apple/swift-log's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.12.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eSemVer Patch\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImprove readability by extracting separate types to their own files by \u003ca href=\"https://github.com/samuelmurray\"\u003e\u003ccode\u003e@​samuelmurray\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apple/swift-log/pull/444\"\u003eapple/swift-log#444\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSkip handler dispatch for setters under \u003ccode\u003eMaxLogLevelNone\u003c/code\u003e by \u003ca href=\"https://github.com/rnro\"\u003e\u003ccode\u003e@​rnro\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apple/swift-log/pull/465\"\u003eapple/swift-log#465\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate documentation to reflect recent changes by \u003ca href=\"https://github.com/samuelmurray\"\u003e\u003ccode\u003e@​samuelmurray\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apple/swift-log/pull/445\"\u003eapple/swift-log#445\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate dependabot to daily schedule by \u003ca href=\"https://github.com/kukushechkin\"\u003e\u003ccode\u003e@​kukushechkin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apple/swift-log/pull/446\"\u003eapple/swift-log#446\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump swiftlang/github-workflows/.github/workflows/soundness.yml from 0.0.9 to 0.0.11 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/apple/swift-log/pull/447\"\u003eapple/swift-log#447\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake dependabot set  label by \u003ca href=\"https://github.com/kukushechkin\"\u003e\u003ccode\u003e@​kukushechkin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apple/swift-log/pull/448\"\u003eapple/swift-log#448\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd tests for SwiftLogNoOpLogHandler by \u003ca href=\"https://github.com/crleonard\"\u003e\u003ccode\u003e@​crleonard\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apple/swift-log/pull/449\"\u003eapple/swift-log#449\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCleanup repository structure by \u003ca href=\"https://github.com/kukushechkin\"\u003e\u003ccode\u003e@​kukushechkin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apple/swift-log/pull/451\"\u003eapple/swift-log#451\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDisable nightly 6.3 WASM builds by \u003ca href=\"https://github.com/kukushechkin\"\u003e\u003ccode\u003e@​kukushechkin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apple/swift-log/pull/454\"\u003eapple/swift-log#454\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[SLG-0004]: metadata value attributes proposal (revision 2) by \u003ca href=\"https://github.com/kukushechkin\"\u003e\u003ccode\u003e@​kukushechkin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apple/swift-log/pull/440\"\u003eapple/swift-log#440\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMigrate macOS CI to Swift version inputs by \u003ca href=\"https://github.com/rnro\"\u003e\u003ccode\u003e@​rnro\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apple/swift-log/pull/457\"\u003eapple/swift-log#457\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eShared workflows changed from Xcode XX.X to Xcode swift X.X by \u003ca href=\"https://github.com/kukushechkin\"\u003e\u003ccode\u003e@​kukushechkin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apple/swift-log/pull/461\"\u003eapple/swift-log#461\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdopt multi-package macOS benchmarks workflow by \u003ca href=\"https://github.com/rnro\"\u003e\u003ccode\u003e@​rnro\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apple/swift-log/pull/466\"\u003eapple/swift-log#466\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crleonard\"\u003e\u003ccode\u003e@​crleonard\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/apple/swift-log/pull/449\"\u003eapple/swift-log#449\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/apple/swift-log/compare/1.12.0...1.12.1\"\u003ehttps://github.com/apple/swift-log/compare/1.12.0...1.12.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apple/swift-log/commit/a012e0ad8a8a72de92b0e008c81a9b793f70e73a\"\u003e\u003ccode\u003ea012e0a\u003c/code\u003e\u003c/a\u003e Adopt multi-package macOS benchmarks workflow (\u003ca href=\"https://redirect.github.com/apple/swift-log/issues/466\"\u003e#466\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apple/swift-log/commit/1069d31898fad2304edbdb9ddf30ddd6b3bcfb96\"\u003e\u003ccode\u003e1069d31\u003c/code\u003e\u003c/a\u003e Skip handler dispatch for setters under \u003ccode\u003eMaxLogLevelNone\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/apple/swift-log/issues/465\"\u003e#465\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apple/swift-log/commit/3061a62b6d0cfed7c11b5b019fd81443a0beb172\"\u003e\u003ccode\u003e3061a62\u003c/code\u003e\u003c/a\u003e Shared workflows changed from Xcode XX.X to Xcode swift X.X (\u003ca href=\"https://redirect.github.com/apple/swift-log/issues/461\"\u003e#461\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apple/swift-log/commit/184c73762fc180b3138e5320adae67ee738b5625\"\u003e\u003ccode\u003e184c737\u003c/code\u003e\u003c/a\u003e Migrate macOS CI to Swift version inputs (\u003ca href=\"https://redirect.github.com/apple/swift-log/issues/457\"\u003e#457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apple/swift-log/commit/eca81998f52d757e22b3bfbff650025091453bc0\"\u003e\u003ccode\u003eeca8199\u003c/code\u003e\u003c/a\u003e [SLG-0004]: metadata value attributes proposal (revision 2) (\u003ca href=\"https://redirect.github.com/apple/swift-log/issues/440\"\u003e#440\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apple/swift-log/commit/ac3646e5e0cc783fdb39a70971fac1e37b19202b\"\u003e\u003ccode\u003eac3646e\u003c/code\u003e\u003c/a\u003e Disable nightly 6.3 WASM builds (\u003ca href=\"https://redirect.github.com/apple/swift-log/issues/454\"\u003e#454\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apple/swift-log/commit/5c348a629ce8f04e7dbbd2b27d6ef330fa15cd7b\"\u003e\u003ccode\u003e5c348a6\u003c/code\u003e\u003c/a\u003e Cleanup repository structure (\u003ca href=\"https://redirect.github.com/apple/swift-log/issues/451\"\u003e#451\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apple/swift-log/commit/deae26e91aae13fdf879679e8b37bfaf0427d317\"\u003e\u003ccode\u003edeae26e\u003c/code\u003e\u003c/a\u003e Add tests for SwiftLogNoOpLogHandler (\u003ca href=\"https://redirect.github.com/apple/swift-log/issues/449\"\u003e#449\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apple/swift-log/commit/1fe83fbfe9a709d9572e7fd5785016a54ff36c6b\"\u003e\u003ccode\u003e1fe83fb\u003c/code\u003e\u003c/a\u003e Make dependabot set  label (\u003ca href=\"https://redirect.github.com/apple/swift-log/issues/448\"\u003e#448\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apple/swift-log/commit/41592e45e167db0e7c89d3ec4a2d3fb98ef1c1a0\"\u003e\u003ccode\u003e41592e4\u003c/code\u003e\u003c/a\u003e Bump swiftlang/github-workflows/.github/workflows/soundness.yml from 0.0.9 to...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apple/swift-log/compare/1.12.0...1.12.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/sparkle-project/sparkle` from 2.9.1 to 2.9.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparkle-project/Sparkle/releases\"\u003egithub.com/sparkle-project/sparkle's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.2 Appcast Improvements\u003c/h2\u003e\n\u003cp\u003eChanges:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eShow hidden window title in update window for accessibility (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2871\"\u003e#2871\u003c/a\u003e) (Zorg)\u003c/li\u003e\n\u003cli\u003ePolish and update Spanish translations to be gender neutral (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2874\"\u003e#2874\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2875\"\u003e#2875\u003c/a\u003e) (Emilio P Egido)\u003c/li\u003e\n\u003cli\u003eGuard against NULL CFRelease() on failure condition in fallback path (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2867\"\u003e#2867\u003c/a\u003e) (Zorg)\u003c/li\u003e\n\u003cli\u003eGuard against symlinks when applying delta update files (fe7b718) (Zorg, fg0x0)\u003c/li\u003e\n\u003cli\u003eEnforce connection to installer to be validated before receiving appcast item data (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2876\"\u003e#2876\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2877\"\u003e#2877\u003c/a\u003e) (Zorg, fg0x0)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis release contains two high-complex security fixes reported by \u003ca href=\"https://github.com/fg0x0\"\u003e\u003ccode\u003e@​fg0x0\u003c/code\u003e\u003c/a\u003e. The details will be posted in the \u003ca href=\"https://github.com/sparkle-project/Sparkle/discussions/2838\"\u003e2.9 discussion\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003ePlease also check \u003ca href=\"https://github.com/sparkle-project/Sparkle/releases/tag/2.9.1\"\u003e2.9.1\u003c/a\u003e and \u003ca href=\"https://github.com/sparkle-project/Sparkle/releases/tag/2.9.0\"\u003e2.9.0\u003c/a\u003e for previous changes.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/6276ba2b404829d139c45ff98427cf90e2efc59b\"\u003e\u003ccode\u003e6276ba2\u003c/code\u003e\u003c/a\u003e Update Package management files for version 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/113279a21f754abf10c2b7a019543c43b9c3b74d\"\u003e\u003ccode\u003e113279a\u003c/code\u003e\u003c/a\u003e Improve synchronization of _receivedAppcastItemData (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2877\"\u003e#2877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/7c4741d762df4f7162bfd4f267a4217a3a4a80c9\"\u003e\u003ccode\u003e7c4741d\u003c/code\u003e\u003c/a\u003e Update Package management files for version 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/5df807d5ac88cd912abb5e24747e1c20e06352b8\"\u003e\u003ccode\u003e5df807d\u003c/code\u003e\u003c/a\u003e Update README for 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/c6ab245eba32c85bfe8ad4d51184bcb2c58cf69a\"\u003e\u003ccode\u003ec6ab245\u003c/code\u003e\u003c/a\u003e Update Package management files for version 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/6e370a5ab8293da6a028da49a33f67e9b20d86e1\"\u003e\u003ccode\u003e6e370a5\u003c/code\u003e\u003c/a\u003e Enforce connection to installer to be validated before receiving appcast item...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/cbdc150cfb2fa0ca8b0c1aaed3841bbb18be61d0\"\u003e\u003ccode\u003ecbdc150\u003c/code\u003e\u003c/a\u003e Polish Spanish localization in Sparkle.strings (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2875\"\u003e#2875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/fe7b718d0736f3e139e374e26fbca96f29e13bf0\"\u003e\u003ccode\u003efe7b718\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/d2b796bc3e96c3e60267c8e1a3176db11b07c488\"\u003e\u003ccode\u003ed2b796b\u003c/code\u003e\u003c/a\u003e Update you're up to date Spanish translation to be gender neutral (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2874\"\u003e#2874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/2f33f56afb966ea7fb65f44b077447c27065dd45\"\u003e\u003ccode\u003e2f33f56\u003c/code\u003e\u003c/a\u003e Fix QoS warning when running Test app server on main thread (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2873\"\u003e#2873\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sparkle-project/Sparkle/compare/2.9.1...2.9.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/steipete/peekaboo` from 3.2.1 to 3.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steipete/Peekaboo/releases\"\u003egithub.com/steipete/peekaboo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.2\u003c/h2\u003e\n\u003ch2\u003e[3.2.2] - 2026-05-22\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eGameBridge manifests now let \u003ccode\u003epeekaboo see\u003c/code\u003e expose Firestaff/SDL game UI zones from GPU-rendered windows. Thanks \u003ca href=\"https://github.com/yeager\"\u003e\u003ccode\u003e@​yeager\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/152\"\u003e#152\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now accepts OpenRouter model IDs and can use \u003ccode\u003eOPENROUTER_API_KEY\u003c/code\u003e from env or credentials. Thanks \u003ca href=\"https://github.com/delort\"\u003e\u003ccode\u003e@​delort\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/155\"\u003e#155\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eRelease Verification\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enpm package: \u003ca href=\"https://www.npmjs.com/package/@steipete/peekaboo/v/3.2.2\"\u003ehttps://www.npmjs.com/package/@​steipete/peekaboo/v/3.2.2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eregistry tarball: \u003ca href=\"https://registry.npmjs.org/@steipete/peekaboo/-/peekaboo-3.2.2.tgz\"\u003ehttps://registry.npmjs.org/@​steipete/peekaboo/-/peekaboo-3.2.2.tgz\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003enpm integrity: \u003ccode\u003esha512-MV2heuhtWJPf8H1KwYGyfcXlOqKEMtuZNlOH9CA7gG7iXRsX28qEjCy/DTUWbTnKKeIsbrVi9SGjxfMLBIrXFg==\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eproof: \u003ccode\u003epnpm run lint\u003c/code\u003e, \u003ccode\u003epnpm run test:safe\u003c/code\u003e, universal CLI build, Developer ID signing, Apple notarization accepted, Sparkle appcast XML validated.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/d7b665c5df8b4b5c55b99a6e435bd938b431ffe9\"\u003e\u003ccode\u003ed7b665c\u003c/code\u003e\u003c/a\u003e chore(release): update appcast for 3.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/43ed861725665f610ebc11e27ebf8d5c27021ca4\"\u003e\u003ccode\u003e43ed861\u003c/code\u003e\u003c/a\u003e chore(release): prepare 3.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/1fd0dc6f519ae461110c0ce538d09678a212b919\"\u003e\u003ccode\u003e1fd0dc6\u003c/code\u003e\u003c/a\u003e fix: remove GameBridge release warning\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/2edeee0b33271b0659e5b94183616799c6ce29a5\"\u003e\u003ccode\u003e2edeee0\u003c/code\u003e\u003c/a\u003e feat: add GameBridge detection for SDL game windows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/c4a151a597de42cc65bec71bbc1c6ac0b07a5e22\"\u003e\u003ccode\u003ec4a151a\u003c/code\u003e\u003c/a\u003e chore: bump Tachikoma\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/3089e051107c299a8ea3085a47adaac4f7da5f61\"\u003e\u003ccode\u003e3089e05\u003c/code\u003e\u003c/a\u003e build: reuse shared mac release tooling\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/a9725f89e68f5da8c4d76b73c7d08f8a0174f70a\"\u003e\u003ccode\u003ea9725f8\u003c/code\u003e\u003c/a\u003e feat(agent): add OpenRouter provider support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/fe6548a5d89974d970517b7f86d7da65e1491576\"\u003e\u003ccode\u003efe6548a\u003c/code\u003e\u003c/a\u003e fix(agent): treat OAuth access tokens as Bearer auth not API keys (\u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/154\"\u003e#154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/96a165d7f2ec776784d4fa3fb5db1f6f17256733\"\u003e\u003ccode\u003e96a165d\u003c/code\u003e\u003c/a\u003e chore(release): close 3.2.1\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/steipete/Peekaboo/compare/v3.2.1...v3.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/sihaun/ShadowClaw/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sihaun%2FShadowClaw/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"},{"uuid":"4480184449","node_id":"PR_kwDORKp0PM7dNXY1","number":24,"state":"closed","title":"chore(deps): bump the swift-deps group across 1 directory with 2 updates","user":"dependabot[bot]","labels":["dependencies","swift_package_manager"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-25T09:02:04.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-19T18:59:28.000Z","updated_at":"2026-05-25T09:02:06.000Z","time_to_close":482556,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"swift-deps","update_count":2,"packages":[{"name":"github.com/sparkle-project/sparkle","old_version":"2.9.1","new_version":"2.9.2","repository_url":"https://github.com/sparkle-project/Sparkle"},{"name":"github.com/steipete/peekaboo","old_version":"3.0.0","new_version":"3.2.1","repository_url":"https://github.com/steipete/Peekaboo"}],"path":null,"ecosystem":"swift"},"body":"Bumps the swift-deps group with 2 updates in the /apps/macos directory: [github.com/sparkle-project/sparkle](https://github.com/sparkle-project/Sparkle) and [github.com/steipete/peekaboo](https://github.com/steipete/Peekaboo).\n\nUpdates `github.com/sparkle-project/sparkle` from 2.9.1 to 2.9.