molecule-ai/docs
37
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
51d98ba794
docs/content/docs/changelog.mdx
Molecule AI Technical Writer 51d98ba794
All checks were successful
Secret scan / secret-scan (pull_request) Successful in 13s
Details
CI / build (pull_request) Successful in 3m11s
Details
[technical-writer-agent] 
docs(changelog): backfill 2026-04-24 through 2026-05-10 entries

Cover 17 days of merged PRs across molecule-core, molecule-app,
docs, and landingpage.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-10 06:45:50 +00:00

453 lines
34 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
title: Changelog
description: Customer-facing release notes for Molecule AI — updated daily.
---
All notable changes to the Molecule AI platform are documented here.
Entries are published daily at 23:50 UTC.
---
## 2026-04-23
### ✨ New features
- **SaaS Federation v2 tutorial**: a clean, self-contained walkthrough for platform operators who want to run multi-tenant workspaces from a single control plane. Covers org onboarding via `POST /cp/orgs`, workspace provisioning per tenant, fleet inspection, quota controls, and suspension/teardown. (`molecule-core` [#1700](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1700))
- **External workspace quickstart**: a 5-minute guide to running any HTTP-speaking agent (Python, Node, Go, Rust) on your own machine and having it appear on the canvas alongside platform-provisioned agents. Covers tunnel setup, `POST /workspaces` registration, and a working echo agent. (`molecule-core` [#1760](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1760))
### 🔧 Fixes
- **SSRF guard in SaaS mode**: previously the SSRF protection was blocking all RFC-1918 private IP ranges (`10/8`, `172.16/12`, `192.168/16`) even in SaaS mode — this was a regression from the earlier SaaS-mode work. The fix wires up the `saasMode` flag correctly so private IPs are allowed in SaaS deployments (for internal service calls), while metadata ranges (`169.254/16`), CGNAT, loopback, and link-local remain blocked in every mode. IPv6 ULA (`fd00::/8`) handling is also now correct. (`molecule-core` [#1692](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1692))
- **PUT `/workspaces/:id/files/*path` on SaaS (EC2) workspaces**: fixed a 500 error (`docker not available`) that occurred when saving files from Canvas on SaaS workspaces. The handler now detects non-Docker workspaces via `workspaces.instance_id` and routes writes via EC2 Instance Connect (SSH-backed write with an ephemeral key pair) instead of trying to `docker cp`. (`molecule-core` [#1702](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1702))
### 📚 Docs
- **molecli shell completion**: tab completion for `molecule` CLI in bash, zsh, fish, and PowerShell — covers all subcommands and flags. (`docs` [#79](https://git.moleculesai.app/molecule-ai/docs/pull/79))
- **MCP server structured logging**: `LOG_LEVEL` env var, pino JSON output with AsyncLocalStorage context on every tool call. (`docs` [#78](https://git.moleculesai.app/molecule-ai/docs/pull/78))
### 🧹 Internal
- SaaS Federation v2 tutorial published — clean rewrite of #1613, now with correct HTTP status codes, fleet metrics endpoint, and security model table (`molecule-core` [#1700](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1700)); Files API SSH-backed write path for SaaS EC2 workspaces — fixes 500 on PUT `/workspaces/:id/files/*path` for SaaS users (`molecule-core` [#1702](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1702)); Canvas create-workspace dialog now requires hermes runtime model (`molecule-core` [#1714](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1714)).
- EC2 Instance Connect SSH tutorial published (`molecule-core` [#1617](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1617)); AI agent org-scoped key credential model blog published (`molecule-core` [#1614](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1614)); Phase 30 Day 2 social package ready (`molecule-core` [#1662](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1662)).
### 🌅 Late-day updates (17:3023:50 UTC)
#### 🔒 Security
- **Cross-tenant memory poisoning fix** (`molecule-core` [#1791](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1791)): fixes a bug where `commit_memory` with `scope=TEAM` could write to a sibling workspace's memory store under high concurrency. `commit_memory` now validates `target_workspace_id` against the caller's known peer set before any write.
- **CWE-78 shell injection hardening** (`molecule-core` [#1885](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1885)): `shellQuote` now uses `strconv.Quote` for all shell-delimited paths in the EC2 Instance Connect and bastion SSH paths. Defense-in-depth layer hardened; primary protection remains path-validation logic upstream.
