Closes #52586

## Summary
- cap the restricted project list height inside the security modal and
make it scroll
- cap the modal body content height so the action buttons stay reachable
on smaller screens
- add a regression test that reproduces the overflow scenario with many
restricted projects in a constrained window

## Validation
- manually reproduced the overflow by opening 60 untrusted projects in a
720x620 window before the fix
- cargo test -p workspace
test_security_modal_project_list_scrolls_when_many_projects_are_restricted
- cargo check -p workspace

Release Notes:

- Fixed restricted mode dialogs overflowing past the window when many
unrecognized projects are open.

---------

Co-authored-by: Danilo Leal <daniloleal09@gmail.com>

Add http_client::oauth_callback_page() that generates a nicely styled
HTML page with Zed branding for OAuth callback responses. Use it in
both the ChatGPT subscription provider and the MCP context server
OAuth flow, replacing the unstyled inline HTML in both places.

The template is parameterized on title and message so both callers
get consistent styling that updates in one place.

A single read() could miss query parameters if the browser's HTTP
request is split across TCP segments. Read in a loop until the
header terminator is found.

If the system clock is before the UNIX epoch, the silent unwrap_or(0)
would cause broken credential expiry behavior. Now the error is
visible in logs.

Previously a schema change or corruption would silently show the
user as signed out. Now a log::warn helps diagnose the issue.

The hand-rolled percent_decode was incorrect for multi-byte UTF-8
(decoded each byte as an independent char). Use url::Url for building
the auth URL and form_urlencoded::parse for decoding the callback
query string. Remove both hand-rolled functions.

The ConfigurationView shows 'Signed in as {email}' but the email
was never populated. OpenAI's token endpoint doesn't include email
at the top level — it's in the JWT id_token claims. Refactor
extract_account_id into extract_jwt_claims that parses the JWT once
and returns both account_id and email.

The ConfigurationView was duplicating sign-out logic (missing the
sign_in_task cancellation) and constructing a throwaway provider for
sign-in. Extract both into free functions so the provider and the
view share the same implementation.

Dropping sign_in_task prevents a completing OAuth flow from writing
credentials back into state after the user has signed out.

Early-return if a sign-in task is already in progress. Without this,
a second call would drop the existing task (cancelling it while port
1455 may still be bound) and the new task could fail to bind.

Replace hand-rolled format! string interpolation with
url::form_urlencoded::Serializer in exchange_code and refresh_token.
The previous code didn't percent-encode the code, verifier, or
refresh_token values, which would break if they contained &, =, or +.

If the user starts the sign-in flow but never completes it in the
browser, the TCP listener on port 1455 would block forever. Race
the accept against a 2-minute timer so the port is released and the
UI gets a meaningful error.

Multiple concurrent stream_completion calls seeing expired credentials
would all independently call refresh_token(). With OAuth rotating
refresh tokens, the first refresh invalidates the old token, causing
all subsequent concurrent refreshes to fail.

Add a Shared<Task> to State so the first caller to notice expiry
spawns the refresh task and subsequent callers join the same future.

The Codex backend (chatgpt.com/backend-api/codex) only supports a subset
of OpenAI models. Replace the open_ai::Model::iter() approach with a
dedicated ChatGptModel enum listing only the models that work through
the Codex backend, based on Roo Code's Codex model catalog:

- gpt-5.4, gpt-5.4-mini
- gpt-5.3-codex, gpt-5.3-codex-spark
- gpt-5.2-codex, gpt-5.2
- gpt-5.1-codex-max, gpt-5.1-codex, gpt-5.1-codex-mini, gpt-5.1
- gpt-5-codex, gpt-5-codex-mini, gpt-5

Older models (gpt-3.5-turbo, gpt-4, o1, o3, etc.) and the deprecated
codex-mini-latest are removed since they aren't available through this
backend.

- Replace the hardcoded CodexModel enum (3 models) with open_ai::Model,
  so all standard OpenAI models appear in the dropdown after signing in.
- Add o4-mini as a proper variant in open_ai::Model.
- Keep codex-mini-latest as a Custom model entry.
- Add instructions field to responses::Request and extract system
  messages into it for the Codex backend (fixes 'Instructions are
  required' error).
- Delegate to open_ai::Model for supports_images, max_output_tokens,
  count_tokens, and supports_parallel_tool_calls instead of hardcoding.