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparkle-project/Sparkle/releases\"\u003egithub.com/sparkle-project/sparkle's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.2 Appcast Improvements\u003c/h2\u003e\n\u003cp\u003eChanges:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eShow hidden window title in update window for accessibility (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2871\"\u003e#2871\u003c/a\u003e) (Zorg)\u003c/li\u003e\n\u003cli\u003ePolish and update Spanish translations to be gender neutral (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2874\"\u003e#2874\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2875\"\u003e#2875\u003c/a\u003e) (Emilio P Egido)\u003c/li\u003e\n\u003cli\u003eGuard against NULL CFRelease() on failure condition in fallback path (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2867\"\u003e#2867\u003c/a\u003e) (Zorg)\u003c/li\u003e\n\u003cli\u003eGuard against symlinks when applying delta update files (fe7b718) (Zorg, fg0x0)\u003c/li\u003e\n\u003cli\u003eEnforce connection to installer to be validated before receiving appcast item data (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2876\"\u003e#2876\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2877\"\u003e#2877\u003c/a\u003e) (Zorg, fg0x0)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis release contains two high-complex security fixes reported by \u003ca href=\"https://github.com/fg0x0\"\u003e\u003ccode\u003e@​fg0x0\u003c/code\u003e\u003c/a\u003e. The details will be posted in the \u003ca href=\"https://github.com/sparkle-project/Sparkle/discussions/2838\"\u003e2.9 discussion\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003ePlease also check \u003ca href=\"https://github.com/sparkle-project/Sparkle/releases/tag/2.9.1\"\u003e2.9.1\u003c/a\u003e and \u003ca href=\"https://github.com/sparkle-project/Sparkle/releases/tag/2.9.0\"\u003e2.9.0\u003c/a\u003e for previous changes.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/6276ba2b404829d139c45ff98427cf90e2efc59b\"\u003e\u003ccode\u003e6276ba2\u003c/code\u003e\u003c/a\u003e Update Package management files for version 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/113279a21f754abf10c2b7a019543c43b9c3b74d\"\u003e\u003ccode\u003e113279a\u003c/code\u003e\u003c/a\u003e Improve synchronization of _receivedAppcastItemData (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2877\"\u003e#2877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/7c4741d762df4f7162bfd4f267a4217a3a4a80c9\"\u003e\u003ccode\u003e7c4741d\u003c/code\u003e\u003c/a\u003e Update Package management files for version 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/5df807d5ac88cd912abb5e24747e1c20e06352b8\"\u003e\u003ccode\u003e5df807d\u003c/code\u003e\u003c/a\u003e Update README for 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/c6ab245eba32c85bfe8ad4d51184bcb2c58cf69a\"\u003e\u003ccode\u003ec6ab245\u003c/code\u003e\u003c/a\u003e Update Package management files for version 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/6e370a5ab8293da6a028da49a33f67e9b20d86e1\"\u003e\u003ccode\u003e6e370a5\u003c/code\u003e\u003c/a\u003e Enforce connection to installer to be validated before receiving appcast item...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/cbdc150cfb2fa0ca8b0c1aaed3841bbb18be61d0\"\u003e\u003ccode\u003ecbdc150\u003c/code\u003e\u003c/a\u003e Polish Spanish localization in Sparkle.strings (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2875\"\u003e#2875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/fe7b718d0736f3e139e374e26fbca96f29e13bf0\"\u003e\u003ccode\u003efe7b718\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/d2b796bc3e96c3e60267c8e1a3176db11b07c488\"\u003e\u003ccode\u003ed2b796b\u003c/code\u003e\u003c/a\u003e Update you're up to date Spanish translation to be gender neutral (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2874\"\u003e#2874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/2f33f56afb966ea7fb65f44b077447c27065dd45\"\u003e\u003ccode\u003e2f33f56\u003c/code\u003e\u003c/a\u003e Fix QoS warning when running Test app server on main thread (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2873\"\u003e#2873\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sparkle-project/Sparkle/compare/2.9.1...2.9.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/steipete/peekaboo` from 3.0.0 to 3.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steipete/Peekaboo/releases\"\u003egithub.com/steipete/peekaboo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.1\u003c/h2\u003e\n\u003ch2\u003e[3.2.1] - 2026-05-18\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo click --coords\u003c/code\u003e now treats coordinates as target-window-relative when app/window target flags are supplied, reports resolved target metadata, and requires \u003ccode\u003e--global-coords\u003c/code\u003e for targeted global clicks.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo-mcp\u003c/code\u003e now shuts down cleanly during restart backoff and repairs executable permissions without shelling out through an install path.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epnpm run peekaboo:dev\u003c/code\u003e no longer depends on a hardcoded local checkout path.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now tells models to use the current tool schema instead of stale tool names and arguments. Thanks \u003ca href=\"https://github.com/vyctorbrzezowski\"\u003e\u003ccode\u003e@​vyctorbrzezowski\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/139\"\u003e#139\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAX element detection now honors traversal budgets and reports truncation when depth, count, or per-node child limits are reached. Thanks \u003ca href=\"https://github.com/vyctorbrzezowski\"\u003e\u003ccode\u003e@​vyctorbrzezowski\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/140\"\u003e#140\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e and MCP clients now have an \u003ccode\u003einspect_ui\u003c/code\u003e tool for AX-only UI text/control inspection without capturing screenshots. Thanks \u003ca href=\"https://github.com/vyctorbrzezowski\"\u003e\u003ccode\u003e@​vyctorbrzezowski\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/141\"\u003e#141\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eWindow-mode capture now falls back to desktop-independent ScreenCaptureKit filters when multi-display setups cannot map a window to an enumerated display. Thanks \u003ca href=\"https://github.com/lonexreb\"\u003e\u003ccode\u003e@​lonexreb\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/147\"\u003e#147\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e guidance now routes AX-only observation through \u003ccode\u003einspect_ui\u003c/code\u003e consistently while keeping screenshot-backed checks on \u003ccode\u003esee\u003c/code\u003e. Thanks \u003ca href=\"https://github.com/vyctorbrzezowski\"\u003e\u003ccode\u003e@​vyctorbrzezowski\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/144\"\u003e#144\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom provider docs, CLI help, and macOS settings now prefer \u003ccode\u003e${VAR}\u003c/code\u003e API key references and shell examples that preserve them literally. Thanks \u003ca href=\"https://github.com/scotthuang\"\u003e\u003ccode\u003e@​scotthuang\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/142\"\u003e#142\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now refreshes desktop context before each model turn and wires opt-in action verification through the configured capture strategy. Thanks \u003ca href=\"https://github.com/lonexreb\"\u003e\u003ccode\u003e@​lonexreb\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/148\"\u003e#148\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAX traversal budgets now have wider defaults plus CLI, MCP, and environment overrides for complex app trees. Thanks \u003ca href=\"https://github.com/widdowson\"\u003e\u003ccode\u003e@​widdowson\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/150\"\u003e#150\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/151\"\u003e#151\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease Proof\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003enpm: \u003ca href=\"https://www.npmjs.com/package/@steipete/peekaboo/v/3.2.1\"\u003ehttps://www.npmjs.com/package/@​steipete/peekaboo/v/3.2.1\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003enpm tarball: \u003ca href=\"https://registry.npmjs.org/@steipete/peekaboo/-/peekaboo-3.2.1.tgz\"\u003ehttps://registry.npmjs.org/@​steipete/peekaboo/-/peekaboo-3.2.1.tgz\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003enpm integrity: sha512-EemQV/dh2pM3NjhYNeCwN5z2xVnNCRtiG/lOpUWCG9D11ebaY8mgoKoNAACjDcWwIsSB+tAhzYj9F1Y5bee70A==\u003c/li\u003e\n\u003cli\u003enpm published: 2026-05-18T13:56:48.898Z\u003c/li\u003e\n\u003cli\u003emacOS app: signed, notarized, stapled, and \u003ccode\u003espctl\u003c/code\u003e accepted as Notarized Developer ID.\u003c/li\u003e\n\u003cli\u003eLocal proof: \u003ccode\u003epnpm run lint\u003c/code\u003e, \u003ccode\u003epnpm run format\u003c/code\u003e, \u003ccode\u003epnpm run test:safe\u003c/code\u003e, universal CLI build/package verification, checksum verification, appcast XML validation.\u003c/li\u003e\n\u003cli\u003eAssets: \u003ccode\u003ePeekaboo-3.2.1.app.zip\u003c/code\u003e, \u003ccode\u003epeekaboo-macos-universal.tar.gz\u003c/code\u003e, \u003ccode\u003esteipete-peekaboo-3.2.1.tgz\u003c/code\u003e, \u003ccode\u003echecksums.txt\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e[3.2.0] - 2026-05-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo click --focus-background\u003c/code\u003e and the MCP \u003ccode\u003eclick\u003c/code\u003e tool now support process-targeted background mouse delivery for apps identified by \u003ccode\u003e--app\u003c/code\u003e, \u003ccode\u003e--pid\u003c/code\u003e, or snapshot metadata.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now supports MiniMax M2.7 through Tachikoma's Anthropic-compatible provider path. Thanks \u003ca href=\"https://github.com/xiaofeiwa\"\u003e\u003ccode\u003e@​xiaofeiwa\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/130\"\u003e#130\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now accepts \u003ccode\u003eollama/\u0026lt;model\u0026gt;\u003c/code\u003e and \u003ccode\u003elmstudio/\u0026lt;model\u0026gt;\u003c/code\u003e local model selections, including local-only provider defaults. Thanks \u003ca href=\"https://github.com/0x5845\"\u003e\u003ccode\u003e@​0x5845\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/137\"\u003e#137\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOllama vision model IDs such as \u003ccode\u003eqwen2.5vl:3b\u003c/code\u003e now stay intact through Tachikoma model parsing instead of falling back to \u003ccode\u003ellama3.3\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/16\"\u003e#16\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now initializes with Gemini-only or MiniMax-only credentials instead of falling back to an unavailable OpenAI/Anthropic default. Thanks \u003ca href=\"https://github.com/lonexreb\"\u003e\u003ccode\u003e@​lonexreb\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/133\"\u003e#133\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eWindow captures now retry transient \u003ccode\u003eSCScreenshotManager\u003c/code\u003e failures before reporting a minimized/off-screen/Space hint. Thanks \u003ca href=\"https://github.com/lonexreb\"\u003e\u003ccode\u003e@​lonexreb\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/135\"\u003e#135\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe macOS app now keeps one status item/controller across app state reconnects and removes the status item on teardown, avoiding duplicate or ghost menu bar icons. Thanks \u003ca href=\"https://github.com/lonexreb\"\u003e\u003ccode\u003e@​lonexreb\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/134\"\u003e#134\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eRelease automation now verifies CLI, npm, macOS app, checksum, appcast, and uploaded GitHub assets before publish.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo type --json\u003c/code\u003e now separates requested text from executed key actions, making escaped special keys such as \u003ccode\u003e\\n\u003c/code\u003e visible to agents without losing backwards-compatible \u003ccode\u003etypedText\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo permissions status --all-sources\u003c/code\u003e now compares Bridge and local TCC permission state side by side, so daemon grants are no longer confused with CLI grants.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo mcp serve --transport ...\u003c/code\u003e now rejects invalid transport names instead of silently starting stdio mode.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo paste --app ...\u003c/code\u003e now fails before mutating the clipboard when the requested app cannot be found.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e no longer sends stale Anthropic extended-thinking options to Claude Opus 4.7 and now exits with failure when agent execution fails.\u003c/li\u003e\n\u003cli\u003eCommand timeout JSON now reports the intended timeout error instead of occasionally surfacing cancellation as an unknown error.\u003c/li\u003e\n\u003cli\u003eRefreshed CLI docs and quickstart examples to use current flags such as \u003ccode\u003eimage --path\u003c/code\u003e, \u003ccode\u003eclick --coords\u003c/code\u003e, \u003ccode\u003etype --return\u003c/code\u003e, \u003ccode\u003epress --count\u003c/code\u003e, and \u003ccode\u003escroll --amount\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDebug CLI startup no longer spawns \u003ccode\u003egit config\u003c/code\u003e on every launch when build-staleness checking is disabled, cutting startup-heavy command latency by more than 30% in local testing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/36108b4ea7d7848d616c3cad1e7a03e40d6be857\"\u003e\u003ccode\u003e36108b4\u003c/code\u003e\u003c/a\u003e fix(release): verify Developer ID app signing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/35dfbb26a6a2de44fc37af7229a994f32f636d5b\"\u003e\u003ccode\u003e35dfbb2\u003c/code\u003e\u003c/a\u003e fix(release): disable notary S3 acceleration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/9cd7771b43a19119cabc1f2d66f9e50a7e842f11\"\u003e\u003ccode\u003e9cd7771\u003c/code\u003e\u003c/a\u003e refactor(detection): satisfy release lint gate\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/75e2884e0111aff0b9688b0eace4b8ad561ccdb3\"\u003e\u003ccode\u003e75e2884\u003c/code\u003e\u003c/a\u003e chore(release): prepare 3.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/eba271eaff8a29b2e03a56cf43fee02f0cf4d737\"\u003e\u003ccode\u003eeba271e\u003c/code\u003e\u003c/a\u003e fix(cli): resolve targeted click coordinates (\u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/153\"\u003e#153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/6ce071077a82720cf261a0c023874ef968ae0a44\"\u003e\u003ccode\u003e6ce0710\u003c/code\u003e\u003c/a\u003e feat(detection): expose AX traversal budget controls\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/d211a760fd862f643cc43cf5b5fe3e90de5e1139\"\u003e\u003ccode\u003ed211a76\u003c/code\u003e\u003c/a\u003e feat(agent): wire per-turn context and action verification\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/9bd822faf1868e0ae4fc6db4ea66eda81fd67b8b\"\u003e\u003ccode\u003e9bd822f\u003c/code\u003e\u003c/a\u003e fix(config): preserve custom provider credential references\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/b0845e2e177c9a9f74f4de75bc26d0294c03e724\"\u003e\u003ccode\u003eb0845e2\u003c/code\u003e\u003c/a\u003e docs(config): preserve env references in shell examples\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/8508be1c77226f10381cd2f48f0a3ce8578d94b2\"\u003e\u003ccode\u003e8508be1\u003c/code\u003e\u003c/a\u003e docs: prefer ${VAR} over {env:VAR} for custom provider apiKey\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/steipete/Peekaboo/compare/v3.0.0...v3.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/devicemanager/openclaw/pull/24","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/devicemanager%2Fopenclaw/issues/24","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/24/packages"},{"uuid":"4474999706","node_id":"PR_kwDOSZV4rs7c8inZ","number":16,"state":"closed","title":"chore(deps): bump the swift-deps group across 1 directory with 2 updates","user":"dependabot[bot]","labels":["dependencies","swift_package_manager"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-26T03:03:54.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-19T06:35:33.000Z","updated_at":"2026-05-26T03:03:56.000Z","time_to_close":592101,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"swift-deps","update_count":2,"packages":[{"name":"github.com/sparkle-project/sparkle","old_version":"2.9.1","new_version":"2.9.2","repository_url":"https://github.com/sparkle-project/Sparkle"},{"name":"github.com/steipete/peekaboo","old_version":"3.0.0-beta4","new_version":"3.2.1","repository_url":"https://github.com/steipete/Peekaboo"}],"path":null,"ecosystem":"swift"},"body":"Bumps the swift-deps group with 2 updates in the /apps/macos directory: [github.com/sparkle-project/sparkle](https://github.com/sparkle-project/Sparkle) and [github.com/steipete/peekaboo](https://github.com/steipete/Peekaboo).\n\nUpdates `github.com/sparkle-project/sparkle` from 2.9.1 to 2.9.