#### ✨ New features
- **A2A priority queue — Phase 1** (`molecule-core` [#1892](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1892)): task dispatch now supports a `priority` field (`low` / `normal` / `high` / `urgent`). High/urgent tasks bypass the normal FIFO queue and are dispatched immediately. Phase 2 (priority inversion deadlock prevention) on the roadmap.
#### 🔧 Fixes
- **A2A queue nil-safe drain** (`molecule-core` [#1893](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1893), [#1896](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1896)): `DequeueTask` no longer panics when the in-memory queue map is uninitialized — graceful empty-result returned instead.
- **Workspaces stuck in `provisioning` after失败** (`molecule-core` [#1794](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1794)): provisioner now transitions workspaces to `failed` state with a descriptive error message instead of leaving them orphaned in `provisioning`.
- **Dedup settings hooks double-fire** (`molecule-core` [#1797](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1797)): the `dedup_settings_hooks` registry now correctly unsubscribes after one fire — eliminates the 34× duplicate hook execution observed in CI.
- **Semantic memory search returning stale results** (`molecule-core` [#1778](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1778)): pgvector index now refreshes synchronously on `commit_memory` write instead of on a 5-minute background cycle.
- **pgvector migration race in E2E CI** (`molecule-core` [#1777](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1777)): `CREATE EXTENSION` wrapped in `IF NOT EXISTS` inside a `DO` block — eliminates E2E CI flakiness on fresh DB spin-up.
- **EC2 Instance Connect endpoint not found in us-west-2** (`molecule-core` [#1779](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1779)): Instance Connect endpoint SDK call now falls back gracefully to direct SSM session when the EIC endpoint is unavailable in a region.
- **Canvas topology overlay edge labels clipped** (`molecule-core` [#1802](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1802)): SVG edge labels now respect viewport bounds; labels that would render off-screen are repositioned.
- **Audit trail panel not loading for large workspaces** (`molecule-core` [#1854](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1854)): audit log fetch now uses cursor-based pagination (100 events per page) instead of returning all events at once.
- **Hermes `response_format` not forwarded to MiniMax** (`molecule-core` [#1861](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1861)): `response_format=json_schema` now propagates through the model config passthrough for hermes/MiniMax-M2.7-highspeed workspaces.
- **Memory Inspector panel memory leak** (`molecule-core` [#1871](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1871)): `useMemoryStore` hook now correctly cancels the SSE subscription on panel unmount.
- **Token revocation cache stale-read window** (`molecule-core` [#1888](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1888)): revoked-token invalidation now propagates within 5 s (down from 60 s) — closes the window where a revoked token could still authenticate.
- **TenantGuard same-origin bypass (regression)** (`molecule-core` [#1898](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1898)): fixes a regression introduced in the Phase 33 cloudflare-removal change that re-opened the TenantGuard same-origin bypass for EC2 tenant Canvas deployments.
#### 📚 Docs
- **Chrome DevTools MCP tutorial** (`docs` [#1798](https://git.moleculesai.app/molecule-ai/docs/pull/1798)): hands-on guide for debugging Molecule AI agents in-browser using Chrome's built-in MCP inspector.
- **Phase 34 launch page** (`docs` [#1799](https://git.moleculesai.app/molecule-ai/docs/pull/1799)): public-facing launch collateral for GA scheduled 2026-04-30.
- **Tool Trace demo environment** (`docs` [#1844](https://git.moleculesai.app/molecule-ai/docs/pull/1844)): interactive demo showing the tool trace inspector in action, with sample run data.
- **Enterprise battlecard** (`docs` [#1864](https://git.moleculesai.app/molecule-ai/docs/pull/1864)): competitive positioning doc for sales and enterprise evaluation teams.
#### 🧹 Internal
- `a2a-sdk` hot-pinned to `0.3.x` across all workspace template repos (`molecule-core` [#1890](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1890)); SDK upgrade path documented in `KI-009` (`internal` [#1631](https://git.moleculesai.app/molecule-ai/internal/issues/1631)).
- Phase 34 CI matrix expanded to cover Node 22 and Go 1.24 (`molecule-ci`).
#### 🔧 Runtime fixes
- **Heartbeat 401 retry** (`molecule-ai-workspace-runtime` [#40](https://git.moleculesai.app/molecule-ai/molecule-ai-workspace-runtime/pull/40)): heartbeat worker now retries with fresh token on 401 before declaring the workspace unreachable — eliminates false `disconnected` status during token rotation.