- Propagate refreshed credentials to in-memory State immediately after
  persisting, so subsequent requests don't redundantly refresh again
- Clear sign_in_task when keychain write fails during OAuth, so the
  UI doesn't get stuck in a permanent "Signing in..." state

Adds a new language model provider that authenticates users with their
ChatGPT Plus/Pro subscription using OpenAI's Codex CLI OAuth client,
then routes requests to chatgpt.com/backend-api/codex/responses.

- New openai_subscribed provider with OAuth PKCE sign-in flow
- Stores credentials in the system keychain (access + refresh tokens)
- Auto-refreshes tokens within 5 minutes of expiry
- Exposes codex-mini-latest, o4-mini, and o3 models
- Adds `store` field and `extra_headers` param to Responses API client

Fixes some issues concerning volume mounts in the `dev_container`
integration:
1. Docker Compose services that don't define a volumes key cause
deserialization to fail because the field was required. This field is
not strictly necessary, i.e. for other services in a docker compose
devcontainer configuration which the editor is not attached to.
1. Volume mounts where source or target is absent (e.g. `tmpfs` mounts
that only need a target) also fail to parse because both fields were
required. This makes the source key optional, matching the Docker
Compose spec.

Self-Review Checklist:

- [x] I've reviewed my own diff for quality, security, and reliability
- [x] Unsafe blocks (if any) have justifying comments
- [x] The content is consistent with the [UI/UX
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
- [x] Tests cover the new/changed behavior
- [x] Performance impact has been considered and is acceptable

Release Notes:

- Fixed devcontainer initialization erroneously requiring each service
to have a volumes key.
- Fixed devcontainer initialization erroneously requiring source keys
for all volume mounts.

---------

Co-authored-by: KyleBarton <kjb@initialcapacity.io>

Changes the default CLI behavior when opening directories:

- `zed foo/` now adds `foo/` as a new workspace in the active window's
MultiWorkspace and opens the sidebar, instead of creating a new window.
If `bar/` was previously open, both `foo/` and `bar/` are retained as
separate workspaces in the sidebar.
- `zed -n foo/` continues to open a new window without the sidebar
(unchanged behavior).
- `zed -a foo/` continues to add to the existing workspace (unchanged
behavior).

The new behavior is gated on `multi_workspace_enabled` (the `agent-v2`
feature flag). Without the flag, directories open in a new window as
before, avoiding a situation where the workspace gets replaced with no
sidebar to switch back.

The change is contained to `open_paths()` in
`crates/workspace/src/workspace.rs`. When no CLI flag is specified and
no existing workspace matches the paths, we now look for the active
window and set `requesting_window` so that `Workspace::new_local` adds
the new workspace to it rather than creating a new window.

Release Notes:

- N/A

### Summary 

This PR fixes an issue where the git graph wouldn't refresh its state
correctly unless HEAD changed. Now repository emits events when the
branch list has changed, and invalidates the graph data cache when the
stash or branch list has changed.

I also renamed the event `Repository::BranchedChanged` to
`Repository::HeadChanged` as well.

Self-Review Checklist:

- [x] I've reviewed my own diff for quality, security, and reliability
- [x] Unsafe blocks (if any) have justifying comments
- [x] The content is consistent with the [UI/UX
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
- [x] Tests cover the new/changed behavior
- [x] Performance impact has been considered and is acceptable

Closes #53080

Release Notes:

- N/A or Added/Fixed/Improved ...

Fixes a parsing issue where docker env var key/value pairs can contain
an "=" character in the value. This is pretty common and present in all
[nvidia/cuda](https://hub.docker.com/r/nvidia/cuda) docker images. Also
adds some tests for env var parsing.

Self-Review Checklist:

- [x] I've reviewed my own diff for quality, security, and reliability
- [x] Unsafe blocks (if any) have justifying comments
- [x] The content is consistent with the [UI/UX
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
- [x] Tests cover the new/changed behavior
- [x] Performance impact has been considered and is acceptable

Release Notes:

- Fixed a parsing failure where docker env var key/value pairs can
contain an "=" character in the value.