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparkle-project/Sparkle/releases\"\u003egithub.com/sparkle-project/sparkle's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.2 Appcast Improvements\u003c/h2\u003e\n\u003cp\u003eChanges:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eShow hidden window title in update window for accessibility (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2871\"\u003e#2871\u003c/a\u003e) (Zorg)\u003c/li\u003e\n\u003cli\u003ePolish and update Spanish translations to be gender neutral (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2874\"\u003e#2874\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2875\"\u003e#2875\u003c/a\u003e) (Emilio P Egido)\u003c/li\u003e\n\u003cli\u003eGuard against NULL CFRelease() on failure condition in fallback path (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2867\"\u003e#2867\u003c/a\u003e) (Zorg)\u003c/li\u003e\n\u003cli\u003eGuard against symlinks when applying delta update files (fe7b718) (Zorg, fg0x0)\u003c/li\u003e\n\u003cli\u003eEnforce connection to installer to be validated before receiving appcast item data (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2876\"\u003e#2876\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2877\"\u003e#2877\u003c/a\u003e) (Zorg, fg0x0)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis release contains two high-complex security fixes reported by \u003ca href=\"https://github.com/fg0x0\"\u003e\u003ccode\u003e@​fg0x0\u003c/code\u003e\u003c/a\u003e. The details will be posted in the \u003ca href=\"https://github.com/sparkle-project/Sparkle/discussions/2838\"\u003e2.9 discussion\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003ePlease also check \u003ca href=\"https://github.com/sparkle-project/Sparkle/releases/tag/2.9.1\"\u003e2.9.1\u003c/a\u003e and \u003ca href=\"https://github.com/sparkle-project/Sparkle/releases/tag/2.9.0\"\u003e2.9.0\u003c/a\u003e for previous changes.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/6276ba2b404829d139c45ff98427cf90e2efc59b\"\u003e\u003ccode\u003e6276ba2\u003c/code\u003e\u003c/a\u003e Update Package management files for version 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/113279a21f754abf10c2b7a019543c43b9c3b74d\"\u003e\u003ccode\u003e113279a\u003c/code\u003e\u003c/a\u003e Improve synchronization of _receivedAppcastItemData (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2877\"\u003e#2877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/7c4741d762df4f7162bfd4f267a4217a3a4a80c9\"\u003e\u003ccode\u003e7c4741d\u003c/code\u003e\u003c/a\u003e Update Package management files for version 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/5df807d5ac88cd912abb5e24747e1c20e06352b8\"\u003e\u003ccode\u003e5df807d\u003c/code\u003e\u003c/a\u003e Update README for 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/c6ab245eba32c85bfe8ad4d51184bcb2c58cf69a\"\u003e\u003ccode\u003ec6ab245\u003c/code\u003e\u003c/a\u003e Update Package management files for version 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/6e370a5ab8293da6a028da49a33f67e9b20d86e1\"\u003e\u003ccode\u003e6e370a5\u003c/code\u003e\u003c/a\u003e Enforce connection to installer to be validated before receiving appcast item...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/cbdc150cfb2fa0ca8b0c1aaed3841bbb18be61d0\"\u003e\u003ccode\u003ecbdc150\u003c/code\u003e\u003c/a\u003e Polish Spanish localization in Sparkle.strings (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2875\"\u003e#2875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/fe7b718d0736f3e139e374e26fbca96f29e13bf0\"\u003e\u003ccode\u003efe7b718\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/d2b796bc3e96c3e60267c8e1a3176db11b07c488\"\u003e\u003ccode\u003ed2b796b\u003c/code\u003e\u003c/a\u003e Update you're up to date Spanish translation to be gender neutral (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2874\"\u003e#2874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/2f33f56afb966ea7fb65f44b077447c27065dd45\"\u003e\u003ccode\u003e2f33f56\u003c/code\u003e\u003c/a\u003e Fix QoS warning when running Test app server on main thread (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2873\"\u003e#2873\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sparkle-project/Sparkle/compare/2.9.1...2.9.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/steipete/peekaboo` from 3.0.0-beta4 to 3.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steipete/Peekaboo/releases\"\u003egithub.com/steipete/peekaboo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.1\u003c/h2\u003e\n\u003ch2\u003e[3.2.1] - 2026-05-18\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo click --coords\u003c/code\u003e now treats coordinates as target-window-relative when app/window target flags are supplied, reports resolved target metadata, and requires \u003ccode\u003e--global-coords\u003c/code\u003e for targeted global clicks.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo-mcp\u003c/code\u003e now shuts down cleanly during restart backoff and repairs executable permissions without shelling out through an install path.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epnpm run peekaboo:dev\u003c/code\u003e no longer depends on a hardcoded local checkout path.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now tells models to use the current tool schema instead of stale tool names and arguments. Thanks \u003ca href=\"https://github.com/vyctorbrzezowski\"\u003e\u003ccode\u003e@​vyctorbrzezowski\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/139\"\u003e#139\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAX element detection now honors traversal budgets and reports truncation when depth, count, or per-node child limits are reached. Thanks \u003ca href=\"https://github.com/vyctorbrzezowski\"\u003e\u003ccode\u003e@​vyctorbrzezowski\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/140\"\u003e#140\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e and MCP clients now have an \u003ccode\u003einspect_ui\u003c/code\u003e tool for AX-only UI text/control inspection without capturing screenshots. Thanks \u003ca href=\"https://github.com/vyctorbrzezowski\"\u003e\u003ccode\u003e@​vyctorbrzezowski\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/141\"\u003e#141\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eWindow-mode capture now falls back to desktop-independent ScreenCaptureKit filters when multi-display setups cannot map a window to an enumerated display. Thanks \u003ca href=\"https://github.com/lonexreb\"\u003e\u003ccode\u003e@​lonexreb\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/147\"\u003e#147\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e guidance now routes AX-only observation through \u003ccode\u003einspect_ui\u003c/code\u003e consistently while keeping screenshot-backed checks on \u003ccode\u003esee\u003c/code\u003e. Thanks \u003ca href=\"https://github.com/vyctorbrzezowski\"\u003e\u003ccode\u003e@​vyctorbrzezowski\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/144\"\u003e#144\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom provider docs, CLI help, and macOS settings now prefer \u003ccode\u003e${VAR}\u003c/code\u003e API key references and shell examples that preserve them literally. Thanks \u003ca href=\"https://github.com/scotthuang\"\u003e\u003ccode\u003e@​scotthuang\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/142\"\u003e#142\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now refreshes desktop context before each model turn and wires opt-in action verification through the configured capture strategy. Thanks \u003ca href=\"https://github.com/lonexreb\"\u003e\u003ccode\u003e@​lonexreb\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/148\"\u003e#148\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAX traversal budgets now have wider defaults plus CLI, MCP, and environment overrides for complex app trees. Thanks \u003ca href=\"https://github.com/widdowson\"\u003e\u003ccode\u003e@​widdowson\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/150\"\u003e#150\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/151\"\u003e#151\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease Proof\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003enpm: \u003ca href=\"https://www.npmjs.com/package/@steipete/peekaboo/v/3.2.1\"\u003ehttps://www.npmjs.com/package/@​steipete/peekaboo/v/3.2.1\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003enpm tarball: \u003ca href=\"https://registry.npmjs.org/@steipete/peekaboo/-/peekaboo-3.2.1.tgz\"\u003ehttps://registry.npmjs.org/@​steipete/peekaboo/-/peekaboo-3.2.1.tgz\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003enpm integrity: sha512-EemQV/dh2pM3NjhYNeCwN5z2xVnNCRtiG/lOpUWCG9D11ebaY8mgoKoNAACjDcWwIsSB+tAhzYj9F1Y5bee70A==\u003c/li\u003e\n\u003cli\u003enpm published: 2026-05-18T13:56:48.898Z\u003c/li\u003e\n\u003cli\u003emacOS app: signed, notarized, stapled, and \u003ccode\u003espctl\u003c/code\u003e accepted as Notarized Developer ID.\u003c/li\u003e\n\u003cli\u003eLocal proof: \u003ccode\u003epnpm run lint\u003c/code\u003e, \u003ccode\u003epnpm run format\u003c/code\u003e, \u003ccode\u003epnpm run test:safe\u003c/code\u003e, universal CLI build/package verification, checksum verification, appcast XML validation.\u003c/li\u003e\n\u003cli\u003eAssets: \u003ccode\u003ePeekaboo-3.2.1.app.zip\u003c/code\u003e, \u003ccode\u003epeekaboo-macos-universal.tar.gz\u003c/code\u003e, \u003ccode\u003esteipete-peekaboo-3.2.1.tgz\u003c/code\u003e, \u003ccode\u003echecksums.txt\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e[3.2.0] - 2026-05-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo click --focus-background\u003c/code\u003e and the MCP \u003ccode\u003eclick\u003c/code\u003e tool now support process-targeted background mouse delivery for apps identified by \u003ccode\u003e--app\u003c/code\u003e, \u003ccode\u003e--pid\u003c/code\u003e, or snapshot metadata.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now supports MiniMax M2.7 through Tachikoma's Anthropic-compatible provider path. Thanks \u003ca href=\"https://github.com/xiaofeiwa\"\u003e\u003ccode\u003e@​xiaofeiwa\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/130\"\u003e#130\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now accepts \u003ccode\u003eollama/\u0026lt;model\u0026gt;\u003c/code\u003e and \u003ccode\u003elmstudio/\u0026lt;model\u0026gt;\u003c/code\u003e local model selections, including local-only provider defaults. Thanks \u003ca href=\"https://github.com/0x5845\"\u003e\u003ccode\u003e@​0x5845\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/137\"\u003e#137\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOllama vision model IDs such as \u003ccode\u003eqwen2.5vl:3b\u003c/code\u003e now stay intact through Tachikoma model parsing instead of falling back to \u003ccode\u003ellama3.3\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/16\"\u003e#16\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now initializes with Gemini-only or MiniMax-only credentials instead of falling back to an unavailable OpenAI/Anthropic default. Thanks \u003ca href=\"https://github.com/lonexreb\"\u003e\u003ccode\u003e@​lonexreb\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/133\"\u003e#133\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eWindow captures now retry transient \u003ccode\u003eSCScreenshotManager\u003c/code\u003e failures before reporting a minimized/off-screen/Space hint. Thanks \u003ca href=\"https://github.com/lonexreb\"\u003e\u003ccode\u003e@​lonexreb\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/135\"\u003e#135\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe macOS app now keeps one status item/controller across app state reconnects and removes the status item on teardown, avoiding duplicate or ghost menu bar icons. Thanks \u003ca href=\"https://github.com/lonexreb\"\u003e\u003ccode\u003e@​lonexreb\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/134\"\u003e#134\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eRelease automation now verifies CLI, npm, macOS app, checksum, appcast, and uploaded GitHub assets before publish.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo type --json\u003c/code\u003e now separates requested text from executed key actions, making escaped special keys such as \u003ccode\u003e\\n\u003c/code\u003e visible to agents without losing backwards-compatible \u003ccode\u003etypedText\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo permissions status --all-sources\u003c/code\u003e now compares Bridge and local TCC permission state side by side, so daemon grants are no longer confused with CLI grants.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo mcp serve --transport ...\u003c/code\u003e now rejects invalid transport names instead of silently starting stdio mode.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo paste --app ...\u003c/code\u003e now fails before mutating the clipboard when the requested app cannot be found.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e no longer sends stale Anthropic extended-thinking options to Claude Opus 4.7 and now exits with failure when agent execution fails.\u003c/li\u003e\n\u003cli\u003eCommand timeout JSON now reports the intended timeout error instead of occasionally surfacing cancellation as an unknown error.\u003c/li\u003e\n\u003cli\u003eRefreshed CLI docs and quickstart examples to use current flags such as \u003ccode\u003eimage --path\u003c/code\u003e, \u003ccode\u003eclick --coords\u003c/code\u003e, \u003ccode\u003etype --return\u003c/code\u003e, \u003ccode\u003epress --count\u003c/code\u003e, and \u003ccode\u003escroll --amount\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDebug CLI startup no longer spawns \u003ccode\u003egit config\u003c/code\u003e on every launch when build-staleness checking is disabled, cutting startup-heavy command latency by more than 30% in local testing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/36108b4ea7d7848d616c3cad1e7a03e40d6be857\"\u003e\u003ccode\u003e36108b4\u003c/code\u003e\u003c/a\u003e fix(release): verify Developer ID app signing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/35dfbb26a6a2de44fc37af7229a994f32f636d5b\"\u003e\u003ccode\u003e35dfbb2\u003c/code\u003e\u003c/a\u003e fix(release): disable notary S3 acceleration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/9cd7771b43a19119cabc1f2d66f9e50a7e842f11\"\u003e\u003ccode\u003e9cd7771\u003c/code\u003e\u003c/a\u003e refactor(detection): satisfy release lint gate\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/75e2884e0111aff0b9688b0eace4b8ad561ccdb3\"\u003e\u003ccode\u003e75e2884\u003c/code\u003e\u003c/a\u003e chore(release): prepare 3.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/eba271eaff8a29b2e03a56cf43fee02f0cf4d737\"\u003e\u003ccode\u003eeba271e\u003c/code\u003e\u003c/a\u003e fix(cli): resolve targeted click coordinates (\u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/153\"\u003e#153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/6ce071077a82720cf261a0c023874ef968ae0a44\"\u003e\u003ccode\u003e6ce0710\u003c/code\u003e\u003c/a\u003e feat(detection): expose AX traversal budget controls\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/d211a760fd862f643cc43cf5b5fe3e90de5e1139\"\u003e\u003ccode\u003ed211a76\u003c/code\u003e\u003c/a\u003e feat(agent): wire per-turn context and action verification\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/9bd822faf1868e0ae4fc6db4ea66eda81fd67b8b\"\u003e\u003ccode\u003e9bd822f\u003c/code\u003e\u003c/a\u003e fix(config): preserve custom provider credential references\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/b0845e2e177c9a9f74f4de75bc26d0294c03e724\"\u003e\u003ccode\u003eb0845e2\u003c/code\u003e\u003c/a\u003e docs(config): preserve env references in shell examples\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/8508be1c77226f10381cd2f48f0a3ce8578d94b2\"\u003e\u003ccode\u003e8508be1\u003c/code\u003e\u003c/a\u003e docs: prefer ${VAR} over {env:VAR} for custom provider apiKey\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/steipete/Peekaboo/compare/v3.0.0-beta4...v3.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/DomLynch/openclaw/pull/16","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DomLynch%2Fopenclaw/issues/16","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/16/packages"},{"uuid":"4474769544","node_id":"PR_kwDOR38uo87c7z4K","number":40,"state":"closed","title":"build(deps): bump the swift-deps group across 1 directory with 2 updates","user":"dependabot[bot]","labels":["dependencies","swift_package_manager"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-21T02:26:54.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-19T05:50:42.000Z","updated_at":"2026-05-21T02:26:56.000Z","time_to_close":160572,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"swift-deps","update_count":2,"packages":[{"name":"github.com/sparkle-project/sparkle","old_version":"2.9.1","new_version":"2.9.2","repository_url":"https://github.com/sparkle-project/Sparkle"},{"name":"github.com/steipete/peekaboo","old_version":"3.0.0","new_version":"3.2.1","repository_url":"https://github.com/steipete/Peekaboo"}],"path":null,"ecosystem":"swift"},"body":"Bumps the swift-deps group with 2 updates in the /apps/macos directory: [github.com/sparkle-project/sparkle](https://github.com/sparkle-project/Sparkle) and [github.com/steipete/peekaboo](https://github.com/steipete/Peekaboo).\n\nUpdates `github.com/sparkle-project/sparkle` from 2.9.1 to 2.9.