Changelog

Every release, straight from the source. New features, fixes, and improvements — versioned and dated. View on GitHub.

v0.9.102

Latest

Adds slack bind-thread (bind a session to a Slack thread for approval-reply loops; #4385) plus all other pending main changes promoted through staging (v0.9.102-staging, commit 6275ff93). Enables the WRING funding-request APPROVE-in-thread flow.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.101...v0.9.102

Release on GitHub →

v0.9.101

This release fixes a timing bug that could make an agent miss the very first message of a session, tightens single sign-on for teams, makes gateway errors say what actually went wrong, and hardens how OAuth tokens are stored.

Fixed

  • Agents now reliably reply to your first message. On a fast cold start, the agent could fire your opening prompt before it had finished subscribing to its own event stream — so a quick first turn finished in that gap and the reply was lost (most visible as a silent first message in Slack). The agent now subscribes first, reconciles anything it missed on connect, and delivers each turn's end exactly once.
  • Clearer gateway errors instead of a generic failure. When an upstream model provider failed mid-response (for example, an overloaded or request-too-large error on an otherwise-started stream), the gateway used to bury it as a generic "empty completion" and retry the same failing provider until it gave up. It now surfaces the real upstream error and message, drops the failed provider immediately, and fails over to another one when available.
  • SSO group-to-role sync now works for SAML. SAML providers weren't registered with a group-claim mapping, so the group attribute never reached the token and group-driven role assignment silently did nothing (login still worked). Providers now register with the correct mapping, and the SSO setup card documents the common identity-provider gotchas.
  • SCIM group membership applies to pending invites. A user provisioned via SCIM but not yet signed in was silently dropped from pushed groups. Their group is now recorded on the invite and applied automatically when they accept, matching how project access already works.

Improved

  • Sandbox templates show which provider they use. Each template card and recent build now carries a small provider chip (Daytona, Platinum, Managed), and the templates section is tidier and less cluttered.
  • CLI secrets match the web app. kortix secrets set --identifier KEY=VALUE lets you store more than one value under the same key from the terminal, and kortix secrets ls now lists by identifier and flags any missing required keys — bringing the CLI in line with the web Add-secret experience.
  • CLI token context shows your environment grant. kortix token / whoami --token-only now include the env part of an agent grant (not just connectors and CLI access), and a bound default project points you at kortix projects use to switch.

Behind the scenes

  • OAuth server access and refresh tokens are now stored with peppered scrypt, matching every other credential (previously plain SHA-256). Existing tokens keep working until they expire.
  • All OpenRouter usage now attributes to one canonical app (www.kortix.com) instead of splitting across per-environment entries.
  • Removed an unused internal session-LLM route that no client called.
  • Trimmed frontend build spend by skipping builds that don't touch the frontend and gating preview builds.

Kortix is open and source-available.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.100...v0.9.101

Release on GitHub →

v0.9.100

New

  • Marketplace imports. Agents, commands and bundles install into a project in one click. The detail view now shows what a listing actually contains — bundle contents, capability badges, type-aware copy — before you add it.
  • Groups and custom roles on every plan. Previously limited by tier; now available to all accounts.
  • Answer permission prompts from the CLI. Sessions that pause for approval can be resolved without leaving the terminal.
  • One-click Slack connect via kortix channels connect — no manual app setup.
  • Review center approvals. Approve and deny executor requests for real, with change descriptions rendered as markdown.
  • OAuth1 connectors for OpenAPI and HTTP.
  • Always-bound project CLI. login binds a default project; unbound commands recover interactively instead of failing.

Improved

  • kortix.toml is now kortix.yaml (TOML stays supported as v1 legacy), with format-aware manifest errors and agent-scope/trigger-path parity.
  • Destructive actions are confirm-gated: deleting secrets, revoking gateway keys, deleting sandbox templates and sessions, archiving projects.
  • Loading states unified across the app; onboarding moves Skip into the footer per step.
  • Upgrades are surfaced with an accent card and a Recommended badge.
  • A complete IAM administrator's guide: SSO/SAML, SCIM, roles, groups, custom roles, agents, audit.

Fixed

  • Sessions on projects pinned to the Platinum sandbox provider could not start. Production's sandbox_provider type was missing the platinum value, so every session create failed at the database. The value is now added; a sandbox that fails to start also raises properly so provisioning retries.
  • Retry build / Fix with agent works again, snapshot quota cleanup can fire, and the prewarm cache is bounded with an alarm when cleanup falls behind.
  • Permission leaks closed. Project detail sections are filtered by read capability, previously ungated project endpoints now check their capability leaf, member management gates on the leaf rather than a broad write floor, and viewers no longer see error toasts for surfaces they cannot read. Read-only users get a degraded view instead of a broken one, and the floor member role can fire triggers again.
  • Service-account bearer tokens are accepted wherever user tokens are.
  • Unknown CLI commands now error with a suggestion instead of silently scaffolding a project named after the typo.
  • The model picker updates immediately after connecting a provider, and setup links render as clean CTA chips rather than raw token URLs.
  • Resolved high-severity CodeQL findings (ReDoS, temp-file handling, TOCTOU, CLI opener).
  • Rename dialogs no longer close mid-save; sessions and projects show honest error, empty and retry states.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.99...v0.9.100

Read the full release on GitHub →

v0.9.99

Fixed

  • Connecting an LLM provider with "Only me" access made the key invisible to the model gateway — sessions failed with "No upstream configured" while the provider still looked connected, and flipping an existing key to "Only me" silently left the shared key active for every member. Provider API keys are now always project-wide: the per-user option is gone from the connect flow and the API rejects per-user provider keys outright.
  • The marketplace now paginates and virtualizes its listings, and installs no longer fail against a 25-second timeout.
  • The detach-role dialog no longer shows a raw translation key and now spaces the role name correctly.
  • Removed a distracting fade animation on the sidebar toggle.

New

  • File and secret access can now be restricted per role: file and secret reads moved to the editor tier, and new groups default to the member grant.
  • A warning now appears when a group's built-in grant overrides its assigned custom role.
  • The New Project modal has an account picker, so you can choose which workspace a new project lands in.