Semantic merge conflict due to multibuffer API changes

Self-Review Checklist:

- [x] I've reviewed my own diff for quality, security, and reliability
- [x] Unsafe blocks (if any) have justifying comments
- [x] The content is consistent with the [UI/UX
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
- [x] Tests cover the new/changed behavior
- [x] Performance impact has been considered and is acceptable

Release Notes:

- N/A

## Context

When the dev container creation modal is showing "Creating Dev
Container", clicking anywhere on the workspace backdrop dismisses the
dialog. The container creation continues in the background, but the user
loses visual feedback and the subsequent `open_remote_project` call may
fail because the modal entity is gone.

This adds an `allow_dismissal` flag to `RemoteServerProjects` that
blocks accidental dismissal (backdrop clicks, focus loss) while a dev
container is being created, but allows explicit dismissal on success or
error.

## How to Review

Small PR — two files changed:

1. **`remote_servers.rs`** (the fix): `allow_dismissal` bool field
added, set to `false` when entering Creating state, set to `true` before
emitting `DismissEvent` on success/error. `on_before_dismiss` override
checks the flag.
2. **`recent_projects.rs`** (the test): Regression test that opens a dev
container modal, simulates a backdrop click, and asserts the modal stays
open.

## Self-Review Checklist

- [x] I've reviewed my own diff for quality, security, and reliability
- [x] Unsafe blocks (if any) have justifying comments
- [x] The content is consistent with the [UI/UX
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
- [x] Tests cover the new/changed behavior
- [x] Performance impact has been considered and is acceptable

Release Notes:

- Fixed dev container creation modal being dismissed when clicking
outside it

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

Closes #52879

## Summary

VS Code binds `Ctrl+R` to open recent workspaces/folders on all
platforms (Windows, macOS, and Linux). Zed already had this binding in
`default-windows.json`, but it was missing from `default-macos.json` and
`default-linux.json`.

Since `BaseKeymap::VSCode` returns no supplemental keymap file and
relies entirely on the platform default keymaps, users who selected VS
Code keybindings on macOS or Linux would not get the expected `Ctrl+R`
behavior — instead getting nothing, or having to use the non-VSCode
binding (`Alt+Cmd+O` / `Alt+Ctrl+O`).

This adds the missing binding to both platform defaults, consistent with
what Windows already had.

## Screenshot
The default keybinding in VS Code:
<img width="1512" height="319" alt="Screenshot 2026-04-01 at 07 38 09"
src="https://github.com/user-attachments/assets/12d483a3-3c52-4649-a00f-ee2b8e40bc8c"
/>


Release Notes:

- Added `Ctrl+R` keybinding for opening recent projects on macOS and
Linux, matching VS Code's default behavior on all platforms.

This PR makes it so using that button from the sidebar's recent projects
picker _does not_ add a new window with that project, but rather, add it
to the current multi-workspace/sidebar. Previously, the `Open` action
was defaulting to true even if `false` was passed to its
`create_new_window` condition.

Release Notes:

- N/A

## Context

<!-- What does this PR do, and why? How is it expected to impact users?
     Not just what changed, but what motivated it and why this approach.

Link to Linear issue (e.g., ENG-123) or GitHub issue (e.g., Closes #456)
     if one exists — helps with traceability. -->
     
Fixes a bug where project symbol search navigates to the wrong position
when diff hunks are expanded. The cursor would land offset by the number
of lines added by the expanded diffs (Closes #51331). Now, users
navigating to symbols via project symbol search will land on the correct
position even when diff hunks are expanded in the editor.

The fix converts the buffer position to a `multi_buffer::Anchor` before
passing it to `select_ranges`, so it resolves correctly through the diff
transform layer instead of being interpreted as a literal MultiBuffer
coordinate.

Previously, the symbol's position was passed as a raw coordinate to the
editor, which interpreted it relative to what's displayed on screen
(including expanded diff lines). The fix converts the position to an
anchor, which is tied to the actual content in the file rather than a
screen position.

## How to Review

<!-- Help reviewers focus their attention:
- For small PRs: note what to focus on (e.g., "error handling in
foo.rs")
- For large PRs (>400 LOC): provide a guided tour — numbered list of
files/commits to read in order. (The `large-pr` label is applied
automatically.)
     - See the review process guidelines for comment conventions -->
     
- All changes are in `crates/project_symbols/src/project_symbols.rs`.
Most of the changes are in `confirm()` method (Lines 142-154).
  - There's also one change on the first line of the file.

