-
#1207
c8d9b9dThanks @RhysSullivan! - Polish the app's title bar. The release tag beside theexecutorwordmark is now quiet muted-mono metadata instead of a filled pill, matching the registry-minimal design language, and the wordmark is shared across the desktop and dashboard shells so the brand reads identically everywhere. The macOS traffic-light offset is also applied to the mobile sidebar overlay and the collapsed top bar, so the native window controls never sit on top of the wordmark when the window is narrow. -
#1204
9394217Thanks @RhysSullivan! - Fix the self-host and Cloudflare web dashboards showing "update available" even on the latest version. The builds baked a placeholder version (0.0.0-selfhost/0.0.0-cloudflare) into the shell, so the update check always compared as behind. They now bake the real release version, and the sidebar footer shows the running version so you can see what you are on. -
#1209
ffa4f70Thanks @RhysSullivan! - Fix the desktop and CLI daemon crashing on first launch on Windows when a v1 local database is present. The v1 to v2 data migration performed file operations (fsync, rename, remove) on libSQL SQLite files whose native OS handles linger after close() on Windows, surfacing as a fatal "Unknown error" (EPERM on fsync of a read-only handle, EBUSY on rename/remove of just-closed files). POSIX is unaffected, so this only reproduced on Windows. The migration now opens files read-write for fsync (treating it as best-effort), retries removes the same way renames were already retried, and forces a GC pass on each retry so libSQL's native finalizer releases the handle before the next attempt. Fixes the v1.5.23 Windows startup regression. -
Updated dependencies []:
- @executor-js/sdk@1.5.24
- @executor-js/runtime-quickjs@1.5.24
- @executor-js/local@1.4.4
- @executor-js/api@1.4.44
-
#1199
29936d5Thanks @RhysSullivan! - Add a test seam to skip the first-run "keep Executor running in the background?" consent dialog under automation, matching the existingconfirmResetStateseam. SetEXECUTOR_TEST_AUTO_CONFIRM_BACKGROUND_SERVICE=1to keep the background service or any other value to decline. When the variable is unset the dialog is shown exactly as before. Native dialogs cannot be answered from CDP or Playwright, so a packaged first-run boot under automation previously blocked at this prompt with no way to proceed. -
#1199
29936d5Thanks @RhysSullivan! - Fix the desktop app failing to start its local server when the generated auth token begins with a dash. The token israndomBytes(32).toString("base64url"), which can start with "-", and the packaged app passed it to the bundled CLI as a separate argument (--auth-token, then the token). The CLI then read the leading-dash token as an unknown flag, printed its help, and exited, so the desktop showed a fatal "local Executor server crashed during startup" dialog. This was persistent (the token is saved) and cross-platform, affecting roughly 1 in 64 fresh installs. The token is now passed in the combined--auth-token=<value>form so a leading dash is treated as the value. -
#1199
29936d5Thanks @RhysSullivan! - Notify when a newer Executor is published. The CLI now prints an "update available" line under its ready banner, and the web shell's sidebar update card works for real (a new/v1/app/npm/dist-tagsendpoint backs it). In the desktop app the card shows a native "Restart to update" action wired to the in-app updater instead of the npm command. The check is best-effort and offline-safe, and can be disabled withEXECUTOR_DISABLE_UPDATE_CHECK. -
Updated dependencies [
29936d5,29936d5]:- @executor-js/api@1.4.43
- @executor-js/local@1.4.4
- @executor-js/sdk@1.5.23
- @executor-js/runtime-quickjs@1.5.23
-
#1167
add2e40Thanks @RhysSullivan! - Fix the desktop app's main-area title-bar strip pushing page content down so page headers no longer lined up with the sidebar header. The drag strip now overlays the top of the main area (behind page content) instead of reserving its own row, and the Toolkits header uses a fixed title-bar height so its bottom border aligns with the sidebar header again. -