Improved

  • A smoother session-starting loader.
  • A full accuracy pass over the docs (SDK, CLI, reference, and concepts) against the current code.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.98...v0.9.99

Release on GitHub →

v0.9.98

New

  • Marketplace is on by default. Every project can now browse and install marketplace skills without a feature flag. Kortix Meet, Kortix Computer, and People Search are opt-in installs rather than part of the default set.
  • People Search. A new starter tool that searches LinkedIn profiles (backed by Apify), runs to completion without timeouts, and is billed per call.
  • Expanded skill library. A much larger set of default skills ships with every new project, and the auto-created "My First Project" now gets the full starter pack.
  • SCIM provisioning that just works. Error-free user provisioning from your IdP: invited users arrive active, PUT updates are supported, email lookups are dedup-safe, and Azure AD connector setup gets /ResourceTypes + /Schemas discovery. The SCIM setup dialog now shows the paste-ready absolute base URL.
  • SSO group auto-provisioning. An opt-in toggle creates groups (and their mappings) automatically from IdP claims on login, so directory structure flows into Kortix without manual setup. SSO and SCIM settings cards got status pills and visual group mappings.
  • Upgrades section. Projects have an Upgrades registry with a one-off prompt runner, so platform-side improvements (like a baseline refresh) can be applied to existing projects on demand.
  • Files is a standalone page with Google Drive-style colored folder tiles, out of the Customize overlay. Customize itself moves to a master-detail sidebar for agents, skills, and commands.
  • Warm prebake on push. Sandbox images warm when a commit lands — for every provider a session can use — so sessions on recently-active projects boot faster.
  • CLI: attach to a session. kortix can now attach directly to a running session's agent from the terminal.
  • Per-account concurrent-session limits. Accounts can carry a custom concurrent-session override, and hitting the limit now explains exactly what happened.
  • SDKs on npm. @kortix/sdk and @kortix/llm-catalog now publish to npm with every release, in lockstep with the platform version, joining @kortix/executor-sdk.

Improved

  • Sandboxes no longer idle for hours. An observe-idle reaper with 15-minute/5-minute TTLs, a busy probe, and a provider backstop stop stopped-but-billing dead time.
  • Agents automatically resume work when a turn is killed by a transient model-provider error, instead of stopping silently.
  • The LLM gateway no longer forwards empty completions: it retries the same model once, then fails over to the next candidate. Upstream provider errors now surface in the stream instead of hanging it.
  • The full member directory is visible to all account members (sensitive columns stay manager-only), and member counts reflect what the viewer can see. "Departments" are now "groups" throughout.
  • The PDF viewer opens at a comfortable zoom with the sidebar closed, and presentation viewers drop redundant download buttons.

Fixed

  • Change requests can no longer be empty. An agent that committed but never pushed used to produce a silent "No changes detected" change request; the push step is now enforced and empty CRs are rejected at open time.
  • Session lifecycle races. Starting a brand-new session no longer trips over its own creation (the create-vs-start race), deleting a session mid-provision can no longer resurrect it, the first prompt of a new session is no longer dropped while the agent restarts, a session page open on a stopped sandbox no longer hammers it with requests, and the create-first flow no longer bounces back to the project index.
  • The project-home composer keeps its text while navigating into the new session, and the sidebar flyout stays open while one of its menus is open.
  • Legacy daytona provider names are normalized at session create, so older projects keep working after the provider rename.
  • Suna migration pushes are now idempotent across pods and strip oversized blobs instead of failing.
  • Snapshot cache keys are scoped to in-sandbox inputs, so unrelated source changes no longer invalidate sandbox snapshots.
  • AgentMail inbox limits are handled gracefully instead of erroring the channel.
  • API and gateway origin load balancers only accept traffic from Cloudflare, closing a WAF-bypass path.
  • Gateway request logs strip NUL bytes before persisting, fixing a recurring database write error.

Internal

  • CI hardening: staging keeps its VERSION in sync on release, a duplicate migration was deduped before it could break deploys, staging QA runs behind Vercel SSO with a bypass token, the direct prod hotfix workflow is retired, and dependency/action versions are bumped across the board.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.97...v0.9.98

Read the full release on GitHub →

v0.9.97

This release ships two changes:

1. Per-account concurrent-session override (f162d38289) Concurrent-session caps were tier-only. Adds an operator-set per-account override (credit_accounts.max_concurrent_sessions; NULL = tier decides, a positive integer wins over the tier in both directions) and a clearer 429 message that includes the account's actual limit. Wired through session-create enforcement, trigger backpressure, and the billing account-state response.

2. Session-delete-mid-provision resurrection race fix (this promotion's second change) A session deleted while its sandbox was still provisioning could come back to life: the fire-and-forget provisioner had no status guards on its finish-of-provisioning writes, so a session deleted mid-provision could be flipped back to 'running' (and billed) after the user had already deleted it. Both finish-of-provisioning writes are now conditional on the session not having been deleted/archived in the meantime; two related hardening fixes close the same class of gap in continueSession's revival path and the stuck-session reaper sweep.

Migration: 20260706034600000_account_session_limit_override.sql

  • Adds nullable kortix.credit_accounts.max_concurrent_sessions (int)
  • Idempotent upsert seeding the internal Kortix dogfood account (3b1fc472-a90e-404f-823f-ca42f6b32e4d) with an effectively-uncapped override of 100000 This is the only migration pending between prod and staging.

Rollback: additive-only migration (ADD COLUMN IF NOT EXISTS + idempotent upsert), safe to leave in place. A bad release rolls back via Path 1 in docs/runbooks/rollback-procedure.md: revert the merge commit on prod (PR, reviewed, same gate as forward deploys) — Argo CD self-heals to the prior image tag. No down-migration is needed or defined (matches this repo's node-pg-migrate convention).

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.96...v0.9.97

Read the full release on GitHub →

v0.9.96

Stops the infinite refresh/reconnect storm on the session page when a sandbox is stopped. A stopped box answers /kortix/health with 503; the frontend misread that as connected+booting and fast-polled every 150ms forever, which re-fired all health-gated file/SSE queries (walls of /global/event 503s, auth0 CORS redirects, /file/content?path=.opencode 400s). Now the 503 boot window is bounded (120s -> mark unreachable, 5s poll), and .opencode/.kortix/.git are never read as file content.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.95...v0.9.96

Release on GitHub →

v0.9.95

Agent sessions now automatically resume a turn killed by a transient provider failure (e.g. a model host stall ending in "Upstream idle timeout exceeded", connection resets, 5xx after retries) instead of surfacing a dead error turn. Root sessions only, max 3 resumes per 15 minutes with backoff, never for user aborts or auth/credit errors, kill switch KORTIX_TURN_AUTO_RESUME=0. Completes the v0.9.94 GLM routing fix.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.94...v0.9.95

Release on GitHub →

v0.9.94

Fixes the production "Upstream idle timeout exceeded" turn failures on GLM 5.2.

