v3.7.25
stable 2026-05-29- # Pearl IDE 3.7.25 **Release date:** May 29, 2026 **Platform:** Windows (x64) --- ## Overview Pearl IDE 3.7.25 is the **Remote SSH** release. The Remote Explorer sidebar is rebuilt around the model VS Code users already expect — every configured host is expandable to its previously-opened folders, so jumping back into work on any of your machines takes one click instead of a connect followed by an Open Folder dialog. In the same release, Pearl's SSH stack gains the security guarantees a remote IDE has to ship with: host-key verification against `~/.ssh/known_hosts`, confirmation gates on every agent-driven remote command, loopback-only port forwarding, and integrity verification on the Node runtime that Pearl installs on each remote. ## Highlights ### Remote Explorer with per-host folder history
- **Expandable host rows** — every host from `~/.ssh/config` (plus any
- cloud-managed hosts on your Pearl account) shows a chevron. Open it to reveal the workspace folders you've previously opened on that host, most recent first.
- **One-click reopen** — each folder row carries an "Open Folder in
- Current Window" arrow and an "Open Folder in New Window" icon. Pearl connects to the host and brings the folder up directly, instead of dropping you on an empty Open Folder welcome screen.
- **Active host highlight + inline disconnect** — the host you're
- currently connected to is bolded and tinted, with a disconnect button that reloads the window back to your local environment.
- **Open in New Window inline action** — every non-active host now
- exposes a "Connect in New Window" icon next to the existing connect icon. The command was already wired; it's now actually clickable.
- **Add Host wizard** — the `+` icon in the explorer header runs a
- four-step Quick Input flow (alias → HostName → user → port) with inline validation, and appends a properly-formatted `Host` block to your config. The old behaviour of just opening the config file in an editor is gone.
- **Fix: empty list inside remote workspaces** — when you were already
- connected to a remote, the explorer used to come up blank. It now shows the same list it does locally, so hopping between machines is a real workflow.
- **Status bar uses your alias** — the bottom-left "Pearl: …" label
- shows the config-block name you gave the host (e.g. `prod-api`) instead of the resolved IP. The alias is what you mentally call the machine; that's what the IDE should call it too. ### SSH security hardening
- **Host-key verification** — Pearl now consults `~/.ssh/known_hosts`
- on every connection. Unknown hosts prompt with the SHA-256 fingerprint and a *Trust and Save* / *Trust Once* / *Cancel* choice; known hosts that present a different key are refused outright (same posture as `ssh` on the command line), and `@revoked` markers are honoured. Without this, every Pearl SSH connection was vulnerable to an in-path man-in-the-middle.
- **Agent-mode SSH guardrails** — the `pearl_remote_connect` and
- `pearl_remote_run` tools now require explicit user confirmation before each call, and ship with warnings against the optional "Always Allow" mode. Combined with the host-key check above, this closes the path where a prompt-injected README could send the agent to an attacker-controlled host or run an arbitrary command on a trusted one.
- **Agent exec uses strict known_hosts** — the one-shot exec path used
- by `pearl_remote_run` will not connect to a host that hasn't been trusted interactively first. There is no first-time-trust prompt in agent mode, by design: the user has to bring the host into known hosts via Pearl or `ssh` before the agent can talk to it.
- **Port forwarding bound to loopback** — forwarded ports default to
- `127.0.0.1` instead of binding to all interfaces, so the forwarded remote service is no longer reachable from anyone on the same LAN. An explicit address (e.g. `10.10.10.10:3000`) still opts you in. Duplicate forwards are now rejected instead of silently leaking the previous listener, and the disconnect handler properly tears down its subscription.
- **Node bootstrap integrity check** — the Node runtime Pearl installs
- on each remote is now verified against the official `SHASUMS256.txt` from `nodejs.org/dist/` before unpacking. Both fresh downloads and cached copies in `os.tmpdir()` are checked, so a poisoned cache or CDN compromise is caught instead of silently shipped to the remote.
- **Passphrase prompts capped globally** — the per-key 3-attempt limit
- is replaced with a 5-attempt global budget across all identity files, so a user with many keys is no longer prompted up to 3 × N times for the same password.
- **Multi-key agent-mode auth** — `pearl_remote_run` iterates every
- collected identity file via `authHandler` instead of binding to the first one, matching what the interactive provider already does.
- **Default user follows the OS** — when no `user` is set in
- ssh-config or cloud-host metadata, the SSH user defaults to your local OS username instead of `root`. ## Bug fixes
- Folder-reopen from the Remote Explorer history now correctly opens
- the chosen folder. Theia's workspace bootstrap reads the URL hash as a *path*, not a URI; we were passing the full `file://…` URI and ending up on the empty Open Folder welcome.
- The Remote Explorer no longer hangs on "Loading hosts…" inside a
- remote workspace. SSH-config path resolution now happens on the local-electron backend (always local) instead of via a renderer proxy that didn't return in remote sessions.
- A regression that left the UI without theme or chrome (default
- browser styling, menu bar missing) on first launch of a new build is fixed. An async `@postConstruct` on a service consumed by a `FrontendApplicationContribution` was poisoning Theia's eager startup container; the affected service now lazy-loads on first use. ## Installation & updates
- **New install:** run `PearlSetup.exe` and follow the installer.
- **Existing install:** Pearl updates automatically through its own
- update channel; no manual action is required. ### On first run after upgrade
- The first SSH connection to any host will prompt for host-key trust,
- even if you've connected before. Pearl never populated `~/.ssh/known_hosts` previously — that's the intended catch-up behaviour. Subsequent connections to the same host are silent.
- The Remote Explorer's per-host "Folders" history starts empty.
- Workspace folders you open on a remote from this release onward are recorded automatically. --- *Thank you for using Pearl IDE. Feedback and issue reports are always welcome.*