Official2026-05-16

DeepSeek TUI latest stable signal: v0.8.28 docs add doctor, Docker, skill paths, and latest-stable security guidance

Today's publishable developer update is narrowly scoped to DeepSeek TUI: the project now presents v0.8.28 as latest stable, documents `deepseek doctor`, adds Docker as an official install path, expands skill discovery details, and tells users that only the latest stable release receives security patches.

Accepted developer update

This is a focused DeepSeek TUI update, not a broad market recap. Since this site's last TUI publish was anchored to v0.8.17-era install fixes, the upstream project has moved forward in ways that are worth reflecting on crawlable setup pages.

The meaningful changes checked today are:

  • Latest stable has moved to v0.8.28 on the main GitHub repository.
  • Setup guidance is broader and more operational: the README now tells users to run deepseek doctor, explains that credentials are saved in ~/.deepseek/config.toml, and documents auto mode, session resume, and explicit model routing more clearly.
  • Docker is now listed as an official install path in the project README alongside npm, Cargo, release binaries, and Scoop.
  • Skill discovery is more concrete: the README now lists both workspace and global skill directories, including .agents/skills, .claude/skills, .cursor/skills, and ~/.deepseek/skills, plus GitHub-based community skill install commands.
  • Security posture is explicit now: the GitHub security page says only the latest stable release is supported, and it publicly lists multiple advisories published on May 9-10, 2026. That makes "stay on old install snippets" a bad recommendation.

Why this belongs on the TUI guide

The May 15 update already covered the paired-binary install requirement and the MISSING_COMPANION_BINARY failure mode. Today's delta is different: it changes what a safe, current "baseline install" looks like.

The best public guidance now is:

  1. Install the current stable release, not an older 0.8.17 example.
  2. Use npm, Cargo, Docker, Scoop, or verified release binaries from the official repo.
  3. Save credentials with deepseek auth set --provider deepseek.
  4. Run deepseek doctor immediately after install.
  5. Treat README skill paths and the security policy as part of the setup documentation, not as secondary trivia.

What we checked but did not publish as standalone updates

  • DeepSeek local deployment: the official DeepSeek V4 Flash Hugging Face card still exposes the same vLLM, SGLang, Docker Model Runner, and curl-validation path already reflected in this site's maintained guide. No new official local-runtime delta was strong enough for a fresh publish today.
  • DeepSeek in Claude Code: DeepSeek's official Claude Code integration page still documents the Anthropic-compatible environment variables, including CLAUDE_CODE_SUBAGENT_MODEL=deepseek-v4-flash and CLAUDE_CODE_EFFORT_LEVEL=max. That remains useful, but there was no clearly newer official change to publish over yesterday's documentation state.
  • Community GGUF / Ollama / Claude Desktop gateway posts: checked as discovery leads only. They are useful background, but not strong enough for publication today because the best evidence still lives outside official DeepSeek docs and does not shift this site's maintained guidance safely enough.

Editorial takeaway

Today's accepted change belongs on the DeepSeek TUI guide, the dedicated /deepseek-tui landing page, and the news stream. It does not affect pricing cards, stock, or any purchasable-plan surface.

Sources checked

View original source