  • Managed glm-5.2 requests now carry OpenRouter provider routing preferences (order: [z-ai], fallbacks allowed) so they land on Z.AI's first-party endpoint (99.9% uptime, native fp8) instead of being load-balanced across ~20 hosts including low-uptime fp4 requantizations that stall mid-generation until OpenRouter kills the stream.
  • The LLM gateway now detects in-stream upstream error frames (a 200 stream carrying {"error": ...}) and settles the request as upstream_stream_error with a warn log, instead of tracing a dead turn as a success — this failure class is now visible and alertable.
  • Pre-content error frames keep flowing into the existing empty-completion retry/failover path (now regression-tested).

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.93...v0.9.94

Release on GitHub →

v0.9.93

Fixed

  • The LLM gateway no longer returns a blank, empty reply when a model provider silently produces nothing (a rare but real upstream failure mode). It now retries the same provider a few times, then fails over to another configured provider if one is available, before ever giving up — so a transient provider hiccup resolves invisibly instead of showing up as an empty response.
  • The gateway strips stray NUL bytes from request/response logs before saving them, avoiding an occasional database error that could drop a log entry.
  • Fixed a case where the first message of a new session could fail right after an environment restart, instead of waiting for the runtime to come back up.
  • Made the internal migration step idempotent so it no longer depends on which pod happens to run it.
  • Narrowed an account-membership repair path to be safer and more precise.

Improved

  • Platform admins get read-only access to the project access gate for support/investigation, without full write access.
  • Projects can now override which sandbox provider they use on a per-project basis.
  • Slack identity verification is now enabled on staging, matching production.
  • Handle AgentMail inbox-limit errors gracefully instead of surfacing a raw failure.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.92...v0.9.93

Release on GitHub →

v0.9.92

New

  • Per-project sandbox provider override — pin a project to a specific sandbox provider (e.g. Platinum) from Customize → Settings, instead of always following the platform's weighted default.

Fixed

  • Sandboxes could fail on literally the first message in a silent retry loop, caused by a broken dependency bundle baked into the sandbox image. Sandbox image builds now verify the bundle actually works before shipping.
  • A new session's first prompt could be silently dropped right after sandbox startup, requiring a resend. The app now waits for the sandbox to finish restarting before sending the prompt.
  • Fixed a Postgres error that could interrupt request logging when an LLM request or response contained certain binary characters.
  • Fixed a migration bug that could strand a retry in a failed state instead of resuming cleanly.
  • Fixed an edge case in account membership repair.
  • Improved error handling when an AgentMail inbox hits its limit.

Internal

  • Restored the full staging release-verification pipeline (Vercel authentication bypass) after a temporary gate exclusion.
  • Removed the manual prod-hotfix workflow — all production changes now go through the standard promotion flow.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.91...v0.9.92

Read the full release on GitHub →

v0.9.91

Promote the staging hotfix that strips NUL bytes before persisting gateway request/response traces to gateway_request_logs, preventing Postgres 22P05 unsupported Unicode escape sequence alerts from recurring in production.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.90...v0.9.91

Release on GitHub →

v0.9.90

Fixed

  • The first message in a new session now runs reliably. Previously the very first prompt in a brand-new project could silently do nothing, leaving you to send it again. A new session briefly restarts the agent runtime to load its configuration, and the first message was being sent into that restart window and dropped. The first message now waits for the runtime to be ready before it's sent, so it lands on the first try.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.89...v0.9.90

Release on GitHub →

v0.9.89

Improved

  • Refreshed marketing site: a new Company-OS landing page with a Web / Slack / Teams / Mobile / CLI / SDK surface switcher and an interactive "your company, as files" explorer, a revamped enterprise hero, and a single "Request demo" flow across the site.
  • New blog: rebuilt as data-driven React pages (replacing MDX) with branded post covers, plus comparison write-ups (Claude Cowork; OpenClaw + Hermes; ChatGPT / Claude / Grok) covering bring-your-own-model cost and shared-vs-siloed work.
  • The mobile app download preview now shows real app screenshots instead of a placeholder mockup.
  • Cleaned up page titles and metadata so the title bar no longer repeats "Kortix".

Fixed

  • Default-agent sessions now see their connectors. Sessions running as the default agent were getting an empty connector grant, which hid shared Slack channel and computer connectors — they now resolve correctly.
  • Install-based connectors (Slack channel, computer) no longer show "connector not found" in the dashboard connector settings; they fall back to the live connector record.
  • The Agent Computer Tunnel is now a regular connector: a connected machine shows up as a connector automatically, without needing an experimental flag.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.88...v0.9.89

Release on GitHub →

v0.9.88

New

  • Guided project onboarding — new projects now open into a full-screen, step-by-step setup that walks you through connecting your tools and getting to your first run.
  • One /kortix Slack panel — a single Slack command opens a unified panel with a real model picker and per-project default models.
  • Desktop auto-update — the desktop app now updates itself, with a steadier always-on-top window.

Fixed

  • Dead show tool cards no longer render a confusing "File not found" card — they're hidden when the artifact is gone.
  • Stuck tool results now resolve themselves when a run finishes, instead of needing a page refresh.
  • The in-sandbox terminal correctly replays your prompt again.
  • AgentMail inbox-limit errors are handled gracefully instead of failing hard.
  • Tighter, safer account-membership repair.

Behind the scenes

  • Staging runs the full release gate behind Vercel SSO with the Slack identity gate enabled, and releases now go through promote only (the direct prod-hotfix path was removed).

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.87...v0.9.88

Release on GitHub →

v0.9.87

Fixes

  • Deactivate session agent-lock (KORTIX_ENFORCE_SESSION_AGENT_LOCK, default off): no more AGENT_SWITCH_REQUIRES_NEW_SESSION 409, in-session agent switching works, and the first prompt of a new session no longer fails. Agent picker unlocked in the UI.
  • Send-retry: any sandbox 503 now rides the full boot/wake window (~29s) so a prompt to a waking box lands instead of reverting a message that actually ran.
  • deploy-prod self-heal: assert the Argo app tracks 'prod' and repoint a stranded break-glass rollback before the rollout wait.
  • Drata IaC CRITICAL fixed (scoped staging deploy secretsmanager perms); opt-in RELEASE_FAST_TRACK release lane.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.86...v0.9.87

Release on GitHub →

v0.9.86

Fixes

  • Stop the false AGENT_SWITCH_REQUIRES_NEW_SESSION 409 that blocked new sessions on the second message. The proxy now treats the default agent sentinel as non-binding and only blocks a genuine switch between two distinct concrete agents; for default sessions the echoed agent is stripped so OpenCode runs its booted default_agent.
  • Agent picker: clearer hover tooltip explaining a session's agent is fixed at start (start a new session to switch); switcher behavior unchanged.
  • Includes billing duplicate-suppression and Platinum snapshot upload fixes already on main.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.85...v0.9.86

Release on GitHub →

v0.9.85

Promotes the staged Slack identity and session access hardening plus the fresh-account /accounts/me bootstrap repair. Includes the live staging candidate at 79d43a7f with staging API health verified before production promotion.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.84...v0.9.85

