github paperclipai/paperclip v2026.512.0
on GitHub

latest release: canary/v2026.512.1-canary.0
5 hours ago

v2026.512.0

Released: 2026-05-12

Highlights

  • Planning mode for issue work — Issues now carry a standard / planning work mode across the database, validators, server flows, plugin protocol, adapter heartbeat payloads, and board UI. Operators can create planning-mode issues, see them clearly in rows and detail composers, and have the mode preserved through suggested follow-up issues. (#5353)
  • Full company search — A new /companies/:companyKey/search page and company-scoped search API span issues, documents, agents, projects, comments, and activity, with rate limiting, fuzzy title matching, indexed document matching, highlighted snippets, recent searches, and Command-K handoff. (#5293)
  • Routine revision history with restore — Routines now keep an append-only revision log with a History tab on routine detail. Operators can preview prior revisions, see structured change summaries, diff descriptions, restore older definitions safely, and recover webhook secrets after restore. (#5285)
  • Successful-run handoff and system notices — When an agent run ends productively but the issue still needs a final disposition, the recovery service now opens an explicit handoff with first-class system notices rendered in the issue thread, so operators can see exactly why a run paused, escalated, or closed. (#5289)
  • Expanded plugin host surface — Plugins can now declare scoped database namespaces (with migration tracking), local project folders, managed agents, managed routines, scoped APIs, and reusable UI building blocks (file trees, resizable sidebars, route sidebars, managed-routine controls), all through documented contracts and validators. Follow-up host support landed for managed plugin skills and richer SDK types. (#5205, #5597)
  • LLM Wiki plugin package — Built on the new plugin host contracts, the @paperclip/plugin-llm-wiki package now ships in the monorepo with public entrypoints and Docker manifest coverage. (#5716)
  • Secrets provider vaults with remote import — Company secrets gain provider-vault configuration, AWS Secrets Manager remote-import preview/commit, binding usage tracking, access events, and rotation guards. The Secrets settings UI now exposes vault management and remote import, with CLI/API docs to match. (#5429)
  • Cursor cloud adapter — A new built-in cursor_cloud adapter drives Cursor's hosted-agent platform through @cursor/sdk, mapping Paperclip heartbeats to Cursor's durable-agent + per-run model with session reuse, streaming, and cancellation. (#5664)
  • ACPX local adapter — A new ACPX local adapter runtime can proxy Claude- and Codex-style execution with provider-aware model handling, a polished agent config form, and Storybook-covered model/provider behavior. (#4893, #5290)