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparkle-project/Sparkle/releases\"\u003egithub.com/sparkle-project/sparkle's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.2 Appcast Improvements\u003c/h2\u003e\n\u003cp\u003eChanges:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eShow hidden window title in update window for accessibility (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2871\"\u003e#2871\u003c/a\u003e) (Zorg)\u003c/li\u003e\n\u003cli\u003ePolish and update Spanish translations to be gender neutral (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2874\"\u003e#2874\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2875\"\u003e#2875\u003c/a\u003e) (Emilio P Egido)\u003c/li\u003e\n\u003cli\u003eGuard against NULL CFRelease() on failure condition in fallback path (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2867\"\u003e#2867\u003c/a\u003e) (Zorg)\u003c/li\u003e\n\u003cli\u003eGuard against symlinks when applying delta update files (fe7b718) (Zorg, fg0x0)\u003c/li\u003e\n\u003cli\u003eEnforce connection to installer to be validated before receiving appcast item data (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2876\"\u003e#2876\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2877\"\u003e#2877\u003c/a\u003e) (Zorg, fg0x0)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis release contains two high-complex security fixes reported by \u003ca href=\"https://github.com/fg0x0\"\u003e\u003ccode\u003e@​fg0x0\u003c/code\u003e\u003c/a\u003e. The details will be posted in the \u003ca href=\"https://github.com/sparkle-project/Sparkle/discussions/2838\"\u003e2.9 discussion\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003ePlease also check \u003ca href=\"https://github.com/sparkle-project/Sparkle/releases/tag/2.9.1\"\u003e2.9.1\u003c/a\u003e and \u003ca href=\"https://github.com/sparkle-project/Sparkle/releases/tag/2.9.0\"\u003e2.9.0\u003c/a\u003e for previous changes.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/6276ba2b404829d139c45ff98427cf90e2efc59b\"\u003e\u003ccode\u003e6276ba2\u003c/code\u003e\u003c/a\u003e Update Package management files for version 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/113279a21f754abf10c2b7a019543c43b9c3b74d\"\u003e\u003ccode\u003e113279a\u003c/code\u003e\u003c/a\u003e Improve synchronization of _receivedAppcastItemData (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2877\"\u003e#2877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/7c4741d762df4f7162bfd4f267a4217a3a4a80c9\"\u003e\u003ccode\u003e7c4741d\u003c/code\u003e\u003c/a\u003e Update Package management files for version 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/5df807d5ac88cd912abb5e24747e1c20e06352b8\"\u003e\u003ccode\u003e5df807d\u003c/code\u003e\u003c/a\u003e Update README for 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/c6ab245eba32c85bfe8ad4d51184bcb2c58cf69a\"\u003e\u003ccode\u003ec6ab245\u003c/code\u003e\u003c/a\u003e Update Package management files for version 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/6e370a5ab8293da6a028da49a33f67e9b20d86e1\"\u003e\u003ccode\u003e6e370a5\u003c/code\u003e\u003c/a\u003e Enforce connection to installer to be validated before receiving appcast item...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/cbdc150cfb2fa0ca8b0c1aaed3841bbb18be61d0\"\u003e\u003ccode\u003ecbdc150\u003c/code\u003e\u003c/a\u003e Polish Spanish localization in Sparkle.strings (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2875\"\u003e#2875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/fe7b718d0736f3e139e374e26fbca96f29e13bf0\"\u003e\u003ccode\u003efe7b718\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/d2b796bc3e96c3e60267c8e1a3176db11b07c488\"\u003e\u003ccode\u003ed2b796b\u003c/code\u003e\u003c/a\u003e Update you're up to date Spanish translation to be gender neutral (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2874\"\u003e#2874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/2f33f56afb966ea7fb65f44b077447c27065dd45\"\u003e\u003ccode\u003e2f33f56\u003c/code\u003e\u003c/a\u003e Fix QoS warning when running Test app server on main thread (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2873\"\u003e#2873\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sparkle-project/Sparkle/compare/2.9.1...2.9.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/steipete/peekaboo` from 3.0.0 to 3.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steipete/Peekaboo/releases\"\u003egithub.com/steipete/peekaboo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.1\u003c/h2\u003e\n\u003ch2\u003e[3.2.1] - 2026-05-18\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo click --coords\u003c/code\u003e now treats coordinates as target-window-relative when app/window target flags are supplied, reports resolved target metadata, and requires \u003ccode\u003e--global-coords\u003c/code\u003e for targeted global clicks.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo-mcp\u003c/code\u003e now shuts down cleanly during restart backoff and repairs executable permissions without shelling out through an install path.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epnpm run peekaboo:dev\u003c/code\u003e no longer depends on a hardcoded local checkout path.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now tells models to use the current tool schema instead of stale tool names and arguments. Thanks \u003ca href=\"https://github.com/vyctorbrzezowski\"\u003e\u003ccode\u003e@​vyctorbrzezowski\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/139\"\u003e#139\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAX element detection now honors traversal budgets and reports truncation when depth, count, or per-node child limits are reached. Thanks \u003ca href=\"https://github.com/vyctorbrzezowski\"\u003e\u003ccode\u003e@​vyctorbrzezowski\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/140\"\u003e#140\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e and MCP clients now have an \u003ccode\u003einspect_ui\u003c/code\u003e tool for AX-only UI text/control inspection without capturing screenshots. Thanks \u003ca href=\"https://github.com/vyctorbrzezowski\"\u003e\u003ccode\u003e@​vyctorbrzezowski\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/141\"\u003e#141\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eWindow-mode capture now falls back to desktop-independent ScreenCaptureKit filters when multi-display setups cannot map a window to an enumerated display. Thanks \u003ca href=\"https://github.com/lonexreb\"\u003e\u003ccode\u003e@​lonexreb\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/147\"\u003e#147\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e guidance now routes AX-only observation through \u003ccode\u003einspect_ui\u003c/code\u003e consistently while keeping screenshot-backed checks on \u003ccode\u003esee\u003c/code\u003e. Thanks \u003ca href=\"https://github.com/vyctorbrzezowski\"\u003e\u003ccode\u003e@​vyctorbrzezowski\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/144\"\u003e#144\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom provider docs, CLI help, and macOS settings now prefer \u003ccode\u003e${VAR}\u003c/code\u003e API key references and shell examples that preserve them literally. Thanks \u003ca href=\"https://github.com/scotthuang\"\u003e\u003ccode\u003e@​scotthuang\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/142\"\u003e#142\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now refreshes desktop context before each model turn and wires opt-in action verification through the configured capture strategy. Thanks \u003ca href=\"https://github.com/lonexreb\"\u003e\u003ccode\u003e@​lonexreb\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/148\"\u003e#148\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAX traversal budgets now have wider defaults plus CLI, MCP, and environment overrides for complex app trees. Thanks \u003ca href=\"https://github.com/widdowson\"\u003e\u003ccode\u003e@​widdowson\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/150\"\u003e#150\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/151\"\u003e#151\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease Proof\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003enpm: \u003ca href=\"https://www.npmjs.com/package/@steipete/peekaboo/v/3.2.1\"\u003ehttps://www.npmjs.com/package/@​steipete/peekaboo/v/3.2.1\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003enpm tarball: \u003ca href=\"https://registry.npmjs.org/@steipete/peekaboo/-/peekaboo-3.2.1.tgz\"\u003ehttps://registry.npmjs.org/@​steipete/peekaboo/-/peekaboo-3.2.1.tgz\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003enpm integrity: sha512-EemQV/dh2pM3NjhYNeCwN5z2xVnNCRtiG/lOpUWCG9D11ebaY8mgoKoNAACjDcWwIsSB+tAhzYj9F1Y5bee70A==\u003c/li\u003e\n\u003cli\u003enpm published: 2026-05-18T13:56:48.898Z\u003c/li\u003e\n\u003cli\u003emacOS app: signed, notarized, stapled, and \u003ccode\u003espctl\u003c/code\u003e accepted as Notarized Developer ID.\u003c/li\u003e\n\u003cli\u003eLocal proof: \u003ccode\u003epnpm run lint\u003c/code\u003e, \u003ccode\u003epnpm run format\u003c/code\u003e, \u003ccode\u003epnpm run test:safe\u003c/code\u003e, universal CLI build/package verification, checksum verification, appcast XML validation.\u003c/li\u003e\n\u003cli\u003eAssets: \u003ccode\u003ePeekaboo-3.2.1.app.zip\u003c/code\u003e, \u003ccode\u003epeekaboo-macos-universal.tar.gz\u003c/code\u003e, \u003ccode\u003esteipete-peekaboo-3.2.1.tgz\u003c/code\u003e, \u003ccode\u003echecksums.txt\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e[3.2.0] - 2026-05-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo click --focus-background\u003c/code\u003e and the MCP \u003ccode\u003eclick\u003c/code\u003e tool now support process-targeted background mouse delivery for apps identified by \u003ccode\u003e--app\u003c/code\u003e, \u003ccode\u003e--pid\u003c/code\u003e, or snapshot metadata.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now supports MiniMax M2.7 through Tachikoma's Anthropic-compatible provider path. Thanks \u003ca href=\"https://github.com/xiaofeiwa\"\u003e\u003ccode\u003e@​xiaofeiwa\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/130\"\u003e#130\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now accepts \u003ccode\u003eollama/\u0026lt;model\u0026gt;\u003c/code\u003e and \u003ccode\u003elmstudio/\u0026lt;model\u0026gt;\u003c/code\u003e local model selections, including local-only provider defaults. Thanks \u003ca href=\"https://github.com/0x5845\"\u003e\u003ccode\u003e@​0x5845\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/137\"\u003e#137\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOllama vision model IDs such as \u003ccode\u003eqwen2.5vl:3b\u003c/code\u003e now stay intact through Tachikoma model parsing instead of falling back to \u003ccode\u003ellama3.3\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/16\"\u003e#16\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now initializes with Gemini-only or MiniMax-only credentials instead of falling back to an unavailable OpenAI/Anthropic default. Thanks \u003ca href=\"https://github.com/lonexreb\"\u003e\u003ccode\u003e@​lonexreb\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/133\"\u003e#133\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eWindow captures now retry transient \u003ccode\u003eSCScreenshotManager\u003c/code\u003e failures before reporting a minimized/off-screen/Space hint. Thanks \u003ca href=\"https://github.com/lonexreb\"\u003e\u003ccode\u003e@​lonexreb\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/135\"\u003e#135\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe macOS app now keeps one status item/controller across app state reconnects and removes the status item on teardown, avoiding duplicate or ghost menu bar icons. Thanks \u003ca href=\"https://github.com/lonexreb\"\u003e\u003ccode\u003e@​lonexreb\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/134\"\u003e#134\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eRelease automation now verifies CLI, npm, macOS app, checksum, appcast, and uploaded GitHub assets before publish.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo type --json\u003c/code\u003e now separates requested text from executed key actions, making escaped special keys such as \u003ccode\u003e\\n\u003c/code\u003e visible to agents without losing backwards-compatible \u003ccode\u003etypedText\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo permissions status --all-sources\u003c/code\u003e now compares Bridge and local TCC permission state side by side, so daemon grants are no longer confused with CLI grants.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo mcp serve --transport ...\u003c/code\u003e now rejects invalid transport names instead of silently starting stdio mode.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo paste --app ...\u003c/code\u003e now fails before mutating the clipboard when the requested app cannot be found.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e no longer sends stale Anthropic extended-thinking options to Claude Opus 4.7 and now exits with failure when agent execution fails.\u003c/li\u003e\n\u003cli\u003eCommand timeout JSON now reports the intended timeout error instead of occasionally surfacing cancellation as an unknown error.\u003c/li\u003e\n\u003cli\u003eRefreshed CLI docs and quickstart examples to use current flags such as \u003ccode\u003eimage --path\u003c/code\u003e, \u003ccode\u003eclick --coords\u003c/code\u003e, \u003ccode\u003etype --return\u003c/code\u003e, \u003ccode\u003epress --count\u003c/code\u003e, and \u003ccode\u003escroll --amount\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDebug CLI startup no longer spawns \u003ccode\u003egit config\u003c/code\u003e on every launch when build-staleness checking is disabled, cutting startup-heavy command latency by more than 30% in local testing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/36108b4ea7d7848d616c3cad1e7a03e40d6be857\"\u003e\u003ccode\u003e36108b4\u003c/code\u003e\u003c/a\u003e fix(release): verify Developer ID app signing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/35dfbb26a6a2de44fc37af7229a994f32f636d5b\"\u003e\u003ccode\u003e35dfbb2\u003c/code\u003e\u003c/a\u003e fix(release): disable notary S3 acceleration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/9cd7771b43a19119cabc1f2d66f9e50a7e842f11\"\u003e\u003ccode\u003e9cd7771\u003c/code\u003e\u003c/a\u003e refactor(detection): satisfy release lint gate\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/75e2884e0111aff0b9688b0eace4b8ad561ccdb3\"\u003e\u003ccode\u003e75e2884\u003c/code\u003e\u003c/a\u003e chore(release): prepare 3.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/eba271eaff8a29b2e03a56cf43fee02f0cf4d737\"\u003e\u003ccode\u003eeba271e\u003c/code\u003e\u003c/a\u003e fix(cli): resolve targeted click coordinates (\u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/153\"\u003e#153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/6ce071077a82720cf261a0c023874ef968ae0a44\"\u003e\u003ccode\u003e6ce0710\u003c/code\u003e\u003c/a\u003e feat(detection): expose AX traversal budget controls\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/d211a760fd862f643cc43cf5b5fe3e90de5e1139\"\u003e\u003ccode\u003ed211a76\u003c/code\u003e\u003c/a\u003e feat(agent): wire per-turn context and action verification\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/9bd822faf1868e0ae4fc6db4ea66eda81fd67b8b\"\u003e\u003ccode\u003e9bd822f\u003c/code\u003e\u003c/a\u003e fix(config): preserve custom provider credential references\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/b0845e2e177c9a9f74f4de75bc26d0294c03e724\"\u003e\u003ccode\u003eb0845e2\u003c/code\u003e\u003c/a\u003e docs(config): preserve env references in shell examples\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/8508be1c77226f10381cd2f48f0a3ce8578d94b2\"\u003e\u003ccode\u003e8508be1\u003c/code\u003e\u003c/a\u003e docs: prefer ${VAR} over {env:VAR} for custom provider apiKey\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/steipete/Peekaboo/compare/v3.0.0...v3.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/ntutangyun/openclaw/pull/40","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ntutangyun%2Fopenclaw/issues/40","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/40/packages"}],"issue_packages":[{"old_version":"3.2.1","new_version":"3.2.2","update_type":"patch","path":"/apps/macos","pr_created_at":"2026-05-23T18:06:28.000Z","version_change":"3.2.1 → 3.2.2","issue":{"uuid":"4509179043","node_id":"PR_kwDOSl5V0s7eqzM3","number":3,"state":"closed","title":"build(deps): bump the swift-deps group in /apps/macos with 3 updates","user":"dependabot[bot]","labels":["dependencies","swift_package_manager"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-24T04:44:30.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-23T18:06:28.000Z","updated_at":"2026-05-24T04:44:39.000Z","time_to_close":38282,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"swift-deps","update_count":3,"packages":[{"name":"github.com/apple/swift-log","old_version":"1.12.0","new_version":"1.12.1","repository_url":"https://github.com/apple/swift-log"},{"name":"github.com/sparkle-project/sparkle","old_version":"2.9.1","new_version":"2.9.2","repository_url":"https://github.com/sparkle-project/Sparkle"},{"name":"github.com/steipete/peekaboo","old_version":"3.2.1","new_version":"3.2.2","repository_url":"https://github.com/steipete/Peekaboo"}],"path":"/apps/macos","ecosystem":"swift"},"body":"Bumps the swift-deps group in /apps/macos with 3 updates: [github.com/apple/swift-log](https://github.com/apple/swift-log), [github.com/sparkle-project/sparkle](https://github.com/sparkle-project/Sparkle) and [github.com/steipete/peekaboo](https://github.com/steipete/Peekaboo).