Release on GitHub →

v0.9.84

  • Keep the Slack identity/session authorization release active in production.\n- Repair explicit legacy account memberships during project provisioning so fresh production users can create projects after /accounts returns a legacy account_id.\n- Preserve the normal account_members authorization gate after the repair and cover it with a managed-project provisioning regression test.\n- Verified staging API health for 0.9.84-staging.10fccfe9 and staging deploy live verification.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.83...v0.9.84

Release on GitHub →

v0.9.83

Promotes the Slack identity gate and access/authentication hardening with SLACK_REQUIRE_USER_IDENTITY enabled, plus the project-session agent binding fixes that prevent invalid agent switches and preserve default OpenCode agent behavior. Also includes the current main release candidate already validated on staging.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.82...v0.9.83

Release on GitHub →

v0.9.82

New

  • GLM 5.2 is now selectable directly in the model picker; the "Auto" model sits behind a flag.
  • Slack connect and request-access are separate steps now — connect right in a thread, and request access without being pushed through a connect flow first.
  • Slack access nudges arrive as a DM and an in-thread notice so they're harder to miss.
  • Agents no longer stop while they still have open to-dos — an always-on continuation check keeps a run going until its to-do list is actually finished.

Fixed

  • The file viewer now opens dot-directories like .opencode.
  • Free-tier and native Zen free-model availability resolve correctly in the model picker.
  • OAuth and other backend redirects pass straight through to the browser instead of being swallowed — no more blank page on some connect flows.
  • AgentMail inbox-limit errors are handled gracefully instead of failing the request.

Behind the scenes

  • Release and staging CI plumbing: Vercel SSO bypass so the staging release gate runs end-to-end, and removal of the direct prod-hotfix workflow in favor of the staging-only promotion path.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.81...v0.9.82

Release on GitHub →

v0.9.81

  • Return a CORS-safe 409 agentmail_inbox_limit response when AgentMail refuses inbox creation because the inbox quota is reached.
  • Remove the direct-to-prod hotfix workflow so urgent production fixes use the normal staging -> production promotion path.
  • Staging deployed and verified at 0.9.81-staging.74daf84b before promotion.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.80...v0.9.81

Release on GitHub →

v0.9.80

New

  • Connect Slack and email channels directly from the project view — set them up in place without leaving the page.
  • "Fix with agent" on a change request: when a merge is blocked by a manifest conflict, hand it to the agent to resolve it.

Fixed

  • Inbound email now reaches your agent. The AgentMail webhook endpoint had been dropped from the API, so replies to your agent's emails never started a session — restored it, along with the Slack identity-bind endpoint that was dropped with it.
  • Live preview proxy now caps its retry budget under the load-balancer idle timeout, so slow previews fail fast instead of hanging.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.79...v0.9.80

Release on GitHub →

v0.9.79

Promote the current staging candidate to production. Includes latest dev/staging changes through aab6ea55: maintenance/admin fixes, account filtering, project 404 UX, LLM provider UI/free-tier picker fixes, and Vercel prod branch deployment config.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.78...v0.9.79

Release on GitHub →

v0.9.78

New

  • Added the native Kortix marketplace runtime floor so new projects can start with curated skills, starter defaults, and marketplace install/update flows built into the project experience.
  • Expanded the Marketplace UI, CLI commands, registry handling, and project creation defaults so skills can be browsed, installed, updated, and carried into starter projects consistently.
  • Moved the managed LLM gateway into the default routing path behind the production master switch, with OpenRouter and Bedrock-backed managed model routing, AUTO model handling, and server-owned model configuration.
  • Added no-restart warm-fork and sandbox runtime improvements, including build-time catalog baking and credential hot-swap paths for faster agent startup without restarting OpenCode.
  • Added agent email channel support, Slack per-user identity controls, and improved channel/session selection behavior.

Improved

  • Hardened the dev, staging, and production release topology: staging is the release-candidate branch, production promotion retags tested staging images, prod rollback is image-aware, and staging/prod deploy workflows apply database migrations in the right environment.
  • Improved staging environment correctness, including staging database isolation, staging auth/runtime configuration, Daytona as the staging sandbox provider, and staging Cloudflare/API worker deployment.
  • Improved session reliability across browser, terminal, PTY, tunnel, file upload, PDF rendering, and first-prompt retry paths.
  • Improved frontend onboarding and project creation flows with marketplace starter selection, first-project bootstrap fixes, chat input polish, session sidebar persistence, and model picker stability.
  • Improved gateway observability and runtime behavior with structured run-path logging, managed catalog support, session cost display fixes, and live env handling for router tools.

Fixed

  • Fixed staging deploy dispatch, build, and promotion edge cases so staging image pins and release-source SHAs are preserved correctly for production retags.
  • Fixed multiple auth and environment regressions in staging, including server auth env alignment and runtime config validation.
  • Fixed CI and security scan issues around marketplace code, frontend build memory, Drata visibility gating, and staging QA/report publishing.
  • Fixed channel and connector bugs for AgentMail, Slack, email inbox binding, profile inbox defaults, and executor call routing.
  • Fixed warm snapshot and warm pool toggles so disabled settings remain disabled and stale build contexts self-heal.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.77...v0.9.78

Read the full release on GitHub →

v0.9.77

Improved

  • Faster, cheaper model calls: the LLM gateway now applies prefix prompt caching on the Bedrock and Anthropic transports, so shared context (system prompt, tools, history) isn't reprocessed on every request.

Fixed

  • Blocked previews no longer break: when a site refuses to be embedded, the agent shows a link to open the preview URL instead of an empty frame.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.76...v0.9.77

Release on GitHub →

v0.9.74

Gateway streaming improvement, reliability & more bedrock models

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.73...v0.9.74

Release on GitHub →

v0.9.73

Promotes latest main to production.

Highlights:

  • Slack native channel connector consolidation and CLI parity fixes.
  • DB migration backfills executor_connector_provider=channel on faked-baseline prod databases so Slack channel connector materialization works.
  • Live-schema deploy gate now checks enum values, preventing this drift class from recurring.
  • Includes latest main stability/dependency updates already green on main.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.72...v0.9.73

Release on GitHub →

v0.9.72

Redeploy stack

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.71...v0.9.72

Release on GitHub →

v0.9.71

LLM Gateway → production

Promotes the full LLM gateway to production — a per-project router with native cost & usage observability, served at gateway.kortix.com.