Improvements

  • Workspace changes and stale notices in issue threads — Issue activity now includes readable workspace-change details and folds stale-disposition notices inline so they match activity-log styling and spacing. (#5356)
  • Shared sidebar section controls — A reusable SidebarSection component drives collapsible content, header actions, and dropdown menus, and the Agents/Projects sidebar sections gain persisted Top / Alphabetical / Recent sort modes with cross-tab update events. (#5585)
  • Operator sidebar and issue property polish — Issue property timestamps include time, the sidebar company menu supports edit-mode reordering, the workspace switcher rail and account menu stay aligned, and the sidebar search icon routes directly to the search page. (#5355, #5440)
  • Workspace switcher lives in the sidebar — The workspace switcher moved into the sidebar so operators can change workspaces without leaving the board. (#4981)
  • Operator workflow QoL — Inbox grows assignee/project grouping and token/runtime totals, issue properties get removable blocker chips and workspace task links, the workspace runtime layout adds an issues-tab default and stopped-port reuse, and the dashboard cleans up run task labels. Mobile markdown and routine dialogs got fixes alongside page titles, sidebar polish, and inline routine variable help. (#5291, #4701)
  • More operator task controls — Company skill source display and used-by agent lists are clearer, long skill source paths truncate with a copy affordance, the routines table gains a row-level run-now button, inbox issue groups get grouped creation defaults, and the issue monitor activity card handles ISO date strings correctly. (#5427)
  • Issue controls and retry-now recovery — Issue properties expose editable assignee model overrides, a scheduled retry retry-now path is wired through backend and UI (with a shared useRetryNowMutation hook), and suppression coverage now includes budget hard stops, review participant changes, subtree pauses, unresolved blockers, terminal issues, and company scoping. (#5426)
  • Assigned-backlog liveness — Assigned issue creation defaults to todo when status is omitted (explicit backlog parking still wins), and liveness/attention paths plus UI notices distinguish assigned-backlog blockers so they cannot silently stall. (#5428)
  • Hardened control-plane safety — Run-aware confirmation ordering and interrupted-run cleanup are corrected, agent-authored in_review updates require a real review path, and Cloud-tenant alphanumeric issue identifiers are recognized across shared parsing and server routes. (#5292, #5196)
  • Cloud tenant identity bootstrap — Adds the bootstrap path that backs Cloud tenant identity for self-hosted and Cloud deployments.
  • Issue thread scale and markdown polish — Long issue threads stay smooth and markdown rendering is tightened for the surfaces operators read most. (#4861)
  • Inbox nested issue UI polish — Nested issues in the inbox render more clearly and consistently. (#4959)
  • Workspace routine run tab — Each workspace now has a routine-run tab that shows recent runs for that workspace's routines. (#4958)
  • Live run comment context — Comments are surfaced alongside live run state so reviewers can see what was said while a run was active. (#4957)
  • Workflow interaction cancellation and cost summaries — Pending interactions can be cancelled cleanly and per-issue cost summaries surface rolled-up token/runtime spend. (#4862)
  • Cheap model profiles for local adapters — Local adapters can now select cheaper model profiles for low-stakes work like recovery follow-ups. (#4881)
  • Higher heartbeat concurrency by default — The agent heartbeat concurrency default is raised to keep the inbox flowing during busy periods. (#4954)
  • Issue monitor liveness controls — Issues can carry monitor schedule/state metadata so the control plane can wake the right assignee at the right cadence without polling. (#4988)
  • Issue comment presentation contract — Issue comments grow optional author_type, presentation, and metadata fields so system-authored notices render as first-class thread messages without overloading regular comments. (#5289)
  • Database backups cover non-system schemas — Database backup support now covers non-system schemas and is hardened against schema drift. (#4859, #4960)
  • Dedicated environment settings page — Environments get their own settings page with a test-in-environment flow so operators can validate adapters before assigning work. (#4798)
  • E2B plugin configuration UX — The E2B plugin gets a clearer configuration UX, longer-running execution support, and a default-template flag for example plugins. (#4802, #4901)
  • Sandbox callback bridge for remote envs — Remote execution targets now reach the host environment through a scoped callback bridge with serialization against concurrent heartbeats, env sanitization at the boundary, an expanded allowlist for the documented heartbeat surface, optional proxy logging via PAPERCLIP_BRIDGE_DEBUG, and SSH-environment-callback migration. (#4801, #5326, #5325, #5324, #5140, #5116)
  • Sandbox install/test surface — Per-adapter sandbox install commands flow through both the test and execute paths, sandbox providers can declare shell defaults, explicit-environment adapter tests run on the requested target instead of falling back to the host, and remote provisioning now consults a runtime command spec from the adapter. (#5280, #5277, #5141, #5114)
  • Polished board settings and skills workflow — Board settings and the skills assignment flow are smoother to navigate. (#4863)
  • Harder release flow — The internal release tooling now verifies registry state and dist-tag placement before promoting builds, with retry-on-lag for canary verification. (#4800, #4816, #5579)