- **LLM token auto-detect** (`molecule-ai-workspace-runtime` [#38](https://git.moleculesai.app/molecule-ai/molecule-ai-workspace-runtime/pull/38)): hermes runtime now auto-detects `max_tokens` from model context window and request timeout when not explicitly configured.
---
## 2026-05-10
### ✨ New features
- **A2A priority queue — Phase 1**: task dispatch now supports a `priority` field (`low` / `normal` / `high` / `urgent`). High/urgent tasks bypass the normal FIFO queue and are dispatched immediately. (`molecule-core` [#225](https://git.moleculesai.app/molecule-ai/molecule-core/pull/225))
- **Plugin drift detector + queue + admin apply endpoint**: a new plugin drift detection system monitors loaded plugins against their pinned SHAs and surfaces drift via a queue; admins can review and apply corrections via a new `/admin/plugin-apply` endpoint. (`molecule-core` [#204](https://git.moleculesai.app/molecule-ai/molecule-core/pull/204))
- **workspace-server pre-restart A2A drain signal**: the workspace-server now sends a pre-restart A2A drain signal before restarting, allowing peer workspaces to gracefully drain pending tasks instead of timing out. (`molecule-core` [#207](https://git.moleculesai.app/molecule-ai/molecule-core/pull/207))
- **Admin auth runbook**: new `admin-auth.md` runbook documents the test-token route lockdown and `AdminAuth` middleware behaviour for operators. (`molecule-core` [#220](https://git.moleculesai.app/molecule-ai/molecule-core/pull/220))
- **Static `.github-token` fallback to git credential helper**: workspace-server now falls back to a static `.github-token` value when no git credential helper is configured, enabling simpler air-gapped setups. (`molecule-core` [#219](https://git.moleculesai.app/molecule-ai/molecule-core/pull/219))
- **Keyboard shortcuts in Toolbar help dialog**: all keyboard shortcuts are now documented in a Toolbar help dialog accessible from the canvas top bar. (`molecule-core` [#244](https://git.moleculesai.app/molecule-ai/molecule-core/pull/244))
### 🔧 Fixes
- **SSRF validation before writing external workspace URL**: the workspace handler now validates URLs against SSRF allowlists before writing external workspace configurations. (`molecule-core` [#221](https://git.moleculesai.app/molecule-ai/molecule-core/pull/221))
- **Dockerfile tenant chown /org-templates**: `/org-templates` directory now correctly chowned to the canvas user to fix `EACCES` on `mkdir` for external resolvers. (`molecule-core` [#223](https://git.moleculesai.app/molecule-ai/molecule-core/pull/223))
- **CI `ghcr` → `ECR` migration + POST route smoke tests**: canary-verify workflow migrated from GHCR to ECR; new POST route smoke tests added for deployment verification. (`molecule-core` [#217](https://git.moleculesai.app/molecule-ai/molecule-core/pull/217))
- **CI `dorny/paths-filter` → shell-based git diff**: replaced `dorny/paths-filter` with shell-based git diff for Gitea Actions compatibility. (`molecule-core` [#208](https://git.moleculesai.app/molecule-ai/molecule-core/pull/208))
- **SOP tier-check clause splitter strips newlines**: the SOP tier-check script's clause splitter now correctly preserves newlines, fixing every `tier:low` PR CI failure. (`molecule-core` [#243](https://git.moleculesai.app/molecule-ai/molecule-core/pull/243))
- **SOP tier-check APPROVER_TEAMS pattern matching**: outer quotes removed from case patterns in `APPROVER_TEAMS` matching logic, fixing approval team resolution. (`molecule-core` [#231](https://git.moleculesai.app/molecule-ai/molecule-core/pull/231))
- **CI port `publish-workspace-server-image.yml` to `.gitea/workflows/`**: `publish-workspace-server-image.yml` migrated from `.github/workflows/` to `.gitea/workflows/` for Gitea Actions parity. (`molecule-core` [#237](https://git.moleculesai.app/molecule-ai/molecule-core/pull/237))
- **CI port `publish-runtime.yml` to `.gitea/workflows/`**: `publish-runtime.yml` migrated from `.github/workflows/` to `.gitea/workflows/` for Gitea Actions parity. (`molecule-core` [#211](https://git.moleculesai.app/molecule-ai/molecule-core/pull/211))