Highlights

  • Router — resolve → route → bill across OpenAI-compatible, Anthropic, Bedrock and Codex transports, with fallback chains and a circuit breaker.
  • Managed models — Kortix Power (Claude Sonnet) and Kortix Basic (Claude Haiku) on AWS Bedrock.
  • Per-project BYOK — bring your own provider keys, injected per session.
  • Live pricing — every LLM call priced from the live models.dev feed (24h refresh) with a 20% margin; no hardcoded price tables.
  • Observability — Overview, Cost (per-session LLM + sandbox compute), Usage (requests / tokens / latency / errors), Logs, Budgets, API keys, and a Playground.
  • Per-session cost — LLM + sandbox compute attributed per session.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.70...v0.9.71

Release on GitHub →

v0.9.70

Follow-up reliability fix: removes a too-aggressive internal sweep timeout that could under-cover scheduled triggers at scale, and corrects a false scheduler-stalled health signal. More consistent on-time trigger firing; no other user-facing change.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.69...v0.9.70

Release on GitHub →

v0.9.69

Scheduled triggers (crons) are now resilient — no single trigger can hold up the rest.

  • A slow or stuck trigger fire (e.g. resuming a sandbox) no longer blocks the scheduler: each fire is time-bounded and isolated, so one trigger can fail and retry while every other trigger keeps firing on schedule.
  • The scheduler self-heals — a stalled sweep is automatically reclaimed, so automations can't silently stop.
  • Hardened background-worker leadership so an API-only node can never sit on the scheduler lease without running it.
  • Added a stall watchdog + health signal so a frozen scheduler is surfaced immediately instead of going unnoticed.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.68...v0.9.69

Release on GitHub →

v0.9.68

Fixes the production incident where sessions stuck in an active status with no live box ate the per-account concurrent-session cap — wedging Slack ("queued behind other project work") and 429'ing new sessions. Adds a DB-only reconcileStuckActiveSessions maintenance pass (immune to Daytona throttling) with a real-DB e2e, plus the already-merged /sessions list resilience (#3567) and the provider-agnostic Daytona billing reaper + orphan-box reaper. Also: honest, reason-aware Slack status messages (out-of-credits / at-cap / not-found).

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.67...v0.9.68

Read the full release on GitHub →

v0.9.67

  • Stage scaffold.git for Daytona snapshot build contexts so template builds no longer fail before user Dockerfile steps.
  • Reuse the shared snapshot build-context path across providers to keep required files consistent.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.66...v0.9.67

Release on GitHub →

v0.9.66

Sandbox lifecycle + compute billing (headline)

  • Idle sandboxes now reliably auto-stop after 15 min of no real activity on every provider, and compute billing closes deterministically the moment a box stops — fixes sandboxes that kept running (and billing) for hours/days after work finished.
  • Provider-agnostic reaper (real provider state = source of truth; idleness keyed off real turns), quiesce so an open tab can't resurrect a finished box, Platinum reprovision-on-open, gateway per-session usage attribution, provider lifecycle webhooks (/v1/webhooks/sandbox/*) with the reaper as a zero-config backstop, and a billing-invariant monitor.

Also in this release

  • Executor unified into one CLI/MCP/SDK (#3541, #3549); OpenCode title sync (#3544); compact session digests (#3534); preview env-sync retries (#3538, #3539); revert Bedrock (#3545); credits never render as -0 (#3415); dep bumps.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.65...v0.9.66

Release on GitHub →

v0.9.65

Fixes an intermittent production session provisioning failure for private GitHub repos. The shared per-project git mirror now resolves stored project credentials before clone/fetch even when a tokenless background caller wins the refresh lock, preventing unauthenticated cold-cache clones. Git repository authentication failures are also categorized as git-auth instead of being misreported as a Daytona provider failure.

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.64...v0.9.65

Release on GitHub →

v0.9.64

  • Fix warm-pool claimed sessions so their sandbox token is re-scoped to the real session before the spare row is removed.
  • Restart/reconfigure OpenCode after claim so Executor MCP, LLM gateway, and project config are available for manual and cron trigger sessions.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.63...v0.9.64

Release on GitHub →

v0.9.63

New

  • Per-agent authorization — scope exactly what each agent can touch with [[agents]] in kortix.toml.
  • Instant session shell — sessions open immediately with an optimistic create and a shared composer, so there's no wait to start working.

Improved

  • Project home, configure, and composers now route through the instant shell for a snappier first interaction; workspace top bar refresh and background restored.
  • Warm pool is now per-template opt-in (no global cap) — templates that benefit from pre-warmed sandboxes get them without tying up capacity for those that don't.
  • The production backend now runs colocated with the database (London), cutting cross-region latency on every request.

Fixed

  • Slack: exactly-once turn dispatch and durable, atomic credit deduction — no more double answers or missed credits.
  • Terminal: fixed a PTY WebSocket reconnect loop when a JWT expired.
  • Warm pool: send the Daytona preview token on the park health probe.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.62...v0.9.63

Release on GitHub →

v0.9.62

Sandbox boot time improvements, UI improvements

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.60...v0.9.62

Release on GitHub →

v0.9.59

Redeploy

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.57...v0.9.59

Release on GitHub →

v0.9.57

Slack — fixed the dev/prod stuck-hourglass path by shipping the Slack schema/runtime hotfix and preserving canonical + bring-your-own webhook parity.

Invocation lifecycle — reapplied the unified session invocation engine so Slack, manual triggers, cron, webhooks, CLI, mobile, and web session creation share the same durable lifecycle path.

Triggers — webhook/manual/cron trigger fires now use durable queued invocation semantics under backpressure and record accepted queued fires in trigger runtime state.

Verification — dev API is serving 0.9.57-dev.845b5eda; /v1/health sampled cleanly; Slack canonical route rejects unsigned requests with 401; BYO manifest emits production/dev API webhook URLs correctly; trigger E2E and API typecheck passed before merge.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.56...v0.9.57

Release on GitHub →

v0.9.56

Sessions — more reliable runtime recovery and a refactored session lifecycle; terminal PTYs are now isolated per session; session branches are local-first and publish to origin lazily; the show tool fills the Actions panel height; the welcome wallpaper stays full-width when the side panel is open.

Browser & sharing — the browser preview stays mounted across panel switches; added public preview and file share links; Chromium for agent-browser is now baked into every session image.

Slack — clearer channel intro and App Home copy; unified canonical + bring-your-own into one manifest builder with per-project parity; the question tool no longer auto-answers outside Slack and is disabled in-thread.

Web — restored social avatar downloads and the full logo; added a /game-of-life page seeded from the Kortix logo.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.55...v0.9.56

Release on GitHub →

v0.9.55

This release focuses entirely on making sessions start faster and more reliably.

