New
- Marketplace imports. Agents, commands and bundles install into a project in one click. The detail view now shows what a listing actually contains — bundle contents, capability badges, type-aware copy — before you add it.
- Groups and custom roles on every plan. Previously limited by tier; now available to all accounts.
- Answer permission prompts from the CLI. Sessions that pause for approval can be resolved without leaving the terminal.
- One-click Slack connect via
kortix channels connect— no manual app setup. - Review center approvals. Approve and deny executor requests for real, with change descriptions rendered as markdown.
- OAuth1 connectors for OpenAPI and HTTP.
- Always-bound project CLI.
loginbinds a default project; unbound commands recover interactively instead of failing.
Improved
kortix.tomlis nowkortix.yaml(TOML stays supported as v1 legacy), with format-aware manifest errors and agent-scope/trigger-path parity.- Destructive actions are confirm-gated: deleting secrets, revoking gateway keys, deleting sandbox templates and sessions, archiving projects.
- Loading states unified across the app; onboarding moves Skip into the footer per step.
- Upgrades are surfaced with an accent card and a Recommended badge.
- A complete IAM administrator's guide: SSO/SAML, SCIM, roles, groups, custom roles, agents, audit.
Fixed
- Sessions on projects pinned to the Platinum sandbox provider could not start. Production's
sandbox_providertype was missing theplatinumvalue, so every session create failed at the database. The value is now added; a sandbox that fails to start also raises properly so provisioning retries. - Retry build / Fix with agent works again, snapshot quota cleanup can fire, and the prewarm cache is bounded with an alarm when cleanup falls behind.
- Permission leaks closed. Project detail sections are filtered by read capability, previously ungated project endpoints now check their capability leaf, member management gates on the leaf rather than a broad write floor, and viewers no longer see error toasts for surfaces they cannot read. Read-only users get a degraded view instead of a broken one, and the floor member role can fire triggers again.
- Service-account bearer tokens are accepted wherever user tokens are.
- Unknown CLI commands now error with a suggestion instead of silently scaffolding a project named after the typo.
- The model picker updates immediately after connecting a provider, and setup links render as clean CTA chips rather than raw token URLs.
- Resolved high-severity CodeQL findings (ReDoS, temp-file handling, TOCTOU, CLI opener).
- Rename dialogs no longer close mid-save; sessions and projects show honest error, empty and retry states.
What's Changed
- chore(release): VERSION → 0.9.100 [skip ci] by @github-actions[bot] in #4281
- fix(web): model picker updates instantly after connecting a provider by @markokraemer in #4283
- chore(dev-eks): deploy dev-bf518cc0 [skip ci] by @github-actions[bot] in #4284
- refactor(web): onboarding wizard — per-step Skip in the footer by @markokraemer in #4285
- fix(platinum): create throws on terminal failed-start so provision retries by @kubet in #4289
- refactor(web): unify loading states into a single consistent loader by @sutharjay1 in #4287
- chore(dev-eks): deploy gateway dev-763ed695 [skip ci] by @github-actions[bot] in #4290
- chore(dev-eks): deploy dev-763ed695 [skip ci] by @github-actions[bot] in #4291
- chore: remove the stale root .kortix dogfood project by @markokraemer in #4294
- chore(dev-eks): deploy dev-b7b37eaa [skip ci] by @github-actions[bot] in #4296
- feat(executor): oauth1 auth type for openapi/http connectors by @markokraemer in #4301
- chore(dev-eks): deploy dev-e1f0bcd8 [skip ci] by @github-actions[bot] in #4304
- fix(cli): unknown commands error instead of scaffolding a project named after the typo by @markokraemer in #4292