Updated dependencies []:
- @executor-js/local@1.4.4
- @executor-js/sdk@1.5.22
- @executor-js/runtime-quickjs@1.5.22
- @executor-js/api@1.4.42
-
#1134
78aa871Thanks @RhysSullivan! - Fix OAuth callbacks in cloud so they preserve the URL-selected organization when the session cookie points at another org. -
Updated dependencies []:
- @executor-js/local@1.4.4
- @executor-js/sdk@1.5.21
- @executor-js/runtime-quickjs@1.5.21
- @executor-js/api@1.4.41
-
#1132
580fc7fThanks @RhysSullivan! - Fix the PostHog custom MCP OAuth setup flow so Add connection opens PostHog authorization instead of falling back to manual OAuth app registration. -
Updated dependencies []:
- @executor-js/sdk@1.5.20
- @executor-js/runtime-quickjs@1.5.20
- @executor-js/local@1.4.4
- @executor-js/api@1.4.40
-
#1115
92bd86cThanks @RhysSullivan! - Google media downloads (Drive file contents, exports, and other binary endpoints) are now returned as binary responses instead of being decoded as text, so files come back intact. Emit them withemit(result.data). -
#1115
92bd86cThanks @RhysSullivan! - The CLI now validates that a URL ishttp/httpsbefore handing it to the operating system's browser opener, and on Windows opens it viarundll32 url.dll,FileProtocolHandlerinstead ofcmd /c start. This removes a path where a crafted URL could be interpreted as a shell command.executor loginand the "open in browser" prompts behave the same for normal URLs. -
#1115
92bd86cThanks @RhysSullivan! - Hardened the hosted egress guard. Outbound requests from OAuth token exchanges, MCP transports, and GraphQL/Google/Microsoft discovery now all route through the guard, and the guard resolves DNS before connecting so a hostname that points at a private or loopback address is blocked rather than only literal private IPs. This tightens SSRF protection for hosted and cloud execution. -
Updated dependencies []:
- @executor-js/sdk@1.5.19
- @executor-js/runtime-quickjs@1.5.19
- @executor-js/local@1.4.4
- @executor-js/api@1.4.39
-
#1093
bc24d1aThanks @RhysSullivan! -connections.createnow accepts no-auth connections (thenonetemplate with no credential), which previously failed validation with "Expected exactly one provider credential origin". Agents can wire up public, no-auth integrations (public MCP servers, public REST APIs) programmatically instead of bouncing through the web UI. Templates that take a credential still require exactly one. -
#1093
bc24d1aThanks @RhysSullivan! - OpenAPI tools that return a file now spell out how to emit it directly in the tool's description, so an agent sees theemit(result.data)contract before its first call instead of only discovering it after a failed attempt or by readingdescribe.tool. Non-file tools are unchanged. -
Updated dependencies []:
- @executor-js/sdk@1.5.18
- @executor-js/runtime-quickjs@1.5.18
- @executor-js/local@1.4.4
- @executor-js/api@1.4.38
-
#1076
3e47752Thanks @RhysSullivan! - Addexecutor login(pluslogoutandwhoami) for signing the CLI into a hosted or self-hosted Executor server using the OAuth 2.0 Device Authorization Grant (RFC 8628), instead of manually creating and pasting an API key.loginprints a code and verification URL, opens the browser, and polls; afterwards the CLI authenticates with a bearer token. Works against both cloud (WorkOS) and self-host (Better Auth) servers. -
#1076
3e47752Thanks @RhysSullivan! -connections.listnow returns a lean summary by default, replacing the fulloauthScopegrant string (which can run to thousands of characters per connection) with anoauthScopeCount. Passverbose: trueto get the full grant back. -
#1076
3e47752Thanks @RhysSullivan! - The execute result envelope now reports how many items a script sent to the user viaemit(). A script that only emits (with no return value) is no longer indistinguishable from one that did nothing: the envelope includes an emitted count and a(no return value; N items emitted to the user)text preview. -
#1076