## Self-Review Checklist

<!-- Check before requesting review: -->
- [x] I've reviewed my own diff for quality, security, and reliability
- [ ] Unsafe blocks (if any) have justifying comments
- [x] The content is consistent with the [UI/UX
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
- [x] Tests cover the new/changed behavior
- [x] Performance impact has been considered and is acceptable

Release Notes:

- Fixed a bug where project symbols did not take you to the correct
location when diffs are expanded.

Context

The markdown preview had no search functionality — pressing Ctrl+F did
nothing. This PR implements the SearchableItem trait for
MarkdownPreviewView, enabling in-pane text search with match
highlighting and navigation.

  Changes span four crates:

- project: Added SearchQuery::search_str() — a synchronous method to
search plain &str text, since the existing search() only works on
BufferSnapshot.
- markdown: Added search highlight storage to the Markdown entity and
paint_search_highlights to MarkdownElement. Extracted the existing
selection painting into a reusable paint_highlight_range helper to avoid
duplicating quad-painting logic.
- markdown_preview: Implemented SearchableItem with full match
navigation, active match tracking, and proper SearchEvent emission
matching Editor behavior.
- Keymaps: Added buffer_search::Deploy bindings to the MarkdownPreview
context on all three platforms.
  
The PR hopefully Closes
https://github.com/zed-industries/zed/issues/27154

  How to Review

1. crates/project/src/search.rs — search_str method at the end of impl
SearchQuery. Handles both Text (AhoCorasick) and Regex variants with
whole-word and multiline support.
  2. crates/markdown/src/markdown.rs — Three areas:
    - New fields and methods on Markdown struct (~line 264, 512-548)
- paint_highlight_range extraction and paint_search_highlights (~line
1059-1170)
    - The single-line addition in Element::paint (~line 2003)
3. crates/markdown_preview/src/markdown_preview_view.rs — The main
change. Focus on:
- SearchEvent::MatchesInvalidated emission in schedule_markdown_update
(line 384)
    - EventEmitter<SearchEvent> and as_searchable (lines 723, 748-754)
- The SearchableItem impl (lines 779-927), especially active_match_index
which computes position from old highlights to handle query changes
correctly
  4. Keymap files — Two lines each for Linux/Windows, one for macOS.

  Self-Review Checklist

- [ x ] I've reviewed my own diff for quality, security, and reliability
- [ x ] Unsafe blocks (if any) have justifying comments (no unsafe)
- [ x ] The content is consistent with the [UI/UX
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
(should be :smile: )
- [ - ] Tests cover the new/changed behavior (not sure)
- [ - ] Performance impact has been considered and is acceptable (I'm
not sure about it and it would be nice to see experienced people to
test)


Release Notes:
- Added search support (Ctrl+F / Cmd+F) to the markdown preview

---------

Co-authored-by: Conrad Irwin <conrad.irwin@gmail.com>

Dev Containers should run a script which updates the remote UID of the
image user, so that files are still accessible. This was being run
incorrectly (on the Docker-compose side) or not at all (in the case of a
plain dev container image). This change fixes this

Self-Review Checklist:

- [x] I've reviewed my own diff for quality, security, and reliability
- [x] Unsafe blocks (if any) have justifying comments
- [x] The content is consistent with the [UI/UX
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
- [x] Tests cover the new/changed behavior
- [x] Performance impact has been considered and is acceptable

Closes #53081

Release Notes:

- Fixed dev container behavior for configs which use images without a
dockerfile

Follow up to https://github.com/zed-industries/zed/pull/49807

Previously, when there were multiple conflicts across the codebase, we
would pop a toast at the bottom right corner of the UI. A toast seemed
like a functional idea because it'd be visible from any state of the app
and thus it'd be a good place to expose the button that allows you to
quickly prompt the agent to resolve all conflicts, as opposed to
creating a thread for each individual one. However, the toast was met
with some negative (and correct) feedback, mostly because it is
interruptive, and thus can sometimes block very relevant surfaces, like
either the agent panel itself or the Git commit area.