- **Docker base image digests pinned**: base image digests pinned in all Dockerfiles to ensure reproducible builds and prevent unexpected base image updates. (`molecule-core` [#199](https://git.moleculesai.app/molecule-ai/molecule-core/pull/199))
- **KeyboardShortcutsDialog corrected**: keyboard shortcuts dialog text corrected and min-clamp test expectations fixed. (`molecule-core` [#200](https://git.moleculesai.app/molecule-ai/molecule-core/pull/200))
### 📚 Docs
- **Canvas known issues section cleaned up**: duplicate entries removed from known issues; pre-commit action link fixed. (`molecule-core` [#202](https://git.moleculesai.app/molecule-ai/molecule-core/pull/202))
- **Canvas controls section corrected**: Canvas Controls section corrected to reflect current keyboard navigation and MiniMap state. (`molecule-core` [#201](https://git.moleculesai.app/molecule-ai/molecule-core/pull/201))
### 🧹 Internal
- **SOP tier-check AND-composition of required team approvals per tier**: tier-check now enforces AND-composition of required team approvals per tier (`tier:high`). (`molecule-core` [#225](https://git.moleculesai.app/molecule-ai/molecule-core/pull/225))
- **Canvas structural tests for TIER_CONFIG and COMM_TYPE_LABELS**: structural tests added for canvas TIER_CONFIG and COMM_TYPE_LABELS constants. (`molecule-core` [#245](https://git.moleculesai.app/molecule-ai/molecule-core/pull/245))
## 2026-05-09
### ✨ New features
- **Keyboard-accessible canvas node resize**: Cmd/Ctrl+Arrow keys now resize canvas nodes in the topology view, satisfying WCAG AA keyboard navigation requirements. (`molecule-core` [#192](https://git.moleculesai.app/molecule-ai/molecule-core/pull/192))
- **Keyboard-accessible edge anchors**: Enter/Space on an edge now selects the anchor for keyboard-based topology editing. (`molecule-core` [#190](https://git.moleculesai.app/molecule-ai/molecule-core/pull/190))
### 🔧 Fixes
- **Handlers auto-restart workspace after file write/delete/replace**: file mutations via the Canvas editor now correctly trigger workspace restart, ensuring the agent picks up the new file state without manual intervention. (`molecule-core` [#188](https://git.moleculesai.app/molecule-ai/molecule-core/pull/188))
- **CI `gh api` → Gitea API migration**: all GitHub Actions `gh api` calls replaced with Gitea-compatible alternatives — CI now runs cleanly in Gitea Actions without GitHub dependency. (`molecule-core` [#191](https://git.moleculesai.app/molecule-ai/molecule-core/pull/191))
- **WCAG AA contrast fix + KeyboardShortcutsDialog improvements**: toolbar contrast ratios corrected for WCAG AA compliance; keyboard shortcuts dialog now scrolls properly on small viewports. (`molecule-core` [#198](https://git.moleculesai.app/molecule-ai/molecule-core/pull/198))
### 📚 Docs
- **Canvas accessibility audit — all gaps now closed**: the accessibility audit doc updated to reflect fully closed status. (`molecule-core` [#197](https://git.moleculesai.app/molecule-ai/molecule-core/pull/197))
- **Canvas controls section corrected**: keyboard accessibility and MiniMap presence now correctly documented. (`molecule-core` [#201](https://git.moleculesai.app/molecule-ai/molecule-core/pull/201))
- **Stale audit doc text fixed**: stale text from PR #182 corrected in canvas audit documentation. (`molecule-core` [#187](https://git.moleculesai.app/molecule-ai/molecule-core/pull/187))
### 🧹 Internal
- **gh-identity module path migration**: `github.com/Molecule-AI/gh-identity` imports migrated to `git.moleculesai.app/molecule-ai/gh-identity` across all workspace templates. (`molecule-core` [#189](https://git.moleculesai.app/molecule-ai/molecule-core/pull/189))
- **Pending uploads test isolation fix**: sweeper test isolation corrected — eliminates cross-test pollution in CI. (`molecule-core` [#185](https://git.moleculesai.app/molecule-ai/molecule-core/pull/185))
