v2026.427.0

Released: 2026-04-27

Highlights

• Multi-user access and invite flows — Paperclip can now run as a shared, authenticated control plane. Real human identities, company memberships, invite creation/landing, onboarding, profile settings, and company-scoped access controls are first-class while keeping the local-first single-operator path intact. (#3784)
• Structured issue-thread interactions — Agents can now post structured proposals into the thread: suggested tasks, multi-question forms, and request-for-confirmation cards. The board renders them as interactive cards with accept/reject/answer flows, idempotency keys, and resumable agent continuations. Plan approvals and yes/no decisions are now explicit, auditable, and replayable without leaving the issue. (#4244, #4381)
• Run liveness continuations and runtime lifecycle recovery — Heartbeat runs now record liveness state, next-action hints, and continuation attempts so long or interrupted work can resume with full context. A new active-run watchdog plus runtime lifecycle recovery surfaces silent runs, covered-blocker chains, and stalled in-review leaves with operator-visible recovery decisions. (#4083, #4419, #4209)
• Sub-issues as a workflow checklist — Ordered sub-issues now render as a dependency-aware progress checklist with current-step affordances, blocker context, and de-emphasized done items, replacing the flat table presentation. (#4523, #4588)
• Issue subtree pause, cancel, and restore — Board operators can now hold, cancel, or restore a whole issue subtree from the issue detail. Holds are durable, dependency-aware, and keep descendant execution and wake behavior coherent. (#4332)
• First-class issue references — Mentions of PAP-123-style ticket ids in issue text, comments, and documents now persist as durable reference relationships. The board surfaces backlinks, queryable cross-issue context, and an idempotent backfill for existing content. (#4214)

Beta Features

• BETA Environments and pluggable sandbox providers — Heartbeat runs now execute against a first-class Environment record with lease lifecycle tracking. Local, SSH-backed remote, and sandboxed execution targets are all supported, and providers are pluggable via a generic plugin contract. The new @paperclipai/plugin-e2b package ships as the reference third-party sandbox provider. (#4297, #4358, #4415, #4449, #4452)

Improvements

• Configurable liveness auto-recovery — New instance settings let operators keep liveness findings advisory or enable bounded auto-recovery with explicit minimum interval and lookback windows. (#4587)
• Heartbeat scheduling is blocker-aware — The scheduler now respects blockedByIssueIds graphs and avoids waking dependents until their blockers resolve. (#4157)
• Cancel stale queued and scheduled work on graph changes — Queued heartbeats are gated at claim time and cancelled when the issue assignee, status, or review participant moves on. Scheduled retries are cancelled on ownership changes or explicit issue cancellation. (#4445, #4534, #4234)
• Plugin orchestration host APIs — Plugins can now request namespaced databases, register orchestration hosts, and expose richer APIs to the control plane. (#4114)
• paperclip-dev skill — A new opt-in paperclip-dev skill ships with Paperclip covering server lifecycle, worktrees, builds, database ops, and diagnostics. Includes open-source hygiene and "push feature branches to a user fork" guidance. (#3854, #4541, #4572)
• Reusable agent hiring templates — The create-agent skill is split into focused per-role instruction files, with an improved agent instructions pane layout. (#4124, #4422)
• User profile page and access cleanup — First user profile surface for activity and cost attribution, with safer member removal, archived-member cleanup, and tighter permission protection. (#4088)
• Backup endpoint and dev runtime hardening — Manual backup HTTP endpoint, improved backup streaming, less noisy dev output, safer instance isolation, and quieter static UI logging. (#4087)
• Workspace and runtime UI polish — Better workspace navigation, runtime state surfaces, dashboard run activity charts, mobile org chart navigation, and respect for manual workspace runtime controls. (#4089, #4090, #4125, #4126, #4127)
• Issue composer and document polish — Long document display, issue composer affordances, board workflow polish, and refined markdown issue-reference rendering. (#4224, #4382, #4420, #4447)
• Faster company skill detail loading — Skill detail pages now hydrate noticeably faster. (#4380)
• Codex transient recovery and model refresh — Better handling of transient Codex errors and refreshed model list. (#4383)
• Heartbeat runtime cleanup and scheduling controls — Tighter teardown of heartbeat runtimes, better scheduling controls, and improved agent runtime recovery/governance. (#4086, #4223, #4233)
• Comprehensive UI Storybook coverage — Expanded Storybook stories across the UI for design review and visual regression. (#4132)
• Sandbox dynamic adapter UI parsers — Adapter UI transcript parsers now run inside a sandboxed evaluator for safer plugin loading. (#4225)
• Normalized escaped multiline text — Issue and approval text with escaped multiline content is normalized on storage so paragraph breaks survive. (#4444)
• Gate stale-run watchdog decisions by board access — Auto-recovery decisions only apply where the actor has board access, avoiding cross-company noise. (#4446)
• Claude local adapter: Opus 4.7 — Added Claude Opus 4.7 to the model dropdown. (#3828, @GodsBoy)
• Public roadmap and contribution policy — Added a public roadmap and updated the feature-PR contribution policy. (#3835)
• README architecture systems — New README documentation walking through the major systems in the codebase. (#4250)
• AWS ECS Fargate deployment runbook — End-to-end deployment guide for running Paperclip on ECS Fargate. (#3897, @neerazz)
• Structured agent mentions in paperclip skill — Skill comments now use structured [@Name](agent://id) mentions instead of raw @Name strings. (#4103, @aronprins)
• First-class security agent role — Added a dedicated security agent role to the taxonomy with route coverage and regression tests so security responsibilities can be modeled explicitly in the org chart. (#4532, #4586, #4589)