3e47752Thanks @RhysSullivan! - Fix OAuth connect for providers that issue authorization codes redeemable only at a region-specific token host. Executor now redeems the code at the region returned on the callback rather than the statically advertised token endpoint, so connecting these providers no longer fails at the token-exchange step. -
#1076
3e47752Thanks @RhysSullivan! - Send a defaultexecutorUser-Agent on OpenAPI tool calls. Upstreams such as GitHub that reject requests without a User-Agent (HTTP 403) now succeed instead of surfacing the rejection as a credential error. A spec- or connection-provided User-Agent still takes precedence. -
Updated dependencies []:
- @executor-js/sdk@1.5.17
- @executor-js/runtime-quickjs@1.5.17
- @executor-js/local@1.4.4
- @executor-js/api@1.4.37
- #1066
0961773Thanks @RhysSullivan! - Replace the code-mode output helpers with a singleemit(value)primitive.emit(...)accepts plain values,ToolFileattachments, and MCP content blocks, whilereturnremains reserved for ordinary structured data. - Updated dependencies []:
- @executor-js/sdk@1.5.16
- @executor-js/runtime-quickjs@1.5.16
- @executor-js/local@1.4.4
- @executor-js/api@1.4.36
- Updated dependencies []:
- @executor-js/sdk@1.5.15
- @executor-js/local@1.4.4
- @executor-js/api@1.4.35
- @executor-js/runtime-quickjs@1.5.15
- #1051
cfda0acThanks @RhysSullivan! - Fix desktop startup so a failed supervised-daemon replacement no longer leaves the app on a black window. The desktop now re-checks the daemon after install failures, falls back to a managed sidecar when the stale daemon disappears, and surfaces startup recovery instead of leaving a failed renderer visible. - Updated dependencies []:
- @executor-js/sdk@1.5.14
- @executor-js/runtime-quickjs@1.5.14
- @executor-js/local@1.4.4
- @executor-js/api@1.4.34
-
#1046
2de1804Thanks @RhysSullivan! - Windows installs now repair stale Executor service listeners and only report success after the background daemon publishes the sign-in manifest used byexecutor web. The desktop app also attaches to a reachable supervised daemon before trusting Windows PID probes, so it no longer starts a competing sidecar when the background service already owns the port. -
Updated dependencies []:
- @executor-js/local@1.4.4
- @executor-js/api@1.4.33
- @executor-js/sdk@1.5.13
- @executor-js/runtime-quickjs@1.5.13
- #1021
c8faad7Thanks @RhysSullivan! - Self-hosted instances now detect their public URL automatically on common platforms, and origin handling is consistent across every host. WhenEXECUTOR_WEB_BASE_URLis not set, the server reads the origin a host injects (Railway, Render, Fly, Vercel, Netlify, Heroku, Azure, Cloudflare Pages) instead of defaulting to localhost — so a platform deploy works with zero configuration and no longer fails sign-in with "Invalid origin". When the origin still can't be determined, that error is replaced with a clear message telling you exactly whichEXECUTOR_WEB_BASE_URLvalue to set, and a startup warning fires on any non-dev deploy that falls back to localhost. The MCP browser-approval link a self-host sends to clients now uses the pinned public URL (reachable behind a reverse proxy) rather than the server's internal address. These resolution rules now live in one shared helper used by every host. - Updated dependencies []:
- @executor-js/sdk@1.5.12
- @executor-js/runtime-quickjs@1.5.12
- @executor-js/local@1.4.4
- @executor-js/api@1.4.32
-
#1002
64b3544Thanks @RhysSullivan! - Fix the self-hosted "Connect an agent" MCP URL. The card printed an organization-scoped path (<origin>/<organizationId>/mcp) that the single-tenant self-host server didn't serve, so connecting an MCP client authorized successfully but then failed to reach the tools with an HTTP 404. The self-host server now accepts the organization-scoped path and routes it to its MCP endpoint. -
#1002
64b3544Thanks @RhysSullivan! - Self-hosted MCP connections now require explicit approval. When an MCP client connects, the browser stops on an approval screen showing the connecting client's name, what it can access, and that the grant is limited to the MCP server (not a web-app login, and it can't make other API calls on your behalf); a token is granted only after you Approve. Previously a signed-in user's client was authorized automatically with no prompt. -