- docs(specs): one Kortix token + CLI-centric platform plan by @markokraemer in #4295
- fix(api): combinedAuth accepts service-account bearers, matching supabaseAuth by @markokraemer in #4298
- docs(specs): AGI as API — one resource catalog projected as REST/CLI/MCP by @markokraemer in #4300
- feat(cli): always-bound project UX — login binds a default project, unbound commands recover by @markokraemer in #4297
- chore(dev-eks): deploy dev-e15d5235 [skip ci] by @github-actions[bot] in #4307
- feat(cli): answer session permission asks and questions from the CLI by @markokraemer in #4305
- feat(cli): one-click Slack connect — kortix channels connect prints the install link by @markokraemer in #4302
- fix(web): setup links render as clean CTA chips, never raw token URLs by @markokraemer in #4306
- refactor: sweep kortix.toml → kortix.yaml (TOML kept only as v1 legacy) by @markokraemer in #4310
- chore(dev-eks): deploy dev-c2413419 [skip ci] by @github-actions[bot] in #4311
- fix(security): resolve CodeQL high-severity alerts (ReDoS, temp-file, TOCTOU, CLI opener) by @markokraemer in #4313
- chore(dev-eks): deploy gateway dev-aa10200f [skip ci] by @github-actions[bot] in #4314
- chore(dev-eks): deploy dev-aa10200f [skip ci] by @github-actions[bot] in #4316
- chore(security): gitleaks-ignore the published X OAuth1 doc test vectors by @markokraemer in #4315
- fix(iam): gate ungated project endpoints on their capability leaves by @Ino-Bagaric in #4279
- fix(iam): members.manage routes gate on the leaf, not a project.write floor by @Ino-Bagaric in #4275
- chore(dev-eks): deploy dev-615075e8 [skip ci] by @github-actions[bot] in #4317
- fix(iam): filter GET /detail sections by read capability, don't leak them by @Ino-Bagaric in #4282
- chore(dev-eks): deploy dev-c5237bfc [skip ci] by @github-actions[bot] in #4319
- fix(snapshots): unbreak Retry build / Fix with agent, and make quota GC able to fire by @markokraemer in #4320
- chore(dev-eks): deploy dev-60572652 [skip ci] by @github-actions[bot] in #4321
- fix(config): YAML (v2) manifest parity — agent-scope, trigger paths, format-aware errors by @Ino-Bagaric in #4323
- chore(dev-eks): deploy dev-cb059309 [skip ci] by @github-actions[bot] in #4324
- feat(web): highlight available upgrades — accent card + Recommended badge by @Ino-Bagaric in #4318
- feat(iam): groups + custom roles available on every tier by @Ino-Bagaric in #4326
- chore(dev-eks): deploy dev-3468e086 [skip ci] by @github-actions[bot] in #4327
- feat(marketplace): surface agents, commands & bundles as 1-click imports by @Ino-Bagaric in #4322
- feat(web): UX & functionality improvements — marketplace, review center, customize, projects/sessions by @Ino-Bagaric in #4325
- feat(review-center): render markdown change descriptions properly by @Ino-Bagaric in #4329
- fix(web): customize sections visible per read leaf + read-only-safe for all roles by @Ino-Bagaric in #4328
- feat(review-center): render markdown change descriptions properly by @Ino-Bagaric in #4331
- fix(iam): no permission-error toasts for surfaces the viewer cannot read by @Ino-Bagaric in #4330
- fix(web): confirm dialog before secret delete and gateway key revoke by @Ino-Bagaric in #4332
- fix(snapshots): bound the ppwarm cache, and alarm when GC can't keep up by @markokraemer in #4336
- chore(dev-eks): deploy dev-1a0b95ad [skip ci] by @github-actions[bot] in #4337
- docs(iam): complete administrator's guide — SSO/SAML, SCIM, roles, groups, custom roles, agents, audit by @Ino-Bagaric in #4334
- chore(dev-eks): deploy dev-1c40ba54 [skip ci] by @github-actions[bot] in #4339
- fix(iam-web): audit export 404 + make the guide's affordances real by @Ino-Bagaric in #4341
- chore(dev-eks): deploy dev-4f55e3cc [skip ci] by @github-actions[bot] in #4345
Full Changelog: v0.9.99...v0.9.100