Therefore, in this PR, I'm removing the toast and adding a button in the
status bar instead; a bit more minimal, not interruptive, and a common
place for other items that might require your attention. The status bar
can be quite busy these days, though; we can display diagnostics, LSP
status, and file names in there; conscious of that. But it felt like it
could work given this button is such a transient one that you can either
easily manually dismiss or wait for it to be auto-dismissed as you or
the agent resolves the merge conflicts.

<img width="500" height="864" alt="Screenshot 2026-04-02 at 9  15@2x"
src="https://github.com/user-attachments/assets/4412a05c-77d0-4391-8ea1-25d1749b5e20"
/>

Release Notes:

- Git: Improved how we surface the affordance to resolve codebase-wide
merge conflicts with the agent in the UI.
- Agent: Added a setting to control whether or not the button to resolve
merge conflicts with the agent should be displayed.

## Context

Closes #51874

the repl is able to recognize that the venv is managed by uv, but still
runs `python -m pip install ipykernel`, despite this not working. this
PR fixes that behavior and uses uv to install ipkernel.

## How to Review

Added a path that uses uv to install ipykernel in repl_editor.rs
Added a function to repl_store.rs that allows updating the venv as
having ipykernel installed after installing it.


## Videos

Old Behavior:


https://github.com/user-attachments/assets/9de81cc9-cd78-4570-ad57-550f5ecabffa

New Behavior:


https://github.com/user-attachments/assets/391f54c7-ae67-4d85-8f4f-9d87ddc8db63


## Self-Review Checklist

<!-- Check before requesting review: -->
- [x] I've reviewed my own diff for quality, security, and reliability
- [x] Unsafe blocks (if any) have justifying comments
- [x] The content is consistent with the [UI/UX
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
- [x] Tests cover the new/changed behavior
- [x] Performance impact has been considered and is acceptable

Release Notes:

- repl: Fixed installing ipykernel with uv managed environements

This PR fixes an issue where an image mention would have its label reset
to just "Image", instead of persisting the original label, when the
prompt got submitted.

Closes #48564

Release Notes:

- agent: Fixed image mention labels by persisting the file name after
submitting the prompt
- agent: Fixed directory mentions being incorrectly parsed as files when
pasting into prompt editor

---------

Co-authored-by: Bennet Bo Fenner <bennetbo@gmx.de>

This PR bumps the version of the Proto extension to v0.3.2.

Release Notes:

- N/A

Co-authored-by: zed-zippy[bot] <234243425+zed-zippy[bot]@users.noreply.github.com>

This PR bumps the version of the GLSL extension to v0.2.3.

Release Notes:

- N/A

Co-authored-by: zed-zippy[bot] <234243425+zed-zippy[bot]@users.noreply.github.com>

Release Notes:

- N/A

Closes #53167

Self-Review Checklist:

- [x] I've reviewed my own diff for quality, security, and reliability
- [x] Unsafe blocks (if any) have justifying comments
- [x] The content is consistent with the [UI/UX
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
- [ ] Tests cover the new/changed behavior
- [x] Performance impact has been considered and is acceptable

Release Notes:

- Fixed horizontal rules and blockquotes not being visible in the
Markdown preview.

This PR stops us from eagerly restoring multiple workspaces when
re-opening a window. It also should make us reliably return to the right
workspace, with the right groups in the sidebar.

There is still more work needed on our workspace persistence, especially
making remote workspaces behave more consistently with local workspaces
with respect to the sidebar. We can tackle that in follow-up PRs.

Release Notes:

- N/A

As part of the work that is being developed for the Project Panel's Undo
& Redo system, in
https://github.com/zed-industries/zed/tree/5039-create-redo , we're
implementing an asynchronous task queue which simply receives a message
with the operation/change that is meant to be carried out, in order to
ensure these run in a sequential fashion.

While trying to use `futures_channel::mpsc::Receiver`, it was noted that
`recv` method was not available so this Pull Request updates the
`futures` crate to `0.3.32`, where it is available.

This version also deprecates `try_next` in favor of `try_recv` so this
Pull Request updates existing callers of `try_next` to use `try_recv`,
which was mostly updating the expected return type from
`Result<Option<T>>` to `Result<T>`.