Improved

  • Sessions open faster. The computer behind a session now warms up earlier and is prefetched as you navigate, so there's less waiting before you can start typing. Under the hood we also trimmed cold-start time (lighter tool loading, a pre-warmed runtime baked into the image).
  • A single, clearer loading screen. Starting a session now shows one consistent loader with clear steps, instead of overlapping or flickering states.
  • Titles appear right away. A session picks up its title as soon as the agent names it, rather than staying unnamed until your next message.

Fixed

  • Sessions no longer get stuck on the loading screen — start-up now retries on its own when a transient hiccup (like a momentarily missing sandbox id) would previously leave it stranded.
  • Your first message stays visible while the session connects, instead of briefly disappearing.
  • Warm sandboxes are now prepared for the person actually opening the session, not always the project owner.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.54...v0.9.55

Release on GitHub →

v0.9.54

Session loading is now clean end-to-end:

  • The chat input no longer jumps to the top of the page while a session connects.
  • No more brandmark 'arcs' bleeding through behind the loader on a fresh session.
  • The loader and the session shell never show at the same time — connecting shows just the loader, ready shows the full session, never both at once.
  • More reliable Slack session handling (session lifecycle now goes through the unified openSession path).

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.52...v0.9.54

Release on GitHub →

v0.9.52

Sessions — unified, more reliable startup. Opening a session now runs through one server-driven endpoint that provisions, resumes, and connects the workspace in a single call, with a clean staged "Kortix Computer is starting" loader. Fixes the intermittent "stuck spinner until a hard refresh," removes a stale git-lock failure that could block session creation, and makes the connect flow predictable. Verified end-to-end on dev (project + session CRUD, repeatable cold starts ~17s).

Files. File reads now go through the sandbox daemon; the PDF and PPTX viewers were rebuilt.

Security. Session visibility is now enforced on the sandbox proxy daemon port, not just account membership.

Reliability. Warm-pool boxes that errored are swept automatically; pool boxes boot on the reliable region.

Integrations. Slack app expanded to 57 bot scopes with the AI Assistant enabled.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.51...v0.9.52

Release on GitHub →

v0.9.49

New

  • Connect your ChatGPT Plus/Pro subscription. Sign in once from a project's provider settings — or from the CLI with kortix providers login openai — and every session reuses it, no API key needed. It uses OpenAI's device login and stores the resulting credential encrypted, per project.
  • Skills tab is now a real file tree. Browse a project's skills as a navigable, recursive tree.

Improved

  • Slack is steadier. Agent questions no longer block a turn, so threads don't get stuck; a Slack thread now maps permanently to a single session that brings its own sandbox back as needed; and the flaky streaming widget was retired.
  • Executor accepts YAML OpenAPI specs, with hardened spec parsing.
  • CLI agents reach full programmatic parity, including parallel sub-agent orchestration.

Under the hood

  • More API memory headroom (dev + prod) so the new ChatGPT device login can't exhaust a pod.
  • Dev cluster tuning for low traffic (autoscaling and pod-disruption-budget adjustments).

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.48...v0.9.49

Release on GitHub →

v0.9.48

ArgoCD bug in HPAs

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.45...v0.9.48

Release on GitHub →

v0.9.45

Health endpoint now shows memory of a pod

What's Changed

New Contributors

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.44...v0.9.45

Release on GitHub →

v0.9.43

Internal pipeline release — no product or API behavior changes.

What's Changed

New Contributors

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.42...v0.9.43

Release on GitHub →

v0.9.42

Fixed

  • Sessions started by Slack messages, schedules, and webhooks were only visible to the account owner — they now show up for everyone on the project. This applies to existing sessions too, so past Slack threads and trigger runs appear in the session list.

Improved

  • Sessions in the sidebar now show where they came from, with an icon for Slack, scheduled, and webhook sessions — hover to see the trigger behind it.
  • Click the SESSIONS header to filter the list: All, My Chats, Shared, Slack, Scheduled, or Webhook, each with a count.

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.41...v0.9.42

Release on GitHub →

v0.9.39

E2E Kubernetes setup with ArgoCD

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.38...v0.9.39

Release on GitHub →

v0.9.38

Fixed

  • Named connector actions work again across apps (Salesforce, Google Drive, Box, OneDrive, WhatsApp Business, and more). Tool calls were failing with an opaque "HTTP 502" because the connected account was attached under the wrong property name for many apps, so actions ran without their credentials. The binding is now resolved from each action's own definition — existing connectors work immediately, no reconnect needed.

Improved

  • When a connector call fails, the agent now sees the real cause — the upstream status and error message instead of a bare 502 — plus a pointer to the connector's raw request tool as a fallback. (Error responses moved from HTTP 502 to 500 so the message survives the proxy layer.)
  • Connector call failures are now recorded with their reason, making them diagnosable in one step.

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.37...v0.9.38

Release on GitHub →

v0.9.37

Mobile app v2

Full account-management parity with web: members, invites, groups, roles, audit log (filters, diffs, CSV/JSONL export), tokens (PATs + service accounts), security (MFA, session controls), observability webhooks, and Git installations — all native. Plus a rebuilt Files page (create/edit/save, classic UI), Terminal + Browser side-panel tabs with a real ANSI PTY renderer, session menu parity (rename/share/delete/restart), per-project tab memory, offline boot fixes, and a broad visual polish pass (borderless lists, bottom sheets, skeleton loaders, haptics).

Team billing fixes

  • Upgrade/subscribe flow is now scoped to the project's account, not the viewer's primary account (fixes per-seat checkout charging the wrong account)
  • Checkout/subscribe gated behind billing.write; Billing shortcut hidden for non-billable users
  • Subscribe modal shows the live projected seat total
  • Newly-joined invitees land on /projects instead of account settings

Web

  • Delete-session dialog clarifies the branch is preserved

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.36...v0.9.37

Release on GitHub →

v0.9.36

bake secrets into sandbox

What's Changed

New Contributors

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.35...v0.9.36

Release on GitHub →

v0.9.35

Resolves waves of Request timed out after 30s across unrelated endpoints (change-requests, sandbox-health, secrets, iam, sessions). Root cause (confirmed against live prod via pg_stat_statements + CloudWatch): the postgres.js client had no pool/timeout config (max:10/replica, ~20 connections fleet-wide vs a 240 server) and no acquire timeout, so occasional very-slow queries pinned connections up to the 2-min server limit and other requests queued until the 30s client abort.

  • DB client: max 10->15, connect_timeout 10s, idle_timeout 30s, max_lifetime, statement_timeout 25s (below the 30s client abort so stuck queries free their connection and the queue drains). Proven against the real DB.
  • Web: collapse 7 per-action IAM effective probes into one batch call.
  • Infra: opt-in ALBRequestCountPerTarget autoscaling.
  • Request-deadline middleware shipped inert (default off) pending long-op exemption analysis.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.34...v0.9.35

Release on GitHub →

v0.9.34

Desktop

  • Product-only desktop app shell with a new Download apps page and a frontend-URL switcher.
  • Visitor-tracking pixels suppressed inside the desktop app.

