1.9.0
1.9.0 (2026-07-06)
What's Changed
Features
- feat: move existing users into the default org when first auto-added by @ak684 in #14740
- feat: route unclaimed automation events to the default org on single-org installs by @ak684 in #14745
- feat: add hide_personal_workspaces flag for org-only OHE installs by @ak684 in #14741
- feat: make the first signed-in user the default org owner, track the org by is_default flag by @ak684 in #14752
- feat(acp): add switch_acp_model proxy endpoint for cloud conversations by @simonrosenberg in #14744
- feat(acp): add model dropdown and credential fields to agent settings page by @simonrosenberg in #14733
- feat: add validation for secret names to ensure valid env var format by @jpshackelford in #12980
- feat: auto-accept invitation links instead of the confirm/cancel modal by @ak684 in #14786
- feat: expose copyable invite links so invitations work without email delivery by @ak684 in #14758
- feat: accept pending invitations by verified-email match at sign-in by @ak684 in #14759
- feat: explicit OH_DEPLOYMENT_MODE flag; gate cloud-account CTA to enterprise cloud by @ak684 in #14794
- feat: OHE multi-model LLM discovery + BYOK gating (proxy discovery, catalogue union, UX) by @ak684 in #14773
- feat(acp): allow MCP server config for ACP agents by @simonrosenberg in #14613
- feat: enforce conversation limits by @HeyItsChloe in #14168
- feat(APP-2136): expose automations menu item for all users by @erisfully in #14688
- feat(jira-dc): persist and inject per-user OAuth tokens in resolver conversations by @ak684 in #14650
- feat(jira-dc): share linked OAuth token with eligible conversations by @ak684 in #14697
- feat: add DynamicRemoteSandboxSpecService backed by runtime-api warm configs by @tofarr in #14849
- feat: encode harness in chip icon, surface model in chip text by @simonrosenberg in #14510
- feat: PLTF-2956 parallelize GitHub GraphQL queries in get_suggested_tasks by @aivong-openhands in #14821
- feat: surface a clear error when a custom sandbox image's agent-server SDK mismatches by @ak684 in #14883
- feat: PLTF-2968 allow per-deployment resolver macro via OH_RESOLVER_LABEL by @aivong-openhands in #14895
- feat: Support Slack attachments in agent context by @malhotra5 in #14934
- feat: add sub-agent task (TaskToolSet) visualizer to the chat UI by @VascoSch92 in #14928
- feat: Add full Git history user setting by @malhotra5 in #14950
- feat(enterprise): add admin user-provisioning endpoint by @chuckbutkus in #14864
- feat: Use interrupt endpoint for agent pause UI by @malhotra5 in #14972
- feat: add default_sandbox_spec_id to user settings by @tofarr in #14985
- feat(azure-devops): add resolver mentions + org-level one-click webhook setup by @ak684 in #14991
- feat(jira-dc): email-mode auto-link, targeted repo lookup, and picker mentions by @ak684 in #15001
- feat: implement semantic file chunking using tree-sitter AST parsing by @ysinghc in #14699
- feat(org): Add organization conversation admin dashboard by @saurya in #14846
- feat(app-server): capture production workspace state — initial snapshot at start + archive before delete (APP-2403) by @simonrosenberg in #14953
- feat(device-verify): align warning, button color, and add workspace dropdown by @tofarr in #15031
- feat(enterprise/auth): add super roles via user.role_id with permission fallback by @chuckbutkus in #14937
- feat(org): expose caller permissions on GET /organizations/{id}/me by @VascoSch92 in #15048
- feat(api-keys): add optional active window (not_before & expires_at) by @tofarr in #15085
- feat(app-server): add repo/branch to Laminar trace metadata by @simonrosenberg in #15059
- feat: add parallel tool calls (tool_concurrency_limit) to agent settings by @VascoSch92 in #14929
- feat(api-keys): make 'unbound' org scope an explicit, first-class option by @tofarr in #15096
- feat(jira-dc): fix the integration panel so members get guidance, not the admin setup form by @ak684 in #15040
- feat: Add dynamic marketplace support for plugin registration by @HeyItsChloe in #14887
- feat(saas-auth): accept api_key cookie as a fallback credential by @tofarr in #15101
Bug Fixes
- fix: bump agent-server to 1.27.1 for Gemini cache fix by @ak684 in #14751
- fix: bump agent-server to 1.28.0 by @ak684 in #14754
- fix(acp): sanitize agent-server error body in switch_acp_model proxy by @simonrosenberg in #14760
- fix: Pin duplicate checker action to extensions release by @enyst in #14771
- fix(deps): bump postcss to 8.5.15 to fix XSS (GHSA-qx2v-qp2m-jg93) by @aivong-openhands in #14770
- fix(frontend): start new LLM profiles on basic settings with blank fields by @ak684 in #14782