Co-authored-by: Yara <git@yara.blue>

* Don't require a workspace to be loaded in order to render the group
header menu.
* When adding or removing root folders, do it to *every* workspace in
the group.
* When activating a thread, never open a different window, and never
open it in a workspace that's part of a different groupw with a superset
of the thread's worktrees. Find or create a workspace with the exact
right group of root folders.

Release Notes:

- N/A

Currently, when pressing Shift+Tab to change Zed Agent's profile, the UI
isn't immediately updated. This PR fixes this issue so the `Change
Profile` button updates immediately after pressing Shift+Tab.

The current behavior. Observe that the `Change Profile` button doesn't
update right after Shift+Tab changes the active profile:


https://github.com/user-attachments/assets/fa1e6488-0dc3-4cc9-a4f3-7f62da48cc19

After this fix, the button text is update immediately on profile change:


https://github.com/user-attachments/assets/93261b11-037a-42c9-b1b8-0ca1e1adb851

---

Release Notes:

- Fixed Zed Agent profile selector button not visually updating when
cycled with Shift+Tab.

Signed-off-by: k4yt3x <i@k4yt3x.com>

Self-Review Checklist:

- [x] I've reviewed my own diff for quality, security, and reliability
- [x] Unsafe blocks (if any) have justifying comments
- [x] The content is consistent with the [UI/UX
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
- [x] Tests cover the new/changed behavior
- [x] Performance impact has been considered and is acceptable

Release Notes:

- N/A

Some model like glm-5、kimi-k2.5 support reasoning, but require
reasoning_effort parameter

This pr add support for setting reasoing_effort for openai compatible
models

Tested using the following config:

```json
{
  "language_models": {
    "openai_compatible": {
      "My LiteLLM": {
        "available_models": [
          {
            "name": "glm-5",
            "display_name": "glm-5",
            "max_tokens": 73728,
            "reasoning_effort": "low"
          },
          {
            "name": "kimi-k2.5",
            "display_name": "kimi-k2.5",
            "max_tokens": 262144,
            "reasoning_effort": "low"
          }
        ]
      }
    }
  }
}

```

Release Notes:

- Added a setting to control `reasoning_effort` in custom
OpenAI-compatible models

It's possible to create a multibuffer anchor that points into a specific
excerpted buffer (so not min/max), but whose main buffer `text::Anchor`
isn't contained in any of the excerpts for that buffer. When summarizing
such an anchor, we map it to the multibuffer position of the start of
the next excerpt after where the anchor "should" appear. Or at least,
that's the intention, but it turned out we had some bugs in
`summary_for_anchor` and `summaries_for_anchors` that caused them to
return bizarre summaries for these anchors. This PR fixes that and also
updates `test_random_multibuffer` to actually test
`MultiBufferSnapshot::summary_for_anchor` against a reference
implementation, including for out-of-bounds anchors.

Self-Review Checklist:

- [x] I've reviewed my own diff for quality, security, and reliability
- [x] Unsafe blocks (if any) have justifying comments
- [x] The content is consistent with the [UI/UX
checklist](https://github.com/zed-industries/zed/blob/main/CONTRIBUTING.md#uiux-checklist)
- [x] Tests cover the new/changed behavior
- [x] Performance impact has been considered and is acceptable

Release Notes:

- N/A

---------

Co-authored-by: Anthony <anthony@zed.dev>
Co-authored-by: Max <max@zed.dev>
Co-authored-by: Anthony Eid <hello@anthonyeid.me>

The archive view's `fuzzy_match_positions` used `chars().enumerate()`
which produces **character indices**, not **byte indices**. When thread
titles contain multi-byte UTF-8 characters (emoji, CJK, accented
characters, etc.), these character indices don't correspond to valid
byte boundaries, causing a panic in `HighlightedLabel::new` which
asserts that highlight indices are valid UTF-8 boundaries.

The fix switches to `char_indices()` and `eq_ignore_ascii_case()` to
produce correct byte positions, matching the approach already used by
the sidebar's version of the same function.

Release Notes:

- Fixed a crash when searching archived threads whose titles contain
emoji or other non-ASCII characters.

Release Notes:

* [x] It's possible to get into a state where agent panel shows a thread
that is archived

- N/A

---------

Co-authored-by: Eric Holk <eric@zed.dev>
Co-authored-by: Mikayla Maki <mikayla.c.maki@gmail.com>