Fixes

• Disappearing issue comments — Fixed comments occasionally disappearing from the issue thread. (#4557)
• External issue URL rewriting in markdown — Fixed external issue URLs being incorrectly rewritten in rendered markdown. (#4558)
• publicBaseUrl port handling — Tightened publicBaseUrl port rewriting and trust allowed hostname port variants on the detected listen port so reverse-proxied auth flows resolve correctly. (#4553, #4554)
• CEO $AGENT_HOME paths — Fixed $AGENT_HOME references in CEO onboarding instructions and centralized workspace env propagation. (#4551)
• External adapter hot-install — resolveExternalAdapterRegistration now applies on hot-install and the adapter registry honors module-provided sessionManagement for external adapters. (#4324, #4296, @superbiche)
• pi-local skill bin PATH — The Pi local adapter now prepends installed skill bin/ directories to the child process PATH. (#4331, @SgtPooki)
• Hermes adapter regressions — Honor Hermes local command override, stop advertising unsupported instructions bundles, inject the agent JWT for proper identity attribution, and add hermes_local to the sessioned local adapters allow-list. (#3503, @NoronhaH; #3908, @LeonSGP43; #3608, @rvanduiven; #3561, @akhater)
• Production Docker image — Added ssh client and jq to the production image; fixed gh installation in the Docker build. (#3826, @rbarinov; #3844)
• Stale execution run locks — Fixed stale issue execution run locks lingering after failed runs. (#4258)
• Stale queued comment targets — Cleared stale queued comment targets when the underlying thread state changes. (#4234)
• Release packaging for standalone packages — Fixed release packaging for standalone publishable packages so plugin packages publish cleanly. (#4494)
• Terminal-result adapter process groups — Cleaned up terminal-result adapter child process groups so orphaned processes are reaped. (#4129)
• CI flakiness — Stabilized serialized server route tests, isolated CLI company import e2e state, fixed flaky heartbeat recovery teardown, and stabilized local maintenance assets. (#4423, #4448, #4559, #4560)

Security

• API route authorization hardening — Tightened actor, company, and active-checkout boundary enforcement across the REST surface for company, agent, plugin, adapter, cost, invite, and issue mutation routes. Adds regression coverage for the audited routes. (#4122)

Upgrade Guide

Fourteen new database migrations (0057–0070) will run automatically on startup. They add:

• Deduped join requests (0057)
• Heartbeat run liveness, continuation tracking, and last-useful-action metadata (0058)
• Plugin database namespaces (0059)
• Issue reference mentions (0060)
• Heartbeat scheduled retry tracking (0061)
• Routine run dispatch fingerprint and origin-fingerprint uniqueness for routine-execution issues (0062)
• Issue thread interactions and idempotency index (0063, 0064)
• Environments and environment leases (0065)
• Issue tree holds for subtree pause/cancel/restore (0066)
• Agents' default environment foreign key (0067)
• Per-company unique local-driver environment index (0068)
• Liveness recovery dedupe indexes (0069)
• Active-run output watchdog metadata (0070)

All migrations are additive — no existing data is modified or removed.

If you previously ran sandbox execution against the in-tree provider, install @paperclipai/plugin-e2b (or your own provider plugin) to keep using sandboxed runtimes after upgrading. The generic provider plugin contract is documented alongside the new environments subsystem.

Contributors

Thank you to everyone who contributed to this release!

@akhater, @aronprins, @cryppadotta, @devinfoley, @GodsBoy, @LeonSGP43, @neerazz, @NoronhaH, @rbarinov, @rvanduiven, @SgtPooki, @superbiche