\n\nUpdates `github.com/apple/swift-log` from 1.12.0 to 1.12.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apple/swift-log/releases\"\u003egithub.com/apple/swift-log's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.12.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eSemVer Patch\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImprove readability by extracting separate types to their own files by \u003ca href=\"https://github.com/samuelmurray\"\u003e\u003ccode\u003e@​samuelmurray\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apple/swift-log/pull/444\"\u003eapple/swift-log#444\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSkip handler dispatch for setters under \u003ccode\u003eMaxLogLevelNone\u003c/code\u003e by \u003ca href=\"https://github.com/rnro\"\u003e\u003ccode\u003e@​rnro\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apple/swift-log/pull/465\"\u003eapple/swift-log#465\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate documentation to reflect recent changes by \u003ca href=\"https://github.com/samuelmurray\"\u003e\u003ccode\u003e@​samuelmurray\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apple/swift-log/pull/445\"\u003eapple/swift-log#445\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate dependabot to daily schedule by \u003ca href=\"https://github.com/kukushechkin\"\u003e\u003ccode\u003e@​kukushechkin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apple/swift-log/pull/446\"\u003eapple/swift-log#446\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump swiftlang/github-workflows/.github/workflows/soundness.yml from 0.0.9 to 0.0.11 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/apple/swift-log/pull/447\"\u003eapple/swift-log#447\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake dependabot set  label by \u003ca href=\"https://github.com/kukushechkin\"\u003e\u003ccode\u003e@​kukushechkin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apple/swift-log/pull/448\"\u003eapple/swift-log#448\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd tests for SwiftLogNoOpLogHandler by \u003ca href=\"https://github.com/crleonard\"\u003e\u003ccode\u003e@​crleonard\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apple/swift-log/pull/449\"\u003eapple/swift-log#449\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCleanup repository structure by \u003ca href=\"https://github.com/kukushechkin\"\u003e\u003ccode\u003e@​kukushechkin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apple/swift-log/pull/451\"\u003eapple/swift-log#451\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDisable nightly 6.3 WASM builds by \u003ca href=\"https://github.com/kukushechkin\"\u003e\u003ccode\u003e@​kukushechkin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apple/swift-log/pull/454\"\u003eapple/swift-log#454\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[SLG-0004]: metadata value attributes proposal (revision 2) by \u003ca href=\"https://github.com/kukushechkin\"\u003e\u003ccode\u003e@​kukushechkin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apple/swift-log/pull/440\"\u003eapple/swift-log#440\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMigrate macOS CI to Swift version inputs by \u003ca href=\"https://github.com/rnro\"\u003e\u003ccode\u003e@​rnro\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apple/swift-log/pull/457\"\u003eapple/swift-log#457\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eShared workflows changed from Xcode XX.X to Xcode swift X.X by \u003ca href=\"https://github.com/kukushechkin\"\u003e\u003ccode\u003e@​kukushechkin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apple/swift-log/pull/461\"\u003eapple/swift-log#461\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdopt multi-package macOS benchmarks workflow by \u003ca href=\"https://github.com/rnro\"\u003e\u003ccode\u003e@​rnro\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apple/swift-log/pull/466\"\u003eapple/swift-log#466\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crleonard\"\u003e\u003ccode\u003e@​crleonard\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/apple/swift-log/pull/449\"\u003eapple/swift-log#449\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/apple/swift-log/compare/1.12.0...1.12.1\"\u003ehttps://github.com/apple/swift-log/compare/1.12.0...1.12.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apple/swift-log/commit/a012e0ad8a8a72de92b0e008c81a9b793f70e73a\"\u003e\u003ccode\u003ea012e0a\u003c/code\u003e\u003c/a\u003e Adopt multi-package macOS benchmarks workflow (\u003ca href=\"https://redirect.github.com/apple/swift-log/issues/466\"\u003e#466\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apple/swift-log/commit/1069d31898fad2304edbdb9ddf30ddd6b3bcfb96\"\u003e\u003ccode\u003e1069d31\u003c/code\u003e\u003c/a\u003e Skip handler dispatch for setters under \u003ccode\u003eMaxLogLevelNone\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/apple/swift-log/issues/465\"\u003e#465\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apple/swift-log/commit/3061a62b6d0cfed7c11b5b019fd81443a0beb172\"\u003e\u003ccode\u003e3061a62\u003c/code\u003e\u003c/a\u003e Shared workflows changed from Xcode XX.X to Xcode swift X.X (\u003ca href=\"https://redirect.github.com/apple/swift-log/issues/461\"\u003e#461\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apple/swift-log/commit/184c73762fc180b3138e5320adae67ee738b5625\"\u003e\u003ccode\u003e184c737\u003c/code\u003e\u003c/a\u003e Migrate macOS CI to Swift version inputs (\u003ca href=\"https://redirect.github.com/apple/swift-log/issues/457\"\u003e#457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apple/swift-log/commit/eca81998f52d757e22b3bfbff650025091453bc0\"\u003e\u003ccode\u003eeca8199\u003c/code\u003e\u003c/a\u003e [SLG-0004]: metadata value attributes proposal (revision 2) (\u003ca href=\"https://redirect.github.com/apple/swift-log/issues/440\"\u003e#440\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apple/swift-log/commit/ac3646e5e0cc783fdb39a70971fac1e37b19202b\"\u003e\u003ccode\u003eac3646e\u003c/code\u003e\u003c/a\u003e Disable nightly 6.3 WASM builds (\u003ca href=\"https://redirect.github.com/apple/swift-log/issues/454\"\u003e#454\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apple/swift-log/commit/5c348a629ce8f04e7dbbd2b27d6ef330fa15cd7b\"\u003e\u003ccode\u003e5c348a6\u003c/code\u003e\u003c/a\u003e Cleanup repository structure (\u003ca href=\"https://redirect.github.com/apple/swift-log/issues/451\"\u003e#451\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apple/swift-log/commit/deae26e91aae13fdf879679e8b37bfaf0427d317\"\u003e\u003ccode\u003edeae26e\u003c/code\u003e\u003c/a\u003e Add tests for SwiftLogNoOpLogHandler (\u003ca href=\"https://redirect.github.com/apple/swift-log/issues/449\"\u003e#449\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apple/swift-log/commit/1fe83fbfe9a709d9572e7fd5785016a54ff36c6b\"\u003e\u003ccode\u003e1fe83fb\u003c/code\u003e\u003c/a\u003e Make dependabot set  label (\u003ca href=\"https://redirect.github.com/apple/swift-log/issues/448\"\u003e#448\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apple/swift-log/commit/41592e45e167db0e7c89d3ec4a2d3fb98ef1c1a0\"\u003e\u003ccode\u003e41592e4\u003c/code\u003e\u003c/a\u003e Bump swiftlang/github-workflows/.github/workflows/soundness.yml from 0.0.9 to...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apple/swift-log/compare/1.12.0...1.12.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/sparkle-project/sparkle` from 2.9.1 to 2.9.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparkle-project/Sparkle/releases\"\u003egithub.com/sparkle-project/sparkle's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.2 Appcast Improvements\u003c/h2\u003e\n\u003cp\u003eChanges:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eShow hidden window title in update window for accessibility (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2871\"\u003e#2871\u003c/a\u003e) (Zorg)\u003c/li\u003e\n\u003cli\u003ePolish and update Spanish translations to be gender neutral (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2874\"\u003e#2874\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2875\"\u003e#2875\u003c/a\u003e) (Emilio P Egido)\u003c/li\u003e\n\u003cli\u003eGuard against NULL CFRelease() on failure condition in fallback path (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2867\"\u003e#2867\u003c/a\u003e) (Zorg)\u003c/li\u003e\n\u003cli\u003eGuard against symlinks when applying delta update files (fe7b718) (Zorg, fg0x0)\u003c/li\u003e\n\u003cli\u003eEnforce connection to installer to be validated before receiving appcast item data (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2876\"\u003e#2876\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2877\"\u003e#2877\u003c/a\u003e) (Zorg, fg0x0)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis release contains two high-complex security fixes reported by \u003ca href=\"https://github.com/fg0x0\"\u003e\u003ccode\u003e@​fg0x0\u003c/code\u003e\u003c/a\u003e. The details will be posted in the \u003ca href=\"https://github.com/sparkle-project/Sparkle/discussions/2838\"\u003e2.9 discussion\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003ePlease also check \u003ca href=\"https://github.com/sparkle-project/Sparkle/releases/tag/2.9.1\"\u003e2.9.1\u003c/a\u003e and \u003ca href=\"https://github.com/sparkle-project/Sparkle/releases/tag/2.9.0\"\u003e2.9.0\u003c/a\u003e for previous changes.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/6276ba2b404829d139c45ff98427cf90e2efc59b\"\u003e\u003ccode\u003e6276ba2\u003c/code\u003e\u003c/a\u003e Update Package management files for version 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/113279a21f754abf10c2b7a019543c43b9c3b74d\"\u003e\u003ccode\u003e113279a\u003c/code\u003e\u003c/a\u003e Improve synchronization of _receivedAppcastItemData (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2877\"\u003e#2877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/7c4741d762df4f7162bfd4f267a4217a3a4a80c9\"\u003e\u003ccode\u003e7c4741d\u003c/code\u003e\u003c/a\u003e Update Package management files for version 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/5df807d5ac88cd912abb5e24747e1c20e06352b8\"\u003e\u003ccode\u003e5df807d\u003c/code\u003e\u003c/a\u003e Update README for 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/c6ab245eba32c85bfe8ad4d51184bcb2c58cf69a\"\u003e\u003ccode\u003ec6ab245\u003c/code\u003e\u003c/a\u003e Update Package management files for version 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/6e370a5ab8293da6a028da49a33f67e9b20d86e1\"\u003e\u003ccode\u003e6e370a5\u003c/code\u003e\u003c/a\u003e Enforce connection to installer to be validated before receiving appcast item...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/cbdc150cfb2fa0ca8b0c1aaed3841bbb18be61d0\"\u003e\u003ccode\u003ecbdc150\u003c/code\u003e\u003c/a\u003e Polish Spanish localization in Sparkle.strings (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2875\"\u003e#2875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/fe7b718d0736f3e139e374e26fbca96f29e13bf0\"\u003e\u003ccode\u003efe7b718\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/d2b796bc3e96c3e60267c8e1a3176db11b07c488\"\u003e\u003ccode\u003ed2b796b\u003c/code\u003e\u003c/a\u003e Update you're up to date Spanish translation to be gender neutral (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2874\"\u003e#2874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/2f33f56afb966ea7fb65f44b077447c27065dd45\"\u003e\u003ccode\u003e2f33f56\u003c/code\u003e\u003c/a\u003e Fix QoS warning when running Test app server on main thread (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2873\"\u003e#2873\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sparkle-project/Sparkle/compare/2.9.1...2.9.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/steipete/peekaboo` from 3.2.1 to 3.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steipete/Peekaboo/releases\"\u003egithub.com/steipete/peekaboo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.2\u003c/h2\u003e\n\u003ch2\u003e[3.2.2] - 2026-05-22\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eGameBridge manifests now let \u003ccode\u003epeekaboo see\u003c/code\u003e expose Firestaff/SDL game UI zones from GPU-rendered windows. Thanks \u003ca href=\"https://github.com/yeager\"\u003e\u003ccode\u003e@​yeager\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/152\"\u003e#152\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now accepts OpenRouter model IDs and can use \u003ccode\u003eOPENROUTER_API_KEY\u003c/code\u003e from env or credentials. Thanks \u003ca href=\"https://github.com/delort\"\u003e\u003ccode\u003e@​delort\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/155\"\u003e#155\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eRelease Verification\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enpm package: \u003ca href=\"https://www.npmjs.com/package/@steipete/peekaboo/v/3.2.2\"\u003ehttps://www.npmjs.com/package/@​steipete/peekaboo/v/3.2.2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eregistry tarball: \u003ca href=\"https://registry.npmjs.org/@steipete/peekaboo/-/peekaboo-3.2.2.tgz\"\u003ehttps://registry.npmjs.org/@​steipete/peekaboo/-/peekaboo-3.2.2.tgz\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003enpm integrity: \u003ccode\u003esha512-MV2heuhtWJPf8H1KwYGyfcXlOqKEMtuZNlOH9CA7gG7iXRsX28qEjCy/DTUWbTnKKeIsbrVi9SGjxfMLBIrXFg==\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eproof: \u003ccode\u003epnpm run lint\u003c/code\u003e, \u003ccode\u003epnpm run test:safe\u003c/code\u003e, universal CLI build, Developer ID signing, Apple notarization accepted, Sparkle appcast XML validated.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/d7b665c5df8b4b5c55b99a6e435bd938b431ffe9\"\u003e\u003ccode\u003ed7b665c\u003c/code\u003e\u003c/a\u003e chore(release): update appcast for 3.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/43ed861725665f610ebc11e27ebf8d5c27021ca4\"\u003e\u003ccode\u003e43ed861\u003c/code\u003e\u003c/a\u003e chore(release): prepare 3.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/1fd0dc6f519ae461110c0ce538d09678a212b919\"\u003e\u003ccode\u003e1fd0dc6\u003c/code\u003e\u003c/a\u003e fix: remove GameBridge release warning\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/2edeee0b33271b0659e5b94183616799c6ce29a5\"\u003e\u003ccode\u003e2edeee0\u003c/code\u003e\u003c/a\u003e feat: add GameBridge detection for SDL game windows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/c4a151a597de42cc65bec71bbc1c6ac0b07a5e22\"\u003e\u003ccode\u003ec4a151a\u003c/code\u003e\u003c/a\u003e chore: bump Tachikoma\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/3089e051107c299a8ea3085a47adaac4f7da5f61\"\u003e\u003ccode\u003e3089e05\u003c/code\u003e\u003c/a\u003e build: reuse shared mac release tooling\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/a9725f89e68f5da8c4d76b73c7d08f8a0174f70a\"\u003e\u003ccode\u003ea9725f8\u003c/code\u003e\u003c/a\u003e feat(agent): add OpenRouter provider support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/fe6548a5d89974d970517b7f86d7da65e1491576\"\u003e\u003ccode\u003efe6548a\u003c/code\u003e\u003c/a\u003e fix(agent): treat OAuth access tokens as Bearer auth not API keys (\u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/154\"\u003e#154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/96a165d7f2ec776784d4fa3fb5db1f6f17256733\"\u003e\u003ccode\u003e96a165d\u003c/code\u003e\u003c/a\u003e chore(release): close 3.2.1\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/steipete/Peekaboo/compare/v3.2.1...v3.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/sihaun/ShadowClaw/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sihaun%2FShadowClaw/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"}},{"old_version":"3.0.0","new_version":"3.2.1","update_type":"minor","path":null,"pr_created_at":"2026-05-19T18:59:28.000Z","version_change":"3.0.0 → 3.2.1","issue":{"uuid":"4480184449","node_id":"PR_kwDORKp0PM7dNXY1","number":24,"state":"closed","title":"chore(deps): bump the swift-deps group across 1 directory with 2 updates","user":"dependabot[bot]","labels":["dependencies","swift_package_manager"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-25T09:02:04.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-19T18:59:28.000Z","updated_at":"2026-05-25T09:02:06.000Z","time_to_close":482556,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"swift-deps","update_count":2,"packages":[{"name":"github.com/sparkle-project/sparkle","old_version":"2.9.1","new_version":"2.9.2","repository_url":"https://github.com/sparkle-project/Sparkle"},{"name":"github.com/steipete/peekaboo","old_version":"3.0.0","new_version":"3.2.1","repository_url":"https://github.com/steipete/Peekaboo"}],"path":null,"ecosystem":"swift"},"body":"Bumps the swift-deps group with 2 updates in the /apps/macos directory: [github.com/sparkle-project/sparkle](https://github.com/sparkle-project/Sparkle) and [github.com/steipete/peekaboo](https://github.com/steipete/Peekaboo).