Channels & Slack

  • Unified all channel message delivery into one canonical server-side path (removed the legacy queue drainer/storage/routes).
  • Slack manifest webhook URL now derives from the public API origin; post-install OAuth now lands on the Customize → channels view; dev Slack app pointed at the new KortixDev app / dev-api.

Web & API reliability

  • Brand-compliant container radii; third-party Sentry Promise.then tampering noise suppressed.
  • Bounded the Daytona snapshot lookup so /sandbox-health can't hang.

Release pipeline

  • Promote pre-flight green-gate hardened (ignores the promote run's own check and superseded duplicate checks); deploy-prod retag now falls back to :dev-latest per image so a single-surface commit promotes cleanly.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.33...v0.9.34

Release on GitHub →

v0.9.33

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.32...v0.9.33

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.32...v0.9.33

Release on GitHub →

v0.9.32

New

  • Connectors: edit a connection's configuration after setup, plus a broad connectors UX overhaul.
  • Sandboxes now hibernate instead of being destroyed, and resume in place — faster to pick work back up.
  • New MDX blog, launching with the flagship Kortix article.
  • The CLI now tells you when a newer release is available.

Improved

  • Cleaner project tab bar and a modernized share dialog.
  • The collapsed project sidebar rail now expands when you click the logo or Sessions.
  • Refreshed landing-page SEO metadata.

Fixed

  • Browser auth now works in sandbox previews (same-origin /supabase proxy; relative BACKEND_URL handled correctly).
  • Sandbox previews are now transparent to upstream framing and CSRF checks.
  • Resolved a migration heartbeat index ordering bug and version collisions.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.31...v0.9.32

Release on GitHub →

v0.9.24

  • Auth: magic-link sign-in no longer silently falls back to localhost for the redirect target.
  • Connectors: the Pipedream connect popup is now usable inside the Customize modal.
  • Memory: branded memory tool views + a fix for memory create durability.
  • Billing (dev): self-contained Stripe test sandbox for local per-seat checkout.
  • Infra: documented kortix-alb-waf *_BODY rules set to Count.

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.23...v0.9.24

Release on GitHub →

v0.9.23

stripe webhook reconciliation

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.22...v0.9.23

Release on GitHub →

v0.9.22

show claim button only for legacy users

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.21...v0.9.22

Release on GitHub →

v0.9.19

New

  • Project memory — agents get a first-class memory tool to read and write a durable project brain in .kortix/memory/, replacing the old prompt-injection plugin. The memory-reflector keeps it curated on a schedule.
  • Runtime feature controls — turn built-in capabilities (memory, web tools, terminal, the show tool, the executor) on or off per project in kortix.toml [runtime], or enforce them per session. disable_all runs a session as plain OpenCode.
  • kortix init is now standalone — like create-next-app, it scaffolds a new Kortix project in its own fresh directory.
  • Experimental feature flags — a per-project system to gate work-in-progress features (Apps, Agent Tunnel).
  • Typed API + live docs — the API is fully typed end to end, with interactive reference docs at /v1/docs.

Improved

  • Leaner project starter — the full agent runtime ships as editable source with a cleaner default layout (the Slack skill is now kortix-slack).
  • kortix ship walks you through connecting any connector that still needs auth.
  • Mobile-responsive marketing pages and a full-screen mobile nav; chat links and file paths open in the active session panel.
  • Per-account project limits by plan.

Fixed

  • Subscriptions are scoped to the owning account.
  • Several API request-validation and auth-ordering regressions.
  • Code-scanning (CodeQL) findings.

Internal: the API was decomposed so every file is under 1k lines, and CI now rebuilds only when the dependency closure changes.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.18...v0.9.19

Release on GitHub →

v0.9.18

Fixed

  • The site was showing "Something went wrong" on every page after the last release. The page metadata was being built from an environment value that wasn't a valid URL, which crashed server-side rendering across the whole site. The base URL is now validated (and falls back to the canonical domain), restoring all pages.

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.17...v0.9.18

Release on GitHub →

v0.9.17

New

  • Contact page demo lead qualifier with a paid-gated founder concierge flow.
  • Rebuilt /developers page — brand-aligned and closer to the product.
  • Revived the admin accounts console backend.

Improved

  • Background workers (cron, triggers, sweeps) now elect a single leader across multi-replica Fargate, so scheduled work fires exactly once instead of once per replica.
  • Maintenance flags moved to the database (dropped Vercel Edge Config).
  • Local/dev/prod environment flow standardized on dotenvx, with pre-commit auto-encryption of committable .env files.

Fixed

  • Vercel production build (a lint error that failed next build).
  • Vercel pnpm install falling back to npm.
  • An OpenTelemetry dependency pin that was crashing next dev.

Internal

  • Added the ke2e black-box end-to-end API test suite (work in progress).
  • Compliance/Drata key handling.

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.16...v0.9.17

Release on GitHub →

v0.9.15

AWS security baseline (CloudTrail KMS, GuardDuty, VPC flow logs, S3 hardening, AWS Backup, WAF, IAM group-based access), Drata compliance-as-code pipeline, and the review-gated production release flow. First release cut through the new PR-gated promote.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.14...v0.9.15

Release on GitHub →

v0.9.14

  • All accounts view — see and search your projects across every account you belong to from one place, grouped by account.

  • Invited teammates now reliably land on the project they were invited to — fixed a case where the access grant could be skipped when accepting an invite.

  • Inviting someone is now near-instant: the request no longer waits on the invitation email (now sent in the background) or a slow account lookup.

  • Switching accounts from an account settings page now takes you to that account instead of staying on the previous one.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.13...v0.9.14

Release on GitHub →

v0.9.10

  • LLM gateway: consolidated onto a single OPENROUTER_API_KEY for both the router (/v1/router) and the managed gateway (/v1/llm); LLM_GATEWAY_ENABLED is now validated through the config schema instead of raw process.env. Dropped the redundant KORTIX_OPENROUTER_API_KEY.
  • Fix: Dev-panel command-copy box now uses the correct DS container radius (rounded-2xl), unblocking the frontend production build.

What's Changed

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.9...v0.9.10

Release on GitHub →

v0.9.7

  • A production promote now rolls the prod API automatically — no manual deploy step. The frontend already auto-deployed via Vercel; this closes the gap so a single promote ships everything.
  • Internal: added a release runbook (versioning policy + release notes generated from the git log).

No user-facing app changes in this release.