Fixes

  • Codex CLI 0.122+ authentication — The Codex adapter now writes an apikey-mode auth.json into the managed Codex home (and per-run for the test probe) when OPENAI_API_KEY is configured, so configured keys authenticate correctly with Codex CLI 0.122+ across local, SSH, and sandbox targets. (#5276)
  • Gemini CLI v0.38 stream-json wire format — The server parser, UI parser, and CLI formatter accept v0.38's type=message/status/stats events while keeping the legacy shape working, restoring the parsed summary and SSH hello probe under current Gemini CLI builds. (#5273, #5143)
  • Stop leaking host environment into remote probes — SSH remote execution strips inherited host shell env, and the Pi and OpenCode SSH probes no longer pass host process.env through to the remote shell. (#5142, #5275, #5274)
  • OpenCode model selection and probes — OpenCode now uses explicit static/local-aware model selection and validates remote model probes on the execution target. (#5117, #5119)
  • Pi adapter session resume — The Pi adapter avoids resuming stale remote sessions instead of surfacing them as live work. (#5120)
  • Remote workspace environment shaping — Remote workspace environment shaping now produces the right env for downstream commands. (#5118)
  • SSH callback URL selection on LAN/private networks — The SSH callback now picks a URL the remote can reach when the host is on a LAN or private network. (#4799)
  • Harder remote workspace sync and restore — Workspace export uses a per-import unique ref, restore goes through a new snapshot-aware merge that only writes files the remote actually changed, and every adapter threads a pre-run snapshot through sandbox/SSH paths to avoid trampling local state. (#5444)
  • Runtime probes and Codex env tests — Runtime probe behavior and Codex environment tests are stabilized so flakes no longer mask real adapter problems. (#5445)
  • E2B sandbox executor reliability — E2B sandboxes now run a real command -v probe and source login profiles before exec, stage stdin to a temp file so it is delivered reliably, and the gemini-local hello probe gets a 60-second timeout for SSH and E2B targets. (#5279, #5278, #5322)
  • Runtime races and orphaned leases — Fixes a runtime state race, workspace-sync gaps, plugin startup ordering, and orphaned execution leases. (#4804)
  • Honor reuse-existing and assignee default environment — Issue runs now honor the reuse-existing preference and the assignee's default environment when picking where to execute. (#5139)
  • Issue recovery reliability — Stranded-assignment recovery is more reliable, productive terminal continuations are recovered instead of being closed prematurely, productivity review recovery loops are bounded, and max-turn-exhausted heartbeats are retried. (#4875, #4956, #4948, #5096)
  • Manual heartbeat invokes preserve scope — Manual heartbeat invocations preserve their original scope instead of broadening it. (#5323)
  • /live-runs no longer pads — The /live-runs view stops padding by default so the surface reflects actual live work. (#4963)
  • Cloud tenant issue identifier routes — Issue identifier routes now resolve correctly under Cloud tenant prefixes. (#5196)
  • Docker image build timeout raised — The Docker image build no longer times out on slower CI runners.

Upgrade Guide

Nine new database migrations (00750083) run automatically on startup. All are additive or idempotent — no existing rows are dropped.

  • 0075_cultured_sebastian_shaw — adds issue monitor liveness columns (monitor_next_check_at, monitor_wake_requested_at, monitor_last_triggered_at, monitor_attempt_count, monitor_notes, monitor_scheduled_by) and a per-company monitor-due index. Existing issues default to monitor_attempt_count = 0 with the rest unset.
  • 0076_useful_elektra — creates the plugin_managed_resources table and supporting indexes for plugin-managed agents/routines/folders. Existing plugins continue to work without managed resources.
  • 0077_unusual_karnak — creates the routine_revisions table, adds latest_revision_id / latest_revision_number pointers on routines, and backfills a v1 revision for every existing routine using its current definition.
  • 0078_white_darwin — adds optional author_type, presentation, and metadata columns to issue_comments so system notices can render with first-class presentation. Existing comments stay null and render as before.
  • 0079_company_search_document_indexes — adds GIN trigram indexes on documents.title and documents.latest_body to power the new company search page.
  • 0080_company_search_fuzzystrmatch — enables the fuzzystrmatch extension for fuzzy title matching in company search. Requires the extension to be available in your Postgres install (it ships with the standard contrib package).
  • 0081_optimal_dormammu — adds issues.work_mode (NOT NULL, default standard) for the new planning mode contract. Existing issues default to standard.
  • 0082_dry_vision — adds the secrets provider infrastructure: creates company_secret_bindings and secret_access_events, adds a stable key slug to company_secrets (backfilled and de-duplicated from existing names), and grows company_secrets / company_secret_versions with provider metadata, fingerprints, rotation timestamps, and soft-delete columns. Existing secrets get managed_mode = 'paperclip_managed', status = 'active', and a backfilled last_rotated_at.
  • 0083_company_secret_provider_configs — creates company_secret_provider_configs and retypes company_secrets.provider_config_id from text to uuid. Any prior non-UUID values in that column are cleared to NULL before the type change, so make sure you have no production data relying on free-form provider config ids before upgrading. If you do, capture those values out-of-band and reconfigure secrets against a real provider config row after the migration.

No application configuration changes are required to take this release. If you operate the Codex adapter against Codex CLI 0.122 or newer, the new apikey-mode auth.json is written automatically from your existing OPENAI_API_KEY configuration. The new cursor_cloud adapter is opt-in — agents continue to use whatever runtime they were configured with.

Check out latest releases or
releases around paperclipai/paperclip v2026.512.0

Don't miss a new paperclip release

NewReleases is sending notifications on new releases.

Get notifications