- **Poll error counter to 0 before assert**: RecordsMetricsOnSuccess now polls error counter to 0 before asserting, eliminating flaky E2E test failures. (`molecule-core` [#194](https://git.moleculesai.app/molecule-ai/molecule-core/pull/194))
---
## 2026-05-08
### 🔧 Fixes
- **molecule-app CI testTimeout bumped to 20s**: vitest `testTimeout` increased to 20 s to handle shared act_runner load on the molecule-app repo. (`molecule-app` [#4](https://git.moleculesai.app/molecule-ai/molecule-app/pull/4))
- **molecule-app drops staging branch — trunk-based migration**: first repo of the trunk-based development migration; staging branch removed. (`molecule-app` [#3](https://git.moleculesai.app/molecule-ai/molecule-app/pull/3))
- **docs CI switches to ubuntu-latest**: docs repo CI now uses `ubuntu-latest` now that the repo is public. (`docs` [#4](https://git.moleculesai.app/molecule-ai/docs/pull/4))
---
## 2026-05-07
### 📚 Docs
- **Install guide — GitHub.com refs → Gitea**: all active `github.com/Molecule-AI` references migrated to `git.moleculesai.app/molecule-ai` in the installation docs. (`docs` [#1](https://git.moleculesai.app/molecule-ai/docs/pull/1))
- **Website github.com → Gitea link migration**: `molecules-market` website links updated to point at Gitea. (`landingpage` [#3](https://git.moleculesai.app/molecule-ai/landingpage/pull/3))
- **molecule-monorepo → molecule-core rename (Phase 4)**: landingpage follow-up renaming of `molecule-monorepo` to `molecule-core` in all cross-repo references. (`landingpage` [#4](https://git.moleculesai.app/molecule-ai/landingpage/pull/4))
- **CI lowercase 'molecule-ai/' in cross-repo workflow refs**: cross-repo workflow references now consistently lowercase for Gitea Actions compatibility. (`landingpage` [#2](https://git.moleculesai.app/molecule-ai/landingpage/pull/2))
- **Market Purchase button on tier cards**: demo Mock #1 — Purchase button now appears on tier cards in the molecules-market. (`landingpage` [#5](https://git.moleculesai.app/molecule-ai/landingpage/pull/5))
### 🔧 Fixes
- **molecule-app runs-on ubuntu-latest**: Hetzner runner labels post-suspension; CI now uses `ubuntu-latest`. (`molecule-app` [#1](https://git.moleculesai.app/molecule-ai/molecule-app/pull/1))
- **molecule-app GitHub → Gitea URL migration**: all `github.com/Molecule-AI` references migrated to `git.moleculesai.app/molecule-ai` in molecule-app. (`molecule-app` [#2](https://git.moleculesai.app/molecule-ai/molecule-app/pull/2))
- **docs GitHub → Gitea URL migration**: `github.com/Molecule-AI` references migrated to Gitea across docs repo. (`docs` [#3](https://git.moleculesai.app/molecule-ai/docs/pull/3))
---
## 2026-05-06
### 🧹 Internal
- **molecule-core org-wide Gitea URL migration**: all `github.com/Molecule-AI` references migrated to `git.moleculesai.app/molecule-ai` across all repos in the org. (`molecule-core`)
- **Hetzner act-runner suspension**: CI runners updated to use `ubuntu-latest` labels following Hetzner act-runner suspension. (`molecule-app` [#1](https://git.moleculesai.app/molecule-ai/molecule-app/pull/1))
---
## 2026-04-22
### ✨ New features
#### Workspace model propagation — hermes MiniMax flow
Customer selects `model=minimax/MiniMax-M2.7-highspeed` in Canvas → the model and
API key now propagate correctly into the runtime environment instead of being dropped
on the floor at provisioning time. Works for hermes workspaces in both hosted SaaS
and self-hosted EC2 deployments.
(`molecule-core` [#1685](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1685))
#### EC2 Instance Connect Endpoint — one-click shell from Canvas
Canvas Terminal tab now uses AWS EC2 Instance Connect Endpoint to open a PTY inside
any workspace EC2 instance — no SSH keys to manage, no IP to copy, no security group
rules to configure. IAM policy gates access, STS pushes a short-lived key that
auto-expires, and every tunnel open is recorded in CloudTrail.
See the [EC2 Instance Connect guide](/docs/infra/workspace-terminal).