#1008
7237bf2Thanks @RhysSullivan! - Self-hosted instances no longer lose data on restart. Better Auth now shares the same libSQL connection as the rest of the instance instead of opening its own. Previously the two connections each managed their own write-ahead log on the shared database file, and the second one to open could orphan the first — so integrations, connections, and tools written after startup landed in a discarded log and disappeared on the next restart, while sign-in data survived. This is the "reconnected my account but it has zero tools" failure; a single shared connection removes the split entirely. -
Updated dependencies []:
- @executor-js/sdk@1.5.11
- @executor-js/runtime-quickjs@1.5.11
- @executor-js/local@1.4.4
- @executor-js/api@1.4.31
-
#995
0717067Thanks @RhysSullivan! - Self-hosted deployments now persist their data correctly across restarts. -
Updated dependencies []:
- @executor-js/sdk@1.5.10
- @executor-js/runtime-quickjs@1.5.10
- @executor-js/local@1.4.4
- @executor-js/api@1.4.30
-
fe4153dThanks @RhysSullivan! - Fix a Windows race in the local v1→v2 database migration: the legacy database rename could hitEBUSY(file still held by the just-closed SQLite handle or an antivirus scan) and crash the app at boot. The retry window now covers the lock instead of giving up after ~2 seconds.Also hardens the desktop release pipeline so a hung platform build fails fast instead of blocking later releases.
-
Updated dependencies []:
- @executor-js/sdk@1.5.9
- @executor-js/runtime-quickjs@1.5.9
- @executor-js/local@1.4.4
- @executor-js/api@1.4.29
-
#983
bcfdeb2Thanks @RhysSullivan! - Hardened the local v1→v2 database upgradeUpgrading a local database created by an older (v1) release is now resilient to interrupted or partially-written upgrade state:
- The one-time upgrade is recorded in the migration ledger, so it is never re-attempted on later boots. Databases that have already upgraded are detected from the ledger and skip the upgrade path entirely.
- Replaying the legacy schema now tolerates a missing or truncated migration journal instead of failing to start, so a database left in a half-written state from a previous crash boots cleanly.
-
Updated dependencies []:
- @executor-js/sdk@1.5.8
- @executor-js/runtime-quickjs@1.5.8
- @executor-js/local@1.4.4
- @executor-js/api@1.4.28
-
#964
7cee242Thanks @RhysSullivan! - Desktop crash reporting and diagnostics- The desktop app now reports crashes from all of its processes (window, main, and the local server sidecar), so launch failures and silent exits become fixable bugs instead of mysteries. Reporting is disabled in local/dev builds and honors
DO_NOT_TRACK=1as an opt-out. - If the local server crashes, the app shows a crash screen with restart and update actions instead of closing silently, and the server's output is persisted to the log file.
- New Export Diagnostics (menu and Settings) zips logs, crash dumps, and a redacted system manifest to Downloads — never secrets or executor data — and Report a Problem… prefills a GitHub issue with the diagnostics attached.
- The desktop app now reports crashes from all of its processes (window, main, and the local server sidecar), so launch failures and silent exits become fixable bugs instead of mysteries. Reporting is disabled in local/dev builds and honors
-
#964
7cee242Thanks @RhysSullivan! - Faster integrations with large API specsResolved OpenAPI spec text and GraphQL introspection snapshots are now stored content-addressed in the plugin blob store instead of inline in each integration's stored config. Listing integrations no longer loads multi-megabyte spec blobs it immediately discards, which makes the integrations surface dramatically faster for workspaces with large specs. Existing integrations keep working: rows that still inline a spec resolve unchanged and are rewritten in place the next time they are imported or refreshed.