\n\nUpdates `github.com/sparkle-project/sparkle` from 2.9.1 to 2.9.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparkle-project/Sparkle/releases\"\u003egithub.com/sparkle-project/sparkle's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.2 Appcast Improvements\u003c/h2\u003e\n\u003cp\u003eChanges:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eShow hidden window title in update window for accessibility (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2871\"\u003e#2871\u003c/a\u003e) (Zorg)\u003c/li\u003e\n\u003cli\u003ePolish and update Spanish translations to be gender neutral (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2874\"\u003e#2874\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2875\"\u003e#2875\u003c/a\u003e) (Emilio P Egido)\u003c/li\u003e\n\u003cli\u003eGuard against NULL CFRelease() on failure condition in fallback path (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2867\"\u003e#2867\u003c/a\u003e) (Zorg)\u003c/li\u003e\n\u003cli\u003eGuard against symlinks when applying delta update files (fe7b718) (Zorg, fg0x0)\u003c/li\u003e\n\u003cli\u003eEnforce connection to installer to be validated before receiving appcast item data (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2876\"\u003e#2876\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2877\"\u003e#2877\u003c/a\u003e) (Zorg, fg0x0)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis release contains two high-complex security fixes reported by \u003ca href=\"https://github.com/fg0x0\"\u003e\u003ccode\u003e@​fg0x0\u003c/code\u003e\u003c/a\u003e. The details will be posted in the \u003ca href=\"https://github.com/sparkle-project/Sparkle/discussions/2838\"\u003e2.9 discussion\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003ePlease also check \u003ca href=\"https://github.com/sparkle-project/Sparkle/releases/tag/2.9.1\"\u003e2.9.1\u003c/a\u003e and \u003ca href=\"https://github.com/sparkle-project/Sparkle/releases/tag/2.9.0\"\u003e2.9.0\u003c/a\u003e for previous changes.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/6276ba2b404829d139c45ff98427cf90e2efc59b\"\u003e\u003ccode\u003e6276ba2\u003c/code\u003e\u003c/a\u003e Update Package management files for version 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/113279a21f754abf10c2b7a019543c43b9c3b74d\"\u003e\u003ccode\u003e113279a\u003c/code\u003e\u003c/a\u003e Improve synchronization of _receivedAppcastItemData (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2877\"\u003e#2877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/7c4741d762df4f7162bfd4f267a4217a3a4a80c9\"\u003e\u003ccode\u003e7c4741d\u003c/code\u003e\u003c/a\u003e Update Package management files for version 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/5df807d5ac88cd912abb5e24747e1c20e06352b8\"\u003e\u003ccode\u003e5df807d\u003c/code\u003e\u003c/a\u003e Update README for 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/c6ab245eba32c85bfe8ad4d51184bcb2c58cf69a\"\u003e\u003ccode\u003ec6ab245\u003c/code\u003e\u003c/a\u003e Update Package management files for version 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/6e370a5ab8293da6a028da49a33f67e9b20d86e1\"\u003e\u003ccode\u003e6e370a5\u003c/code\u003e\u003c/a\u003e Enforce connection to installer to be validated before receiving appcast item...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/cbdc150cfb2fa0ca8b0c1aaed3841bbb18be61d0\"\u003e\u003ccode\u003ecbdc150\u003c/code\u003e\u003c/a\u003e Polish Spanish localization in Sparkle.strings (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2875\"\u003e#2875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/fe7b718d0736f3e139e374e26fbca96f29e13bf0\"\u003e\u003ccode\u003efe7b718\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/d2b796bc3e96c3e60267c8e1a3176db11b07c488\"\u003e\u003ccode\u003ed2b796b\u003c/code\u003e\u003c/a\u003e Update you're up to date Spanish translation to be gender neutral (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2874\"\u003e#2874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/2f33f56afb966ea7fb65f44b077447c27065dd45\"\u003e\u003ccode\u003e2f33f56\u003c/code\u003e\u003c/a\u003e Fix QoS warning when running Test app server on main thread (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2873\"\u003e#2873\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sparkle-project/Sparkle/compare/2.9.1...2.9.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/steipete/peekaboo` from 3.0.0 to 3.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steipete/Peekaboo/releases\"\u003egithub.com/steipete/peekaboo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.1\u003c/h2\u003e\n\u003ch2\u003e[3.2.1] - 2026-05-18\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo click --coords\u003c/code\u003e now treats coordinates as target-window-relative when app/window target flags are supplied, reports resolved target metadata, and requires \u003ccode\u003e--global-coords\u003c/code\u003e for targeted global clicks.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo-mcp\u003c/code\u003e now shuts down cleanly during restart backoff and repairs executable permissions without shelling out through an install path.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epnpm run peekaboo:dev\u003c/code\u003e no longer depends on a hardcoded local checkout path.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now tells models to use the current tool schema instead of stale tool names and arguments. Thanks \u003ca href=\"https://github.com/vyctorbrzezowski\"\u003e\u003ccode\u003e@​vyctorbrzezowski\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/139\"\u003e#139\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAX element detection now honors traversal budgets and reports truncation when depth, count, or per-node child limits are reached. Thanks \u003ca href=\"https://github.com/vyctorbrzezowski\"\u003e\u003ccode\u003e@​vyctorbrzezowski\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/140\"\u003e#140\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e and MCP clients now have an \u003ccode\u003einspect_ui\u003c/code\u003e tool for AX-only UI text/control inspection without capturing screenshots. Thanks \u003ca href=\"https://github.com/vyctorbrzezowski\"\u003e\u003ccode\u003e@​vyctorbrzezowski\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/141\"\u003e#141\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eWindow-mode capture now falls back to desktop-independent ScreenCaptureKit filters when multi-display setups cannot map a window to an enumerated display. Thanks \u003ca href=\"https://github.com/lonexreb\"\u003e\u003ccode\u003e@​lonexreb\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/147\"\u003e#147\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e guidance now routes AX-only observation through \u003ccode\u003einspect_ui\u003c/code\u003e consistently while keeping screenshot-backed checks on \u003ccode\u003esee\u003c/code\u003e. Thanks \u003ca href=\"https://github.com/vyctorbrzezowski\"\u003e\u003ccode\u003e@​vyctorbrzezowski\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/144\"\u003e#144\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom provider docs, CLI help, and macOS settings now prefer \u003ccode\u003e${VAR}\u003c/code\u003e API key references and shell examples that preserve them literally. Thanks \u003ca href=\"https://github.com/scotthuang\"\u003e\u003ccode\u003e@​scotthuang\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/142\"\u003e#142\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now refreshes desktop context before each model turn and wires opt-in action verification through the configured capture strategy. Thanks \u003ca href=\"https://github.com/lonexreb\"\u003e\u003ccode\u003e@​lonexreb\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/148\"\u003e#148\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAX traversal budgets now have wider defaults plus CLI, MCP, and environment overrides for complex app trees. Thanks \u003ca href=\"https://github.com/widdowson\"\u003e\u003ccode\u003e@​widdowson\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/150\"\u003e#150\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/151\"\u003e#151\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease Proof\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003enpm: \u003ca href=\"https://www.npmjs.com/package/@steipete/peekaboo/v/3.2.1\"\u003ehttps://www.npmjs.com/package/@​steipete/peekaboo/v/3.2.1\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003enpm tarball: \u003ca href=\"https://registry.npmjs.org/@steipete/peekaboo/-/peekaboo-3.2.1.tgz\"\u003ehttps://registry.npmjs.org/@​steipete/peekaboo/-/peekaboo-3.2.1.tgz\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003enpm integrity: sha512-EemQV/dh2pM3NjhYNeCwN5z2xVnNCRtiG/lOpUWCG9D11ebaY8mgoKoNAACjDcWwIsSB+tAhzYj9F1Y5bee70A==\u003c/li\u003e\n\u003cli\u003enpm published: 2026-05-18T13:56:48.898Z\u003c/li\u003e\n\u003cli\u003emacOS app: signed, notarized, stapled, and \u003ccode\u003espctl\u003c/code\u003e accepted as Notarized Developer ID.\u003c/li\u003e\n\u003cli\u003eLocal proof: \u003ccode\u003epnpm run lint\u003c/code\u003e, \u003ccode\u003epnpm run format\u003c/code\u003e, \u003ccode\u003epnpm run test:safe\u003c/code\u003e, universal CLI build/package verification, checksum verification, appcast XML validation.\u003c/li\u003e\n\u003cli\u003eAssets: \u003ccode\u003ePeekaboo-3.2.1.app.zip\u003c/code\u003e, \u003ccode\u003epeekaboo-macos-universal.tar.gz\u003c/code\u003e, \u003ccode\u003esteipete-peekaboo-3.2.1.tgz\u003c/code\u003e, \u003ccode\u003echecksums.txt\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e[3.2.0] - 2026-05-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo click --focus-background\u003c/code\u003e and the MCP \u003ccode\u003eclick\u003c/code\u003e tool now support process-targeted background mouse delivery for apps identified by \u003ccode\u003e--app\u003c/code\u003e, \u003ccode\u003e--pid\u003c/code\u003e, or snapshot metadata.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now supports MiniMax M2.7 through Tachikoma's Anthropic-compatible provider path. Thanks \u003ca href=\"https://github.com/xiaofeiwa\"\u003e\u003ccode\u003e@​xiaofeiwa\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/130\"\u003e#130\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now accepts \u003ccode\u003eollama/\u0026lt;model\u0026gt;\u003c/code\u003e and \u003ccode\u003elmstudio/\u0026lt;model\u0026gt;\u003c/code\u003e local model selections, including local-only provider defaults. Thanks \u003ca href=\"https://github.com/0x5845\"\u003e\u003ccode\u003e@​0x5845\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/137\"\u003e#137\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOllama vision model IDs such as \u003ccode\u003eqwen2.5vl:3b\u003c/code\u003e now stay intact through Tachikoma model parsing instead of falling back to \u003ccode\u003ellama3.3\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/16\"\u003e#16\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now initializes with Gemini-only or MiniMax-only credentials instead of falling back to an unavailable OpenAI/Anthropic default. Thanks \u003ca href=\"https://github.com/lonexreb\"\u003e\u003ccode\u003e@​lonexreb\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/133\"\u003e#133\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eWindow captures now retry transient \u003ccode\u003eSCScreenshotManager\u003c/code\u003e failures before reporting a minimized/off-screen/Space hint. Thanks \u003ca href=\"https://github.com/lonexreb\"\u003e\u003ccode\u003e@​lonexreb\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/135\"\u003e#135\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe macOS app now keeps one status item/controller across app state reconnects and removes the status item on teardown, avoiding duplicate or ghost menu bar icons. Thanks \u003ca href=\"https://github.com/lonexreb\"\u003e\u003ccode\u003e@​lonexreb\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/134\"\u003e#134\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eRelease automation now verifies CLI, npm, macOS app, checksum, appcast, and uploaded GitHub assets before publish.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo type --json\u003c/code\u003e now separates requested text from executed key actions, making escaped special keys such as \u003ccode\u003e\\n\u003c/code\u003e visible to agents without losing backwards-compatible \u003ccode\u003etypedText\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo permissions status --all-sources\u003c/code\u003e now compares Bridge and local TCC permission state side by side, so daemon grants are no longer confused with CLI grants.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo mcp serve --transport ...\u003c/code\u003e now rejects invalid transport names instead of silently starting stdio mode.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo paste --app ...\u003c/code\u003e now fails before mutating the clipboard when the requested app cannot be found.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e no longer sends stale Anthropic extended-thinking options to Claude Opus 4.7 and now exits with failure when agent execution fails.\u003c/li\u003e\n\u003cli\u003eCommand timeout JSON now reports the intended timeout error instead of occasionally surfacing cancellation as an unknown error.\u003c/li\u003e\n\u003cli\u003eRefreshed CLI docs and quickstart examples to use current flags such as \u003ccode\u003eimage --path\u003c/code\u003e, \u003ccode\u003eclick --coords\u003c/code\u003e, \u003ccode\u003etype --return\u003c/code\u003e, \u003ccode\u003epress --count\u003c/code\u003e, and \u003ccode\u003escroll --amount\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDebug CLI startup no longer spawns \u003ccode\u003egit config\u003c/code\u003e on every launch when build-staleness checking is disabled, cutting startup-heavy command latency by more than 30% in local testing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/36108b4ea7d7848d616c3cad1e7a03e40d6be857\"\u003e\u003ccode\u003e36108b4\u003c/code\u003e\u003c/a\u003e fix(release): verify Developer ID app signing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/35dfbb26a6a2de44fc37af7229a994f32f636d5b\"\u003e\u003ccode\u003e35dfbb2\u003c/code\u003e\u003c/a\u003e fix(release): disable notary S3 acceleration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/9cd7771b43a19119cabc1f2d66f9e50a7e842f11\"\u003e\u003ccode\u003e9cd7771\u003c/code\u003e\u003c/a\u003e refactor(detection): satisfy release lint gate\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/75e2884e0111aff0b9688b0eace4b8ad561ccdb3\"\u003e\u003ccode\u003e75e2884\u003c/code\u003e\u003c/a\u003e chore(release): prepare 3.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/eba271eaff8a29b2e03a56cf43fee02f0cf4d737\"\u003e\u003ccode\u003eeba271e\u003c/code\u003e\u003c/a\u003e fix(cli): resolve targeted click coordinates (\u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/153\"\u003e#153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/6ce071077a82720cf261a0c023874ef968ae0a44\"\u003e\u003ccode\u003e6ce0710\u003c/code\u003e\u003c/a\u003e feat(detection): expose AX traversal budget controls\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/d211a760fd862f643cc43cf5b5fe3e90de5e1139\"\u003e\u003ccode\u003ed211a76\u003c/code\u003e\u003c/a\u003e feat(agent): wire per-turn context and action verification\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/9bd822faf1868e0ae4fc6db4ea66eda81fd67b8b\"\u003e\u003ccode\u003e9bd822f\u003c/code\u003e\u003c/a\u003e fix(config): preserve custom provider credential references\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/b0845e2e177c9a9f74f4de75bc26d0294c03e724\"\u003e\u003ccode\u003eb0845e2\u003c/code\u003e\u003c/a\u003e docs(config): preserve env references in shell examples\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/8508be1c77226f10381cd2f48f0a3ce8578d94b2\"\u003e\u003ccode\u003e8508be1\u003c/code\u003e\u003c/a\u003e docs: prefer ${VAR} over {env:VAR} for custom provider apiKey\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/steipete/Peekaboo/compare/v3.0.0...v3.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/devicemanager/openclaw/pull/24","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/devicemanager%2Fopenclaw/issues/24","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/24/packages"}},{"old_version":"3.0.0-beta4","new_version":"3.2.1","update_type":"minor","path":null,"pr_created_at":"2026-05-19T06:35:33.000Z","version_change":"3.0.0-beta4 → 3.2.1","issue":{"uuid":"4474999706","node_id":"PR_kwDOSZV4rs7c8inZ","number":16,"state":"closed","title":"chore(deps): bump the swift-deps group across 1 directory with 2 updates","user":"dependabot[bot]","labels":["dependencies","swift_package_manager"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-26T03:03:54.