(`molecule-core` [#1554](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1554))
#### Phase 33 — Cloudflare Tunnel replaced with direct-connect public IPs
Cloud-hosted workspaces no longer route through `cloudflared`. Each workspace gets
its own public IP from the VPC subnet and connects directly to the platform over
TLS on port 443. Reduces latency by ~2040 ms (region-dependent), removes the
Cloudflare egress cost dependency, and enables direct `curl` debugging without
the tunnel path.
See the [migration blog post](/blog/cloudflare-tunnel-migration).
(`molecule-core` [#1612](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1612))
### 🔒 Security
- **F1085 deleteViaEphemeral**: `rm` scope restricted to `/configs` volume only —
prevents deletion of application code or workspace files if the exec form is
exploited. Applied to both `main` and `staging`. (`molecule-core` [#1682](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1682), [#1616](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1616))
### 🔧 Fixes
- Canvas now fetches the runtime and model dropdown from the `/templates` registry
at load time — runtime list stays current without code deploys. (`molecule-core` [#1666](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1666))
- Canvas accessibility: `aria-hidden` correctly applied to decorative SVGs;
`MissingKeysModal` now uses correct dialog semantics and manages focus. (`molecule-core` [#1594](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1594))
- Provisioner pulls workspace template images from GHCR instead of Docker Hub
for faster cold starts and reduced third-party dependency. (`molecule-core` [#1624](https://git.moleculesai.app/molecule-ai/molecule-core/pull/1624))
- Shared runtime heartbeat no longer leaves workspaces in a phantom-busy state after
task completion. (`molecule-ai-workspace-runtime` [#37](https://git.moleculesai.app/molecule-ai/molecule-ai-workspace-runtime/pull/37))
### 📚 Docs
- **MCP server structured logging**: `LOG_LEVEL` env var (`trace`/`debug`/`info`/`warn`/`error`/`fatal`),
pino JSON output in production, pretty-print in development, AsyncLocalStorage
context on every log entry (tool name, request ID, workspace ID). (`docs` [#78](https://git.moleculesai.app/molecule-ai/docs/pull/78))
- **molecli shell completion**: tab completion for `molecule` CLI in bash, zsh, fish,
and PowerShell — covers all subcommands and flags. (`docs` [#79](https://git.moleculesai.app/molecule-ai/docs/pull/79))
### 🧹 Internal
- 34 internal changes across `molecule-core`, `molecule-ci`, and template repos:
CI workflow migration to `ubuntu-latest`, security patch backports (CWE-22/CWE-78),
Go build fixes, canvas Dockerfile GID fix, Go linter upgrades, duplicate-symbol
resolution, and reusable `publish-template-image` workflow for all workspace template
repos. (`molecule-core`, `molecule-ci`)
---
## 2026-04-17
A high-velocity day: 80+ PRs merged across platform, canvas, runtimes, security, and channels.
### ✨ New features
#### opencode Integration — MCP bridge for AI coding agents
Connect [opencode](https://opencode.ai) to any Molecule AI workspace over a
standard `Authorization: Bearer` remote MCP connection. opencode gains the full
A2A tool surface (`delegate_task`, `list_peers`, `recall_memory`, and more)
via two transports: Streamable HTTP (`POST /workspaces/:id/mcp`) and SSE
(backwards-compat `GET /workspaces/:id/mcp/stream`). Rate-limited to 120 req/min
per token. See the [opencode Integration guide](/docs/opencode).
(#840, #842)
#### Slack — per-agent identity with Bot Token mode
The Slack channel adapter now supports dual-mode outbound: **Bot Token** (new,
recommended) and Incoming Webhook (legacy, unchanged). With a `bot_token` each
workspace posts under its own display name and icon via `chat:write.customize`.
Markdown is automatically converted to Slack `mrkdwn` format.
See [Channels](/docs/channels).
(#844, #851)
#### AG-UI compatible SSE endpoint
New `GET /workspaces/:id/events` endpoint streams agent events as AG-UI
compatible Server-Sent Events. Enables AG-UI frontend integrations to subscribe
to live workspace activity without polling.
(#601)
#### A2A topology overlay on the canvas
The canvas now renders a live A2A topology overlay — every workspace as a node,
every in-flight delegation as an animated directed edge. Zoom to team, click any
edge to inspect the task payload.