-
Updated dependencies [
7cee242,7cee242]:- @executor-js/sdk@1.5.7
- @executor-js/local@1.4.4
- @executor-js/api@1.4.27
- @executor-js/runtime-quickjs@1.5.7
-
#943
f485e4aThanks @RhysSullivan! - One auth model across OpenAPI, GraphQL, and MCP- Every protocol plugin now stores the same placements-based auth methods (the new
@executor-js/sdk/http-authvocabulary): an API-key method carries any mix of header and query placements, each rendered from its own credential input — so one source can declare OAuth, a bearer-header-plus-team-id-query method, a plain bearer, and a query token side by side, and one connection can carry several values (e.g. both Datadog keys). - MCP and GraphQL gain what only OpenAPI could do before: multi-placement methods, query-parameter credentials (servers like ui.sh's
?token=), and multi-input connections. Rendering, catalog projection, slug normalization, and the React method editor/codec are shared instead of triplicated; the connect modal collects one value per input. - Invoking with an unresolvable credential input now fails with
connection_value_missing(naming the missing inputs) instead of silently dialing unauthenticated. - Stored integration configs are rewritten to the canonical shape by a one-off migration: local and self-host run it automatically at startup; cloud operators run
bun run db:migrate-auth:prodbefore deploying. Connection bindings and stored credential values are preserved exactly. - Authoring: apikey methods are authored in ONE request-shaped dialect on every plugin — it reads like the request it produces:
{ type: "apiKey", headers: { Authorization: ["Bearer ", variable("token")] }, queryParams: { team_id: [variable("team_id")] } }(variable()is exported from each plugin; a plain-string value is a static literal). Inputs normalize to the canonical placements model, which is what stored configs and the catalog read as. Authoring is strict where the renderer is: a value carries at most one variable, as the final part. - Every method is keyed by
kind— OpenAPI's oauth templates re-key from the retiredtype: "oauth"spelling tokind: "oauth2"(matching MCP/GraphQL); the one-off migration rewrites stored entries. - Breaking (wire): the retired single-placement inputs (
headerNameon MCP,in/nameon GraphQL), raw canonical-placement inputs, andtype: "oauth"oauth inputs are rejected. Themcp.addServersingularauthshorthand still works.
- Every protocol plugin now stores the same placements-based auth methods (the new
-
#950
dbb48ecThanks @RhysSullivan! - Fix credential sharing for workspace connectionsOrg-shared connections now resolve for every member of a workspace, not only the member who created them. Existing connections are migrated automatically; stored secrets are unaffected.
-
Updated dependencies []:
- @executor-js/local@1.4.4
- @executor-js/sdk@1.5.4
- @executor-js/runtime-quickjs@1.5.4
- @executor-js/api@1.4.26
-
#939
db09372Thanks @RhysSullivan! - Desktop packaging follow-ups from the v1.5.2 release run:- Fixed the Intel mac desktop build failing in CI (the cross-target dependency install was being glob-expanded by the shell).
- Fixed the first-launch data migration on Windows: renaming the previous database file could hit a transient
EBUSYwhile the just-closed SQLite handle was released, so the move now retries briefly instead of failing startup.
-
Updated dependencies []:
- @executor-js/sdk@1.5.3
- @executor-js/runtime-quickjs@1.5.3
- @executor-js/local@1.4.4
- @executor-js/api@1.4.25
-
#936
2db9d65Thanks @RhysSullivan! - Desktop- Fixed the desktop app failing to launch: the packaged sidecar was missing its native SQLite and keychain bindings, so the local server exited before the window appeared. The release pipeline now smoke-tests the compiled sidecar before publishing.
- Mac auto-updates now serve the correct architecture — the arm64 and x64 update manifests previously collided, so Apple Silicon machines could be offered Intel builds.
- If the local server fails to start, the app now shows the error (with a pointer to the log) and installs any available update on quit, instead of closing silently.