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-19T06:35:33.000Z","updated_at":"2026-05-26T03:03:56.000Z","time_to_close":592101,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"swift-deps","update_count":2,"packages":[{"name":"github.com/sparkle-project/sparkle","old_version":"2.9.1","new_version":"2.9.2","repository_url":"https://github.com/sparkle-project/Sparkle"},{"name":"github.com/steipete/peekaboo","old_version":"3.0.0-beta4","new_version":"3.2.1","repository_url":"https://github.com/steipete/Peekaboo"}],"path":null,"ecosystem":"swift"},"body":"Bumps the swift-deps group with 2 updates in the /apps/macos directory: [github.com/sparkle-project/sparkle](https://github.com/sparkle-project/Sparkle) and [github.com/steipete/peekaboo](https://github.com/steipete/Peekaboo).\n\nUpdates `github.com/sparkle-project/sparkle` from 2.9.1 to 2.9.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparkle-project/Sparkle/releases\"\u003egithub.com/sparkle-project/sparkle's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.2 Appcast Improvements\u003c/h2\u003e\n\u003cp\u003eChanges:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eShow hidden window title in update window for accessibility (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2871\"\u003e#2871\u003c/a\u003e) (Zorg)\u003c/li\u003e\n\u003cli\u003ePolish and update Spanish translations to be gender neutral (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2874\"\u003e#2874\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2875\"\u003e#2875\u003c/a\u003e) (Emilio P Egido)\u003c/li\u003e\n\u003cli\u003eGuard against NULL CFRelease() on failure condition in fallback path (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2867\"\u003e#2867\u003c/a\u003e) (Zorg)\u003c/li\u003e\n\u003cli\u003eGuard against symlinks when applying delta update files (fe7b718) (Zorg, fg0x0)\u003c/li\u003e\n\u003cli\u003eEnforce connection to installer to be validated before receiving appcast item data (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2876\"\u003e#2876\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2877\"\u003e#2877\u003c/a\u003e) (Zorg, fg0x0)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis release contains two high-complex security fixes reported by \u003ca href=\"https://github.com/fg0x0\"\u003e\u003ccode\u003e@​fg0x0\u003c/code\u003e\u003c/a\u003e. The details will be posted in the \u003ca href=\"https://github.com/sparkle-project/Sparkle/discussions/2838\"\u003e2.9 discussion\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003ePlease also check \u003ca href=\"https://github.com/sparkle-project/Sparkle/releases/tag/2.9.1\"\u003e2.9.1\u003c/a\u003e and \u003ca href=\"https://github.com/sparkle-project/Sparkle/releases/tag/2.9.0\"\u003e2.9.0\u003c/a\u003e for previous changes.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/6276ba2b404829d139c45ff98427cf90e2efc59b\"\u003e\u003ccode\u003e6276ba2\u003c/code\u003e\u003c/a\u003e Update Package management files for version 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/113279a21f754abf10c2b7a019543c43b9c3b74d\"\u003e\u003ccode\u003e113279a\u003c/code\u003e\u003c/a\u003e Improve synchronization of _receivedAppcastItemData (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2877\"\u003e#2877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/7c4741d762df4f7162bfd4f267a4217a3a4a80c9\"\u003e\u003ccode\u003e7c4741d\u003c/code\u003e\u003c/a\u003e Update Package management files for version 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/5df807d5ac88cd912abb5e24747e1c20e06352b8\"\u003e\u003ccode\u003e5df807d\u003c/code\u003e\u003c/a\u003e Update README for 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/c6ab245eba32c85bfe8ad4d51184bcb2c58cf69a\"\u003e\u003ccode\u003ec6ab245\u003c/code\u003e\u003c/a\u003e Update Package management files for version 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/6e370a5ab8293da6a028da49a33f67e9b20d86e1\"\u003e\u003ccode\u003e6e370a5\u003c/code\u003e\u003c/a\u003e Enforce connection to installer to be validated before receiving appcast item...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/cbdc150cfb2fa0ca8b0c1aaed3841bbb18be61d0\"\u003e\u003ccode\u003ecbdc150\u003c/code\u003e\u003c/a\u003e Polish Spanish localization in Sparkle.strings (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2875\"\u003e#2875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/fe7b718d0736f3e139e374e26fbca96f29e13bf0\"\u003e\u003ccode\u003efe7b718\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/d2b796bc3e96c3e60267c8e1a3176db11b07c488\"\u003e\u003ccode\u003ed2b796b\u003c/code\u003e\u003c/a\u003e Update you're up to date Spanish translation to be gender neutral (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2874\"\u003e#2874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/2f33f56afb966ea7fb65f44b077447c27065dd45\"\u003e\u003ccode\u003e2f33f56\u003c/code\u003e\u003c/a\u003e Fix QoS warning when running Test app server on main thread (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2873\"\u003e#2873\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sparkle-project/Sparkle/compare/2.9.1...2.9.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/steipete/peekaboo` from 3.0.0-beta4 to 3.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steipete/Peekaboo/releases\"\u003egithub.com/steipete/peekaboo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.1\u003c/h2\u003e\n\u003ch2\u003e[3.2.1] - 2026-05-18\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo click --coords\u003c/code\u003e now treats coordinates as target-window-relative when app/window target flags are supplied, reports resolved target metadata, and requires \u003ccode\u003e--global-coords\u003c/code\u003e for targeted global clicks.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo-mcp\u003c/code\u003e now shuts down cleanly during restart backoff and repairs executable permissions without shelling out through an install path.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epnpm run peekaboo:dev\u003c/code\u003e no longer depends on a hardcoded local checkout path.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now tells models to use the current tool schema instead of stale tool names and arguments. Thanks \u003ca href=\"https://github.com/vyctorbrzezowski\"\u003e\u003ccode\u003e@​vyctorbrzezowski\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/139\"\u003e#139\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAX element detection now honors traversal budgets and reports truncation when depth, count, or per-node child limits are reached. Thanks \u003ca href=\"https://github.com/vyctorbrzezowski\"\u003e\u003ccode\u003e@​vyctorbrzezowski\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/140\"\u003e#140\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e and MCP clients now have an \u003ccode\u003einspect_ui\u003c/code\u003e tool for AX-only UI text/control inspection without capturing screenshots. Thanks \u003ca href=\"https://github.com/vyctorbrzezowski\"\u003e\u003ccode\u003e@​vyctorbrzezowski\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/141\"\u003e#141\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eWindow-mode capture now falls back to desktop-independent ScreenCaptureKit filters when multi-display setups cannot map a window to an enumerated display. Thanks \u003ca href=\"https://github.com/lonexreb\"\u003e\u003ccode\u003e@​lonexreb\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/147\"\u003e#147\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e guidance now routes AX-only observation through \u003ccode\u003einspect_ui\u003c/code\u003e consistently while keeping screenshot-backed checks on \u003ccode\u003esee\u003c/code\u003e. Thanks \u003ca href=\"https://github.com/vyctorbrzezowski\"\u003e\u003ccode\u003e@​vyctorbrzezowski\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/144\"\u003e#144\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom provider docs, CLI help, and macOS settings now prefer \u003ccode\u003e${VAR}\u003c/code\u003e API key references and shell examples that preserve them literally. Thanks \u003ca href=\"https://github.com/scotthuang\"\u003e\u003ccode\u003e@​scotthuang\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/142\"\u003e#142\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now refreshes desktop context before each model turn and wires opt-in action verification through the configured capture strategy. Thanks \u003ca href=\"https://github.com/lonexreb\"\u003e\u003ccode\u003e@​lonexreb\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/148\"\u003e#148\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAX traversal budgets now have wider defaults plus CLI, MCP, and environment overrides for complex app trees. Thanks \u003ca href=\"https://github.com/widdowson\"\u003e\u003ccode\u003e@​widdowson\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/150\"\u003e#150\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/151\"\u003e#151\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease Proof\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003enpm: \u003ca href=\"https://www.npmjs.com/package/@steipete/peekaboo/v/3.2.1\"\u003ehttps://www.npmjs.com/package/@​steipete/peekaboo/v/3.2.1\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003enpm tarball: \u003ca href=\"https://registry.npmjs.org/@steipete/peekaboo/-/peekaboo-3.2.1.tgz\"\u003ehttps://registry.npmjs.org/@​steipete/peekaboo/-/peekaboo-3.2.1.tgz\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003enpm integrity: sha512-EemQV/dh2pM3NjhYNeCwN5z2xVnNCRtiG/lOpUWCG9D11ebaY8mgoKoNAACjDcWwIsSB+tAhzYj9F1Y5bee70A==\u003c/li\u003e\n\u003cli\u003enpm published: 2026-05-18T13:56:48.898Z\u003c/li\u003e\n\u003cli\u003emacOS app: signed, notarized, stapled, and \u003ccode\u003espctl\u003c/code\u003e accepted as Notarized Developer ID.\u003c/li\u003e\n\u003cli\u003eLocal proof: \u003ccode\u003epnpm run lint\u003c/code\u003e, \u003ccode\u003epnpm run format\u003c/code\u003e, \u003ccode\u003epnpm run test:safe\u003c/code\u003e, universal CLI build/package verification, checksum verification, appcast XML validation.\u003c/li\u003e\n\u003cli\u003eAssets: \u003ccode\u003ePeekaboo-3.2.1.app.zip\u003c/code\u003e, \u003ccode\u003epeekaboo-macos-universal.tar.gz\u003c/code\u003e, \u003ccode\u003esteipete-peekaboo-3.2.1.tgz\u003c/code\u003e, \u003ccode\u003echecksums.txt\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e[3.2.0] - 2026-05-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo click --focus-background\u003c/code\u003e and the MCP \u003ccode\u003eclick\u003c/code\u003e tool now support process-targeted background mouse delivery for apps identified by \u003ccode\u003e--app\u003c/code\u003e, \u003ccode\u003e--pid\u003c/code\u003e, or snapshot metadata.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now supports MiniMax M2.7 through Tachikoma's Anthropic-compatible provider path. Thanks \u003ca href=\"https://github.com/xiaofeiwa\"\u003e\u003ccode\u003e@​xiaofeiwa\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/130\"\u003e#130\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now accepts \u003ccode\u003eollama/\u0026lt;model\u0026gt;\u003c/code\u003e and \u003ccode\u003elmstudio/\u0026lt;model\u0026gt;\u003c/code\u003e local model selections, including local-only provider defaults. Thanks \u003ca href=\"https://github.com/0x5845\"\u003e\u003ccode\u003e@​0x5845\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/137\"\u003e#137\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOllama vision model IDs such as \u003ccode\u003eqwen2.5vl:3b\u003c/code\u003e now stay intact through Tachikoma model parsing instead of falling back to \u003ccode\u003ellama3.3\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/16\"\u003e#16\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now initializes with Gemini-only or MiniMax-only credentials instead of falling back to an unavailable OpenAI/Anthropic default. Thanks \u003ca href=\"https://github.com/lonexreb\"\u003e\u003ccode\u003e@​lonexreb\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/133\"\u003e#133\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eWindow captures now retry transient \u003ccode\u003eSCScreenshotManager\u003c/code\u003e failures before reporting a minimized/off-screen/Space hint. Thanks \u003ca href=\"https://github.com/lonexreb\"\u003e\u003ccode\u003e@​lonexreb\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/135\"\u003e#135\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe macOS app now keeps one status item/controller across app state reconnects and removes the status item on teardown, avoiding duplicate or ghost menu bar icons. Thanks \u003ca href=\"https://github.com/lonexreb\"\u003e\u003ccode\u003e@​lonexreb\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/134\"\u003e#134\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eRelease automation now verifies CLI, npm, macOS app, checksum, appcast, and uploaded GitHub assets before publish.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo type --json\u003c/code\u003e now separates requested text from executed key actions, making escaped special keys such as \u003ccode\u003e\\n\u003c/code\u003e visible to agents without losing backwards-compatible \u003ccode\u003etypedText\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo permissions status --all-sources\u003c/code\u003e now compares Bridge and local TCC permission state side by side, so daemon grants are no longer confused with CLI grants.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo mcp serve --transport ...\u003c/code\u003e now rejects invalid transport names instead of silently starting stdio mode.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo paste --app ...\u003c/code\u003e now fails before mutating the clipboard when the requested app cannot be found.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e no longer sends stale Anthropic extended-thinking options to Claude Opus 4.7 and now exits with failure when agent execution fails.\u003c/li\u003e\n\u003cli\u003eCommand timeout JSON now reports the intended timeout error instead of occasionally surfacing cancellation as an unknown error.\u003c/li\u003e\n\u003cli\u003eRefreshed CLI docs and quickstart examples to use current flags such as \u003ccode\u003eimage --path\u003c/code\u003e, \u003ccode\u003eclick --coords\u003c/code\u003e, \u003ccode\u003etype --return\u003c/code\u003e, \u003ccode\u003epress --count\u003c/code\u003e, and \u003ccode\u003escroll --amount\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDebug CLI startup no longer spawns \u003ccode\u003egit config\u003c/code\u003e on every launch when build-staleness checking is disabled, cutting startup-heavy command latency by more than 30% in local testing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/36108b4ea7d7848d616c3cad1e7a03e40d6be857\"\u003e\u003ccode\u003e36108b4\u003c/code\u003e\u003c/a\u003e fix(release): verify Developer ID app signing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/35dfbb26a6a2de44fc37af7229a994f32f636d5b\"\u003e\u003ccode\u003e35dfbb2\u003c/code\u003e\u003c/a\u003e fix(release): disable notary S3 acceleration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/9cd7771b43a19119cabc1f2d66f9e50a7e842f11\"\u003e\u003ccode\u003e9cd7771\u003c/code\u003e\u003c/a\u003e refactor(detection): satisfy release lint gate\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/75e2884e0111aff0b9688b0eace4b8ad561ccdb3\"\u003e\u003ccode\u003e75e2884\u003c/code\u003e\u003c/a\u003e chore(release): prepare 3.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/eba271eaff8a29b2e03a56cf43fee02f0cf4d737\"\u003e\u003ccode\u003eeba271e\u003c/code\u003e\u003c/a\u003e fix(cli): resolve targeted click coordinates (\u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/153\"\u003e#153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/6ce071077a82720cf261a0c023874ef968ae0a44\"\u003e\u003ccode\u003e6ce0710\u003c/code\u003e\u003c/a\u003e feat(detection): expose AX traversal budget controls\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/d211a760fd862f643cc43cf5b5fe3e90de5e1139\"\u003e\u003ccode\u003ed211a76\u003c/code\u003e\u003c/a\u003e feat(agent): wire per-turn context and action verification\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/9bd822faf1868e0ae4fc6db4ea66eda81fd67b8b\"\u003e\u003ccode\u003e9bd822f\u003c/code\u003e\u003c/a\u003e fix(config): preserve custom provider credential references\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/b0845e2e177c9a9f74f4de75bc26d0294c03e724\"\u003e\u003ccode\u003eb0845e2\u003c/code\u003e\u003c/a\u003e docs(config): preserve env references in shell examples\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/8508be1c77226f10381cd2f48f0a3ce8578d94b2\"\u003e\u003ccode\u003e8508be1\u003c/code\u003e\u003c/a\u003e docs: prefer ${VAR} over {env:VAR} for custom provider apiKey\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/steipete/Peekaboo/compare/v3.0.0-beta4...v3.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/DomLynch/openclaw/pull/16","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DomLynch%2Fopenclaw/issues/16","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/16/packages"}},{"old_version":"3.0.0","new_version":"3.2.1","update_type":"minor","path":null,"pr_created_at":"2026-05-19T05:50:42.000Z","version_change":"3.0.0 → 3.2.1","issue":{"uuid":"4474769544","node_id":"PR_kwDOR38uo87c7z4K","number":40,"state":"closed","title":"build(deps): bump the swift-deps group across 1 directory with 2 updates","user":"dependabot[bot]","labels":["dependencies","swift_package_manager"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-21T02:26:54.