github paperclipai/paperclip v2026.525.0
on GitHub

latest release: canary/v2026.525.1-canary.0
5 hours ago

v2026.525.0

Released: 2026-05-25

Highlights

  • Modal sandbox provider is now a first-party plugin - Paperclip ships a Modal sandbox-provider plugin so companies can run agents on Modal's managed sandboxes alongside E2B, Cloudflare, and Daytona, with CI publishing and cold-start-friendly probe timeouts wired in. (#6245, #6289, #6290, @devinfoley)
  • Workspace diffs are a first-class viewer plugin - The new workspace diff plugin renders staged, unstaged, head, renamed, binary, oversized, and untracked changes through host services and plugin slots, with split/unified panes, sticky headers, and reliable default base refs. (#6071, #6383, @cryppadotta)
  • Routines can carry their own secrets - Routine env now flows through the runtime contract with persisted revisions, agent < project < routine precedence, and safe secret metadata in routine UI/history — without exposing secret values in logs or access events. (#6212, @cryppadotta)
  • Local Cloud Upstream sync is in - A new Cloud Upstream flow ships with shared types, server routes, persisted run schema, CLI sync helpers, a board UI, and settings entry points so operators can preview, resolve conflicts, and activate local-to-cloud syncs. (#6548, @cryppadotta)
  • ACPX-Claude adapter works seamlessly out of the box - The acpx_local adapter now resolves bare Claude model IDs, surfaces real diagnostic detail instead of opaque "Internal error" logs, and respects user ~/.claude/settings.json permissions so first-run Claude Local ACPX agents don't strand. (#6590, @devinfoley)

Improvements

  • Scoped agent permissions and assignment controls - Issue and agent assignment mutations now run through a real authorization service with protected-assignment enforcement, plugin SDK/host APIs for company settings slots and policy/grant management, retry-now affordances on blocked issues, and an incremental principal-access compatibility backfill. (#6386, @cryppadotta)
  • AWS provider vault setup is operator-friendly - The Secrets page now offers AWS provider vault discovery with prefill, removal flows, and Storybook coverage so external vault configuration no longer requires hand-typed metadata. (#6381, @cryppadotta)
  • SecretBindingPicker is wired into plugin config forms - JSON-schema secret-ref fields (E2B, Modal, Cloudflare, Daytona, …) now render the canonical secret picker instead of a plain password input, so binding stored secrets no longer requires copy-pasting UUIDs. (#6339, @devinfoley)
  • External agent invites moved into the add-agent modal - Bring-your-own-agent onboarding now lives next to local/managed agent creation with an agent-oriented prompt result view and Back navigation, instead of hiding behind OpenClaw-specific company invite settings. (#6183, @aronprins)
  • Mobile board flows feel smoother - Mobile new-issue dialog height, priority overflow, company settings nav, plugin-route sidebar selection, browser controls in home-screen app mode, and small touch-target/menu scroll bugs are all polished. (#6550, #6384, @cryppadotta)
  • Plugin runtime is scoped tighter to its company - Plugin worker-to-host calls now propagate host-owned invocation context, performAction carries authenticated actor context, company invocation scope is enforced on bridge calls, and plugin operation issues stay out of normal issue surfaces. (#6547, @cryppadotta)
  • Runtime and tenant import paths are more reliable - Embedded Postgres now bootstraps native runtime before CLI/server/test startup, async tenant import jobs have deferred validation, and trusted Cloud tenant imports no longer fail the browser-origin guard for legitimate server-to-server traffic. (#6549, #6378, @cryppadotta)
  • Control-plane state transitions are tighter - Pagination sorts cleanly on updated issue lists, scheduled retry comments behave, pending plugin migrations re-apply on hot reload, plugin-schema worktree seeds restore safely, stale request confirmations expire after user comments, and feedback export shutdown drains without database-unavailable loops. (#6380, @cryppadotta)
  • Cheap recovery model is fenced off from real work - Status-only recovery now carries explicit guard context, route guards block deliverable mutations during cheap runs, and cheap-profile hints no longer leak into normal source-work retries. (#6371, @cryppadotta)
  • Invite flow, projects, and workspace polish from the May 17 branch land - Invite landing reuses the shared companies query helper, existing-member invite behavior and copy fallback are restored, reusable workspace selection picks correctly, worktree auth and static SPA fallback are fixed, markdown wrapping and plugin slot registration are firmed up, and projects page sorting lands. (#6604, #6210, @cryppadotta)
  • Sandbox-provider plugins no longer clutter Instance Settings - Driver-only plugins (E2B, exe.dev, Modal) are hidden from the per-plugin sidebar group since they have no own settings page and already redirect to Environments. (#6341, @devinfoley)
  • Inbox rows are cleaner - The amber "Planning" pill is removed from IssueRow; planning mode itself, the composer toggle, and the work-mode contract are untouched. (#6269, @cryppadotta)
  • Plugin authoring guide reflects managed resources - The plugin authoring docs are updated for the current managed-capabilities model so plugin authors aren't writing against stale guidance. (#6261, @cryppadotta)

Fixes

  • E2B heartbeats stop failing at 5/11 minutes - The workspace tar upload now strips macOS LIBARCHIVE.xattr.* PAX headers that GNU tar rejected on Linux, and timeoutMs/sleepAfter are refreshed per execute so E2B and Cloudflare sandboxes don't expire between heartbeats. (#6560, @devinfoley)
  • Invite page no longer goes blank after sign-in - CompanyProvider and the invite landing page now share a single companies query shape, fixing the companiesQuery.data?.some is not a function crash from the React Query key-key collision. (#6433, @aronprins)
  • Company creation survives wrapped prefix collisions - The retry detector now walks the Drizzle 0.45.x error cause chain for the companies_issue_prefix_idx unique constraint, so generated-prefix collisions retry instead of 500-ing. (#6423, @aronprins)
  • Autocomplete works inside the new-issue dialog - Floating autocomplete menus rendered through body-level portals are now marked as allowed dialog-external UI, so completion items are selectable inside Radix Dialog without pointer events being eaten. (#6311, @cryppadotta)
  • paperclip worktree init --force no longer wipes <repo>/.paperclip/worktrees/ - The init path stopped recursively removing the whole <repo>/.paperclip/ directory and now only rewrites config.json and .env. (#6240, @devinfoley)
  • New secret form stays usable with long values - The shared Textarea primitive now applies min-w-0 max-w-full, so a long unbreakable secret no longer pushes the Create/Cancel buttons off-screen. (#6222, @devinfoley)
  • Cold-start sandbox probes no longer time out - environmentProbe worker RPC timeout is raised to 120s so Modal (and other cold-start providers) finish booting before the probe fails. (#6289, @devinfoley)
  • Docker builds find link-plugin-dev-sdk.mjs - The Dockerfile deps stage now copies the script before pnpm install, so the plugin-workspace-diff postinstall hook doesn't fail with Cannot find module. (#6338, @devinfoley)

Contributors

Thank you to everyone who contributed to this release!

@aronprins

Check out latest releases or
releases around paperclipai/paperclip v2026.525.0

Don't miss a new paperclip release

NewReleases is sending notifications on new releases.

Get notifications