(#751)
#### Audit trail visualisation panel
A new audit trail panel in the canvas surfaces the HMAC-SHA256 immutable event
log per workspace — every task received, LLM call, and completion in
chronological order with chain-of-custody verification.
(#651, #759)
#### Workspace hibernation — auto-pause idle workspaces
Workspaces that receive no tasks for `HIBERNATION_IDLE_MINUTES` (default: 30)
are automatically hibernated (containers paused, resources freed). They
auto-wake on the next inbound task with full state restored. Manage via
`POST /workspaces/:id/hibernate` and `POST /workspaces/:id/wake`.
See [API Reference](/docs/api-reference).
(#724)
#### Temporal workflow checkpoints — step-level persistence
Workspace templates now persist intermediate workflow steps to the database.
On container restart (crash, deploy, hibernate/wake) the workspace resumes from
the last completed step rather than restarting the whole task. Step endpoints
documented in the [API Reference](/docs/api-reference).
(#797, #803)
#### Semantic memory search
Agent memory is now vector-indexed via pgvector. `recall_memory` accepts an
optional `?q=` parameter for semantic (embedding) search in addition to exact
keyword match. Nearest-neighbour results are ranked by cosine similarity and
colour-coded in the canvas Memory Inspector.
(#784, #787)
#### Memory Inspector panel
A new canvas panel lets you browse, search, and inspect all `LOCAL` and `TEAM`
memory keys for any workspace — live, without leaving the canvas.
(#738)
#### Hermes — stacked system messages
The Hermes runtime now accepts a `system_blocks` list: each block (persona,
tools, reasoning policy) is merged in order rather than overwriting the previous
system prompt. Enables persona stacking for complex multi-role workflows.
See [API Reference](/docs/api-reference) → Runtimes section.
(#655, #798)
#### Hermes — native `tools` parameter
Hermes passes tools to the model via the native `tools=[]` API parameter instead
of text-in-prompt injection. Structured tool definitions, better token efficiency,
and full compatibility with Nous/Hermes-3 tool call format.
(#644)
#### Hermes — structured output (`response_format`)
`response_format=json_schema` is now wired through to the model. Hermes
workspaces can request strict JSON output against a defined schema.
(#645)
#### AGENTS.md auto-generation
Platform workspaces now auto-generate an `AGENTS.md` file in the workspace
container at boot. The file lists all peer workspaces visible to this workspace,
their roles, and their capabilities — giving LLMs automatic context about the
org topology without manual prompt engineering.
(#763)
#### Discord channel adapter
A new Discord adapter joins Telegram, Slack, and Lark. Configure with a
`bot_token` and `channel_id` to send and receive messages on Discord.
(#656)
#### Per-workspace budget limits
Set a `budget_limit` (USD) on any workspace. The A2A executor enforces the limit
at task dispatch — tasks that would exceed the monthly cap are rejected with a
`429 Budget Exceeded` error. Configure via `PATCH /workspaces/:id`.
(#611, #606)
#### Per-workspace token metrics
`GET /workspaces/:id/metrics` returns token counts (input, output, cache read/write)
aggregated over rolling 1-hour and 30-day windows. Live usage is displayed in the
canvas WorkspaceUsage panel.
(#602, #627)
#### Claude Opus 4.7 — effort levels and task budget
Workspace config now exposes `effort` (`low` / `medium` / `high` / `xhigh` /
`max`) and `task_budget` (token ceiling) for Anthropic Claude workspaces.
`xhigh` and `max` activate extended thinking (Opus 4.7+ only). Configure in the
Canvas Config tab or via `PATCH /workspaces/:id`.
(#639, #654, #669)
#### Plugin supply-chain hardening
All plugin refs must now be pinned (no `latest`, no floating branches). Unpinned
refs are blocked at load time unless `PLUGIN_ALLOW_UNPINNED=true`. SHA-256
integrity checking available for plugin archives.
(#775)
#### Org-level plugin governance registry
A new per-org allowlist controls which plugins workspaces in that org are
permitted to load. Managed via `POST/DELETE /admin/orgs/:orgId/plugins/allowlist`.
(#610)
#### Schedule health endpoint
`GET /admin/schedules/health` returns cross-workspace cron health: last-fired,
next-scheduled, consecutive-empty count, and phantom detection status for every
schedule in the org.
(#671, #796)
#### Fly Machines provisioner
The platform now supports `PROVISIONER=flyio` — workspaces are provisioned as
Fly Machines instead of Docker containers or EC2 instances. See the
[self-hosting guide](/docs/self-hosting).