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.6...v0.9.7

Release on GitHub →

v0.9.6

  • New changelog — a public /changelog page that shows every release, sourced straight from GitHub Releases.
  • Developer docs are public at /docs, with an accuracy pass and a dedicated Developers page.
  • Landing refresh — a Product / Developers split and clearer home copy ("Your company's AI workforce").
  • Renamed /enterprise → /contact.
  • Releases now require a written title and notes, so the changelog stays readable from here on.

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.9.5...v0.9.6

Release on GitHub →

v0.9.0

What's Changed

New Contributors

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.8.44...v0.9.0

What's Changed

New Contributors

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.8.44...v0.9.0

What's Changed

New Contributors

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.8.44...v0.9.0

What's Changed

New Contributors

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.8.44...v0.9.0

What's Changed

New Contributors

Full Changelog: https://github.com/kortix-ai/suna/compare/v0.8.44...v0.9.0

Read the full release on GitHub →

v0.8.44

v0.8.44 — Reliability fixes, session loading overhaul, and mobile polish

This release improves session reliability, removes legacy session loaders, hardens API recovery and SSH flows, and ships a broad set of mobile UX upgrades.

Highlights since v0.8.43:

  • Keep reconnect flows in the background and add polling/SSE fallbacks to avoid empty or stale session states
  • Eliminate session loaders with IndexedDB cache, background prefetch, and store consolidation
  • Fix provider health fallbacks, SSH key verification, sandbox/runtime handling, and justavps recovery compatibility
  • Deliver mobile improvements across titles, tabs, drawers, settings, theming, and local sandbox visibility

Changes

  • fix(ci): force-sync production branch during releases
  • fix(admin): remove broken account activity view
  • Delete
  • fix(web): keep reconnects in background
  • Eliminate session loaders: IndexedDB cache, background prefetch, store consolidation
  • fix(api): return fallback health for unsupported providers
  • fix(api): SSH key verify ran $(stat) on host, not in container
  • fix(api): stop calling ensureRunning from SSH setup — it force-restarts the workload
  • fix(api): drop 'pipefail' from justavps recovery — dash-incompatible
  • (mobile) Ability to modify session title
  • (mobile) bridge optimistic parts in hydrate + SSE to prevent empty user bubble
  • (mobile) use /global/config so custom providers persist across dispose
  • (mobile) add 3s polling fallback for busy sessions when SSE is broken
  • (mobile) re-hydrate loaded sessions after SSE gap
  • (mobile) make project_select/create tool rows tap-to-open project
  • (mobile) make file-op footer path tappable to open file preview
  • (mobile) port tool-meta, 15s SSE heartbeat
  • fix(api): justavps host recovery script used invalid shell syntax
  • fix(web): bridge optimistic parts in hydrate to prevent empty user bubble
  • (mobile) surface local Docker sandbox in listSandboxes via local-bridge probe
  • fix web custom provider: use global config endpoint so providers persist across dispose
  • fix malformed opencode.jsonc from ocx init breaking custom LLM provider registration
  • (mobile) Fix sandbox update
  • fix sandbox privilege handling for managed runtimes
  • (mobile) change modal into sheet on update
  • (mobile) ui update wip
  • (mobile) UI improvements
  • (mobile) Update colors
  • (mobile) Fix crash when changing theme
  • (mobile) Clean up user menu sheet
  • (mobile) When opening user's settings sheet, do not close drawer
  • (mobile) Animate tabs page
  • (mobile) Improve drawers ui
  • (mobile) Modern hamburger
  • (mobile) Make better gradient about prompt textarea
  • (mobile) Improvements on the bottom bar
  • (mobile) Keep centered pill
  • (mobile) Do not open tabs on double click on a single tab
  • (mobile) expand to all tabs
  • fix(web): add polling fallback when SSE is broken during busy sessions
  • fix(web): prevent stale state from clearing optimistic messages on session create
  • (mobile) Update at the footer
  • (mobile) WIP on the drawers

Docker Images

  • kortix/computer:0.8.44
  • kortix/kortix-api:0.8.44
  • kortix/kortix-frontend:0.8.44
Release on GitHub →

v0.8.43

v0.8.43 — Sandbox recovery hardening, maintenance controls, and session polish

Hardens sandbox recovery, YOLO/env reinjection, and billing/test cleanup while adding maintenance notification controls, custom provider support, and multiple session/chat UX fixes.

Changes

  • fix(api): harden test DB cleanup and sandbox recovery
  • feat(web): v1 maintenance notification management system
  • fix(web): resolve React hooks build error and lint warnings
  • fix(web): clean up tab icons + session chat polish
  • Revert "fix(web): remove visible truncation comment from code blocks"
  • fix(web): remove visible truncation comment from code blocks
  • fix(web): restore clickable project select/create → opens project tab
  • fix(web): restore ShowTool card chrome + clickable file paths on Edit/Write
  • fix(web): stop stripping text content during streaming
  • refactor(web): rewrite session chat tool rendering + streaming
  • fix(platform): centralize sandbox access for admin actions
  • fix(runtime): fail soft on invalid config and surface repair actions
  • fix(local): normalize sandbox discovery and instance routing
  • fix(browser): mark viewer connected before first frame
  • fix(local): restore sandbox discovery and browser sessions
  • fix(runtime): align recovery UI and custom provider writes
  • fix billing sync for legacy Stripe accounts (#3075)
  • fix(env-injector): use serviceKey for auth on non-pooled sandboxes
  • fix(update): re-inject env vars after sandbox image update
  • fix(sandbox): re-inject env vars on restart via existing env-injector
  • fix(sandbox): restore simple YOLO URL default, remove syncYoloEnv
  • fix(sandbox): remove hardcoded YOLO URL default, let API inject it
  • fix(sandbox): derive YOLO URL default from KORTIX_API_URL (dev vs prod)
  • fix(sandbox): default KORTIX_YOLO_API_KEY to KORTIX_TOKEN on boot
  • fix(sandbox): inject KORTIX_YOLO env vars at JustAVPS machine creation
  • fix(sandbox): persist defaulted KORTIX_YOLO_URL to process.env
  • fix(instance): add layered health and targeted recovery
  • fix: use direct YOLO API URLs (api-yolo.kortix.com/v1) instead of Vercel frontend
  • fix: inject KORTIX_YOLO_URL and KORTIX_YOLO_API_KEY in all sync paths
  • (mobile) add custom provider connection for OpenAI-compatible endpoints
  • (mobile) lift bg, trim fg, brighten borders
  • fix: repopulate yolo auth in sandboxes

Docker Images

  • kortix/computer:0.8.43
  • kortix/kortix-api:0.8.43
  • kortix/kortix-frontend:0.8.43
Release on GitHub →