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-19T05:50:42.000Z","updated_at":"2026-05-21T02:26:56.000Z","time_to_close":160572,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"swift-deps","update_count":2,"packages":[{"name":"github.com/sparkle-project/sparkle","old_version":"2.9.1","new_version":"2.9.2","repository_url":"https://github.com/sparkle-project/Sparkle"},{"name":"github.com/steipete/peekaboo","old_version":"3.0.0","new_version":"3.2.1","repository_url":"https://github.com/steipete/Peekaboo"}],"path":null,"ecosystem":"swift"},"body":"Bumps the swift-deps group with 2 updates in the /apps/macos directory: [github.com/sparkle-project/sparkle](https://github.com/sparkle-project/Sparkle) and [github.com/steipete/peekaboo](https://github.com/steipete/Peekaboo).\n\nUpdates `github.com/sparkle-project/sparkle` from 2.9.1 to 2.9.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparkle-project/Sparkle/releases\"\u003egithub.com/sparkle-project/sparkle's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.9.2 Appcast Improvements\u003c/h2\u003e\n\u003cp\u003eChanges:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eShow hidden window title in update window for accessibility (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2871\"\u003e#2871\u003c/a\u003e) (Zorg)\u003c/li\u003e\n\u003cli\u003ePolish and update Spanish translations to be gender neutral (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2874\"\u003e#2874\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2875\"\u003e#2875\u003c/a\u003e) (Emilio P Egido)\u003c/li\u003e\n\u003cli\u003eGuard against NULL CFRelease() on failure condition in fallback path (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2867\"\u003e#2867\u003c/a\u003e) (Zorg)\u003c/li\u003e\n\u003cli\u003eGuard against symlinks when applying delta update files (fe7b718) (Zorg, fg0x0)\u003c/li\u003e\n\u003cli\u003eEnforce connection to installer to be validated before receiving appcast item data (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2876\"\u003e#2876\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2877\"\u003e#2877\u003c/a\u003e) (Zorg, fg0x0)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis release contains two high-complex security fixes reported by \u003ca href=\"https://github.com/fg0x0\"\u003e\u003ccode\u003e@​fg0x0\u003c/code\u003e\u003c/a\u003e. The details will be posted in the \u003ca href=\"https://github.com/sparkle-project/Sparkle/discussions/2838\"\u003e2.9 discussion\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003ePlease also check \u003ca href=\"https://github.com/sparkle-project/Sparkle/releases/tag/2.9.1\"\u003e2.9.1\u003c/a\u003e and \u003ca href=\"https://github.com/sparkle-project/Sparkle/releases/tag/2.9.0\"\u003e2.9.0\u003c/a\u003e for previous changes.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/6276ba2b404829d139c45ff98427cf90e2efc59b\"\u003e\u003ccode\u003e6276ba2\u003c/code\u003e\u003c/a\u003e Update Package management files for version 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/113279a21f754abf10c2b7a019543c43b9c3b74d\"\u003e\u003ccode\u003e113279a\u003c/code\u003e\u003c/a\u003e Improve synchronization of _receivedAppcastItemData (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2877\"\u003e#2877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/7c4741d762df4f7162bfd4f267a4217a3a4a80c9\"\u003e\u003ccode\u003e7c4741d\u003c/code\u003e\u003c/a\u003e Update Package management files for version 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/5df807d5ac88cd912abb5e24747e1c20e06352b8\"\u003e\u003ccode\u003e5df807d\u003c/code\u003e\u003c/a\u003e Update README for 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/c6ab245eba32c85bfe8ad4d51184bcb2c58cf69a\"\u003e\u003ccode\u003ec6ab245\u003c/code\u003e\u003c/a\u003e Update Package management files for version 2.9.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/6e370a5ab8293da6a028da49a33f67e9b20d86e1\"\u003e\u003ccode\u003e6e370a5\u003c/code\u003e\u003c/a\u003e Enforce connection to installer to be validated before receiving appcast item...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/cbdc150cfb2fa0ca8b0c1aaed3841bbb18be61d0\"\u003e\u003ccode\u003ecbdc150\u003c/code\u003e\u003c/a\u003e Polish Spanish localization in Sparkle.strings (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2875\"\u003e#2875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/fe7b718d0736f3e139e374e26fbca96f29e13bf0\"\u003e\u003ccode\u003efe7b718\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/d2b796bc3e96c3e60267c8e1a3176db11b07c488\"\u003e\u003ccode\u003ed2b796b\u003c/code\u003e\u003c/a\u003e Update you're up to date Spanish translation to be gender neutral (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2874\"\u003e#2874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparkle-project/Sparkle/commit/2f33f56afb966ea7fb65f44b077447c27065dd45\"\u003e\u003ccode\u003e2f33f56\u003c/code\u003e\u003c/a\u003e Fix QoS warning when running Test app server on main thread (\u003ca href=\"https://redirect.github.com/sparkle-project/Sparkle/issues/2873\"\u003e#2873\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sparkle-project/Sparkle/compare/2.9.1...2.9.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/steipete/peekaboo` from 3.0.0 to 3.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steipete/Peekaboo/releases\"\u003egithub.com/steipete/peekaboo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.1\u003c/h2\u003e\n\u003ch2\u003e[3.2.1] - 2026-05-18\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo click --coords\u003c/code\u003e now treats coordinates as target-window-relative when app/window target flags are supplied, reports resolved target metadata, and requires \u003ccode\u003e--global-coords\u003c/code\u003e for targeted global clicks.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo-mcp\u003c/code\u003e now shuts down cleanly during restart backoff and repairs executable permissions without shelling out through an install path.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epnpm run peekaboo:dev\u003c/code\u003e no longer depends on a hardcoded local checkout path.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now tells models to use the current tool schema instead of stale tool names and arguments. Thanks \u003ca href=\"https://github.com/vyctorbrzezowski\"\u003e\u003ccode\u003e@​vyctorbrzezowski\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/139\"\u003e#139\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAX element detection now honors traversal budgets and reports truncation when depth, count, or per-node child limits are reached. Thanks \u003ca href=\"https://github.com/vyctorbrzezowski\"\u003e\u003ccode\u003e@​vyctorbrzezowski\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/140\"\u003e#140\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e and MCP clients now have an \u003ccode\u003einspect_ui\u003c/code\u003e tool for AX-only UI text/control inspection without capturing screenshots. Thanks \u003ca href=\"https://github.com/vyctorbrzezowski\"\u003e\u003ccode\u003e@​vyctorbrzezowski\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/141\"\u003e#141\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eWindow-mode capture now falls back to desktop-independent ScreenCaptureKit filters when multi-display setups cannot map a window to an enumerated display. Thanks \u003ca href=\"https://github.com/lonexreb\"\u003e\u003ccode\u003e@​lonexreb\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/147\"\u003e#147\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e guidance now routes AX-only observation through \u003ccode\u003einspect_ui\u003c/code\u003e consistently while keeping screenshot-backed checks on \u003ccode\u003esee\u003c/code\u003e. Thanks \u003ca href=\"https://github.com/vyctorbrzezowski\"\u003e\u003ccode\u003e@​vyctorbrzezowski\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/144\"\u003e#144\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom provider docs, CLI help, and macOS settings now prefer \u003ccode\u003e${VAR}\u003c/code\u003e API key references and shell examples that preserve them literally. Thanks \u003ca href=\"https://github.com/scotthuang\"\u003e\u003ccode\u003e@​scotthuang\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/142\"\u003e#142\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now refreshes desktop context before each model turn and wires opt-in action verification through the configured capture strategy. Thanks \u003ca href=\"https://github.com/lonexreb\"\u003e\u003ccode\u003e@​lonexreb\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/148\"\u003e#148\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAX traversal budgets now have wider defaults plus CLI, MCP, and environment overrides for complex app trees. Thanks \u003ca href=\"https://github.com/widdowson\"\u003e\u003ccode\u003e@​widdowson\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/150\"\u003e#150\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/151\"\u003e#151\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease Proof\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003enpm: \u003ca href=\"https://www.npmjs.com/package/@steipete/peekaboo/v/3.2.1\"\u003ehttps://www.npmjs.com/package/@​steipete/peekaboo/v/3.2.1\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003enpm tarball: \u003ca href=\"https://registry.npmjs.org/@steipete/peekaboo/-/peekaboo-3.2.1.tgz\"\u003ehttps://registry.npmjs.org/@​steipete/peekaboo/-/peekaboo-3.2.1.tgz\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003enpm integrity: sha512-EemQV/dh2pM3NjhYNeCwN5z2xVnNCRtiG/lOpUWCG9D11ebaY8mgoKoNAACjDcWwIsSB+tAhzYj9F1Y5bee70A==\u003c/li\u003e\n\u003cli\u003enpm published: 2026-05-18T13:56:48.898Z\u003c/li\u003e\n\u003cli\u003emacOS app: signed, notarized, stapled, and \u003ccode\u003espctl\u003c/code\u003e accepted as Notarized Developer ID.\u003c/li\u003e\n\u003cli\u003eLocal proof: \u003ccode\u003epnpm run lint\u003c/code\u003e, \u003ccode\u003epnpm run format\u003c/code\u003e, \u003ccode\u003epnpm run test:safe\u003c/code\u003e, universal CLI build/package verification, checksum verification, appcast XML validation.\u003c/li\u003e\n\u003cli\u003eAssets: \u003ccode\u003ePeekaboo-3.2.1.app.zip\u003c/code\u003e, \u003ccode\u003epeekaboo-macos-universal.tar.gz\u003c/code\u003e, \u003ccode\u003esteipete-peekaboo-3.2.1.tgz\u003c/code\u003e, \u003ccode\u003echecksums.txt\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e[3.2.0] - 2026-05-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo click --focus-background\u003c/code\u003e and the MCP \u003ccode\u003eclick\u003c/code\u003e tool now support process-targeted background mouse delivery for apps identified by \u003ccode\u003e--app\u003c/code\u003e, \u003ccode\u003e--pid\u003c/code\u003e, or snapshot metadata.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now supports MiniMax M2.7 through Tachikoma's Anthropic-compatible provider path. Thanks \u003ca href=\"https://github.com/xiaofeiwa\"\u003e\u003ccode\u003e@​xiaofeiwa\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/130\"\u003e#130\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now accepts \u003ccode\u003eollama/\u0026lt;model\u0026gt;\u003c/code\u003e and \u003ccode\u003elmstudio/\u0026lt;model\u0026gt;\u003c/code\u003e local model selections, including local-only provider defaults. Thanks \u003ca href=\"https://github.com/0x5845\"\u003e\u003ccode\u003e@​0x5845\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/137\"\u003e#137\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOllama vision model IDs such as \u003ccode\u003eqwen2.5vl:3b\u003c/code\u003e now stay intact through Tachikoma model parsing instead of falling back to \u003ccode\u003ellama3.3\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/16\"\u003e#16\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e now initializes with Gemini-only or MiniMax-only credentials instead of falling back to an unavailable OpenAI/Anthropic default. Thanks \u003ca href=\"https://github.com/lonexreb\"\u003e\u003ccode\u003e@​lonexreb\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/133\"\u003e#133\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eWindow captures now retry transient \u003ccode\u003eSCScreenshotManager\u003c/code\u003e failures before reporting a minimized/off-screen/Space hint. Thanks \u003ca href=\"https://github.com/lonexreb\"\u003e\u003ccode\u003e@​lonexreb\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/135\"\u003e#135\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe macOS app now keeps one status item/controller across app state reconnects and removes the status item on teardown, avoiding duplicate or ghost menu bar icons. Thanks \u003ca href=\"https://github.com/lonexreb\"\u003e\u003ccode\u003e@​lonexreb\u003c/code\u003e\u003c/a\u003e for \u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/134\"\u003e#134\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eRelease automation now verifies CLI, npm, macOS app, checksum, appcast, and uploaded GitHub assets before publish.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo type --json\u003c/code\u003e now separates requested text from executed key actions, making escaped special keys such as \u003ccode\u003e\\n\u003c/code\u003e visible to agents without losing backwards-compatible \u003ccode\u003etypedText\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo permissions status --all-sources\u003c/code\u003e now compares Bridge and local TCC permission state side by side, so daemon grants are no longer confused with CLI grants.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo mcp serve --transport ...\u003c/code\u003e now rejects invalid transport names instead of silently starting stdio mode.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo paste --app ...\u003c/code\u003e now fails before mutating the clipboard when the requested app cannot be found.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epeekaboo agent\u003c/code\u003e no longer sends stale Anthropic extended-thinking options to Claude Opus 4.7 and now exits with failure when agent execution fails.\u003c/li\u003e\n\u003cli\u003eCommand timeout JSON now reports the intended timeout error instead of occasionally surfacing cancellation as an unknown error.\u003c/li\u003e\n\u003cli\u003eRefreshed CLI docs and quickstart examples to use current flags such as \u003ccode\u003eimage --path\u003c/code\u003e, \u003ccode\u003eclick --coords\u003c/code\u003e, \u003ccode\u003etype --return\u003c/code\u003e, \u003ccode\u003epress --count\u003c/code\u003e, and \u003ccode\u003escroll --amount\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDebug CLI startup no longer spawns \u003ccode\u003egit config\u003c/code\u003e on every launch when build-staleness checking is disabled, cutting startup-heavy command latency by more than 30% in local testing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/36108b4ea7d7848d616c3cad1e7a03e40d6be857\"\u003e\u003ccode\u003e36108b4\u003c/code\u003e\u003c/a\u003e fix(release): verify Developer ID app signing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/35dfbb26a6a2de44fc37af7229a994f32f636d5b\"\u003e\u003ccode\u003e35dfbb2\u003c/code\u003e\u003c/a\u003e fix(release): disable notary S3 acceleration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/9cd7771b43a19119cabc1f2d66f9e50a7e842f11\"\u003e\u003ccode\u003e9cd7771\u003c/code\u003e\u003c/a\u003e refactor(detection): satisfy release lint gate\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/75e2884e0111aff0b9688b0eace4b8ad561ccdb3\"\u003e\u003ccode\u003e75e2884\u003c/code\u003e\u003c/a\u003e chore(release): prepare 3.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/eba271eaff8a29b2e03a56cf43fee02f0cf4d737\"\u003e\u003ccode\u003eeba271e\u003c/code\u003e\u003c/a\u003e fix(cli): resolve targeted click coordinates (\u003ca href=\"https://redirect.github.com/steipete/Peekaboo/issues/153\"\u003e#153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/6ce071077a82720cf261a0c023874ef968ae0a44\"\u003e\u003ccode\u003e6ce0710\u003c/code\u003e\u003c/a\u003e feat(detection): expose AX traversal budget controls\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/d211a760fd862f643cc43cf5b5fe3e90de5e1139\"\u003e\u003ccode\u003ed211a76\u003c/code\u003e\u003c/a\u003e feat(agent): wire per-turn context and action verification\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/9bd822faf1868e0ae4fc6db4ea66eda81fd67b8b\"\u003e\u003ccode\u003e9bd822f\u003c/code\u003e\u003c/a\u003e fix(config): preserve custom provider credential references\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/b0845e2e177c9a9f74f4de75bc26d0294c03e724\"\u003e\u003ccode\u003eb0845e2\u003c/code\u003e\u003c/a\u003e docs(config): preserve env references in shell examples\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openclaw/Peekaboo/commit/8508be1c77226f10381cd2f48f0a3ce8578d94b2\"\u003e\u003ccode\u003e8508be1\u003c/code\u003e\u003c/a\u003e docs: prefer ${VAR} over {env:VAR} for custom provider apiKey\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/steipete/Peekaboo/compare/v3.0.0...v3.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/ntutangyun/openclaw/pull/40","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ntutangyun%2Fopenclaw/issues/40","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/40/packages"}}]}