Integrations & auth
- Integrations can declare multiple authentication methods in every plugin. MCP servers join the slugged template model used by OpenAPI and GraphQL, so a server can offer OAuth and an API key side by side, and adding a custom method appends instead of replacing a detected one. Existing connections keep working with no migration.
- OAuth app management is folded into the connect modal, so client setup happens where accounts are added.
-
Updated dependencies []:
- @executor-js/sdk@1.5.2
- @executor-js/runtime-quickjs@1.5.2
- @executor-js/local@1.4.4
- @executor-js/api@1.4.24
-
#927
df40cd3Thanks @RhysSullivan! - Fixexecutor webcrashing withno such table: plugin_storagewhen upgrading from an older v1 release. The v1 → v2 data migration now replays the bundled legacy schema migrations first, so databases last touched by any pre-1.5 version are brought up to the final v1 schema before their data is migrated. -
Updated dependencies []:
- @executor-js/sdk@1.5.1
- @executor-js/runtime-quickjs@1.5.1
- @executor-js/local@1.4.4
- @executor-js/api@1.4.23
-
c7bb2a4Thanks @RhysSullivan! - Integrations and connections rework.Highlights
- Sources are now split into integrations (the API surface) and connections (the credential). One integration can hold many connections — workspace-shared or personal — and each connection gets its own tool catalog.
- Tool addresses carry the connection, so agents can target a specific account:
tools.vercel_api.org.workspace.deployvstools.vercel_api.user.personal.deploy. - Existing data migrates automatically on first launch: sources become integrations, secrets and credential bindings become connections, OAuth apps and tool policies carry over, and the previous database is kept as a backup next to the new one.
- Public no-auth servers (MCP, GraphQL) connect without entering a credential.
- Connections display the signed-in identity, so you can tell accounts apart at a glance.
- The CLI, local web app, and desktop app can connect to a shared Executor server instead of each running their own; the desktop app persists server profiles across restarts.
- Self-hosted Executor now publishes a multi-architecture GHCR image at
ghcr.io/rhyssullivan/executor-selfhost(stable releases taggedlatest, prereleases taggedbeta).
Reliability
- OpenAPI, GraphQL, and MCP tools return structured authentication failures with recovery guidance instead of opaque internal errors — covering missing credentials, expired OAuth connections, upstream 401/403 responses, and MCP per-user isolation.
- OAuth popups complete more reliably in Chrome by preserving the callback channel through the same-origin completion page.
- OAuth Dynamic Client Registration data is reused across retries and reconnects, including scopes, so providers are not asked to register duplicate clients.
- Creating a connection with invalid input (no credential for a credentialed method, mixed input origins) returns a clear error with the reason instead of an opaque internal error.
- The v1 → v2 migration creates connections for no-auth sources, derives OAuth authorize endpoints when v1 only stored a bare issuer origin, keys inline header values per source, and skips malformed credential bindings with a warning instead of silently dropping them. An unreachable OAuth metadata endpoint no longer blocks the migration on launch.
- Google sources use a bundled OpenAPI flow with valid schemas.
- MCP tool output schemas match the actual invocation result envelope, including
content,structuredContent,_meta, andisError. - Integration icons survive migration, connected presets show their icons, and credentials show a loading badge while resolving.
Breaking changes
- Tool addresses gained two segments for the connection's owner and name:
tools.vercel_api.deployis nowtools.vercel_api.org.workspace.deploy. Saved tool policies are rewritten automatically during migration; agent code that hard-codes v1.4 addresses needs the new shape (tools.search()returns ready-to-call paths). - The Google Discovery plugin was removed. Google integrations now go through the bundled Google flow; existing Google sources migrate automatically.
-
#922
1ba0193Thanks @RhysSullivan! - MoveeffectfromdependenciestopeerDependenciesin the published library packages so consumers provide a single shared Effect instance. -
Updated dependencies [
7d7fbbd,1ba0193]:- @executor-js/sdk@1.5.0
- @executor-js/runtime-quickjs@1.5.0
- @executor-js/local@1.4.4
- @executor-js/api@1.4.22