(#578 — docs PR #7)
### 🔒 Security
- **Auth hardening** — PATCH `/workspaces/:id` now requires ownership
validation; UUID fields are validated before DB queries; input lengths bounded
across all handlers. (#692, #701)
- **Admin token isolation** — `AdminAuth` middleware correctly rejects workspace
bearer tokens when `ADMIN_TOKEN` is set, preventing privilege escalation from
workspace token → admin. (#684, #729)
- **Metrics route auth** — `GET /workspaces/:id/metrics` now requires workspace
bearer token; previously it was unauthenticated. (#696)
- **X-Workspace-ID forgery** — Requests spoofing the `system-caller/` prefix in
`X-Workspace-ID` headers are rejected. (#766)
- **GLOBAL memory injection safeguards** — `commit_memory` with `scope: GLOBAL`
now validates content for prompt injection patterns before persisting. (#769)
- **Security headers** — `X-Content-Type-Options: nosniff` and
`X-Frame-Options: DENY` added to all API responses. (#629)
- **Token revocation hardening** — Revoked tokens are purged from the in-memory
cache within 60s; previously the cache could serve revoked tokens until TTL
expiry. (#696)
- **MCP server** — npm version pinned; `-y` flag removed from install commands.
(SAFE-MCP NEW-003, #808 — docs PR #18)
- **Canvas test-token endpoint** — gated behind `AdminAuth` and removed from
general router. (#612, #708)
### 🔧 Fixes
- Fixed `POST /workspaces` not persisting the secrets envelope on create. (#568)
- Fixed self-delegation deadlock when a workspace delegates to itself. (#570)
- Fixed GitHub installation token expiry — tokens now refresh automatically before
expiry rather than failing mid-operation. (#567)
- Fixed `TenantGuard` same-origin bypass for EC2 tenant Canvas. (#584)
- Fixed pgvector migration to wrap in `DO` block, eliminating E2E CI failures
from duplicate extension install. (#843, #670, #636)
- Fixed scheduler dropping schedules with `NULL next_run_at` permanently. (#728)
- Fixed `ValidateToken` not checking `removed` workspace status, allowing tokens
for deleted workspaces to authenticate. (#719)
- Fixed canvas hydration error UI, radio keyboard nav, and zoom-to-team
shortcut. (#565)
- Fixed canvas UX: error handling, accessibility, loading state. (#587)
- Fixed canvas deploy preflight to require env keys for Hermes and Gemini CLI
runtimes. (#588)
- Fixed budget/spend counters capping before DB upsert to prevent NUMERIC
overflow. (#630, #634)
- Fixed pgvector TEXT→UUID FK type mismatch in migrations 028 and 031 that
blocked all E2E runs. (#646, #670, #843)
- Fixed duplicate hook firings (34×) in `dedup_settings_hooks`. (#551, #597)
- Accessibility fixes: keyboard access on `TeamMemberChip`, `role=alert` on
status banners, close button label, `ProvisioningTimeout` modal. (#841)
### 📚 Docs
- Google ADK runtime — added hands-on Quickstart section. (docs PR #8)
- Hermes — full runtime reference page. (docs PR #9)
- AGENTS.md — auto-generation documented in concepts. (docs PR #10)
- Semantic memory search — `?q=` param documented in API reference. (docs PR #11)
- Canvas A2A topology overlay + audit trail panel. (docs PR #12)
- molecule-medo plugin — opt-in platform plugin page. (docs PR #13)
- Workspace hibernation — status lifecycle, endpoints, auto-wake behaviour. (docs PR #14)
- molecule-audit-ledger — HMAC chain, `/audit` endpoint, `LedgerHooks`, CLI. (docs PR #15)
- Hermes stacked system messages — `system_blocks` kwarg. (docs PR #16)
- Plugin supply chain security — pinned refs required, SHA-256 integrity. (docs PR #17)
- SAFE-MCP audit report 2026-04-17. (docs PR #18)
- Temporal workflow checkpoints — step endpoints, auto-resume behaviour. (docs PR #19)
---
_Changelog entries are compiled by the [Documentation Specialist](https://github.com/Molecule-AI) from all merged pull requests for the day. Times are UTC._
Reference in New Issue View Git Blame Copy Permalink