- fix: preserve LLM base URL on basic saves by @he-yufeng in #14776
- fix(enterprise): litellm_proxy/ → openhands/ on settings load by @smolpaws in #14766
- fix(frontend): treat managed openhands base URLs as provider defaults in view inference by @ak684 in #14783
- fix(frontend): only render the API key input once a provider is selected by @ak684 in #14787
- fix(frontend): hydrate the LLM profile edit form from the selected profile by @ak684 in #14789
- fix(frontend): accept typed emails without requiring Space in the invite input by @ak684 in #14790
- fix: redact credentials from PluginSpec.source during serialization by @simonrosenberg in #14795
- fix: reconcile and label per-(user,org) LiteLLM managed keys by @ak684 in #14803
- fix: default enterprise injector kinds in the image, not just the chart by @ak684 in #14811
- fix(frontend): avoid dirty language filter input by @mturac in #14812
- fix(acp): surface acp_server on cloud conversations so the model picker renders by @simonrosenberg in #14797
- fix: Add SaaS migration for sandbox pause state by @malhotra5 in #14829
- fix: Use final response endpoint for resolver callbacks by @malhotra5 in #14828
- fix: Ignore OpenHands bot GitHub resolver events by @malhotra5 in #14832
- fix: duplicate Slack no-repository selections by @malhotra5 in #14833
- fix: write trajectory exports as utf-8 by @wgu9 in #14810
- fix: use runtime /list API for sandbox concurrency count, not is_paused DB flag by @tofarr in #14834
- fix: renumber duplicate migration 122 → 123 (drop is_paused) by @tofarr in #14840
- fix: API key CORS header handling by @neubig in #14835
- fix: PLTF-2956 batch_get_sandboxes to gracefully handle runtime API failures by @aivong-openhands in #14853
- fix: Fix CVE-2026-48526: Update pyjwt to 2.13.0 by @mamoodi in #14854
- fix: PLTF-2956 log level from warning to error for automation service forwarding failures by @aivong-openhands in #14820
- fix: log error level for failed GitHub payload processing (#14814) by @GautamKumarOffical in #14863
- fix: Fix CVE-2026-49855: Update tornado to 6.5.7 by @mamoodi in #14856
- fix: decouple API-key (Bearer) auth from Keycloak offline sessions by @hieptl in #14867
- fix: Fix CVE-2026-54278: Update aiohttp to 3.14.1 by @mamoodi in #14871
- fix: PLTF-2956 Log 5xx responses at error level in AutomationEventService by @aivong-openhands in #14819
- fix: revert conversation limit enforcement from #14168 by @malhotra5 in #14877
- fix: Fix CVE-2026-12143: Update form-data to 4.0.6 by @mamoodi in #14875
- fix: Fix CVE-2026-53539: Update python-multipart to >=0.0.30 by @mamoodi in #14876
- fix: post Bitbucket DC comments as the bot account and background webhook handling by @ak684 in #14881
- fix(frontend): send on Enter for touchscreen laptops by @VascoSch92 in #14870
- fix: PLTF-2956 Tests for GitHub payload-processing failure log level by @aivong-openhands in #14818
- fix: clean up LLM Profile auth fields (dedupe variant section + exclude inert auth_type) by @ak684 in #14893
- fix: prevent conversation export overload by @neubig in #14899
- fix: Forgejo/Gitea clone failure when hosted under a subpath by @VascoSch92 in #14930
- fix: self-heal stale LiteLLM user on re-onboarding by @simonrosenberg in #14932
- fix: load global user & org skills without a selected repository by @hieptl in #14780
- fix: Fix GHSA-gj48-438w-jh9v: Update bleach to 6.4.0 by @mamoodi in #14945
- fix: Fix CVE-2026-45409: Update idna to 3.15 by @mamoodi in #14946
- fix: Fix GHSA-6v7p-g79w-8964: Update msgpack to 1.2.1 by @mamoodi in #14944
- fix: Fix CVE-2026-49458: Update dompurify to 3.4.6 by @mamoodi in #14872
- fix: Fix CVE-2026-44727: Update jupyter-server to 2.20.0 by @mamoodi in #14943
- fix: binaryornot Python 3 crash on binary reads by @enyst in #14518
- fix: Fix GHSA-jm82-fx9c-mx94: Update pypdf to >=6.13.3 by @mamoodi in #14959
- fix: Fix GHSA-cmwh-pvxp-8882: Update dompurify to 3.4.11 by @mamoodi in #14956
- fix: Fix CVE-2026-41691: Update i18next-http-backend to 3.0.5 by @mamoodi in #14955
- fix: Fix CVE-2026-54283: Update starlette to 1.3.1 by @mamoodi in #14874
- fix: Fix CVE-2026-8723: Update qs to 6.15.2 by @mamoodi in #14957
- fix: avoid decrypting org_member.llm_api_key when not set by @saurya in #14898
- fix: Fix CVE-2026-54285: Update @opentelemetry/core to 2.8.0 by @mamoodi in #14980
- fix: Fix GHSA-4xgf-cpjx-pc3j: Update pydantic-settings to 2.14.2 by @mamoodi in #14979
- fix: Fix CVE-2026-48712: Update protobufjs to 7.6.4 by @mamoodi in #14981
- fix: handle None git_full_clone from DB in SaasSettingsStore by @tofarr in #14988
- fix(frontend): stop polling app-conversations with task IDs on new conversation by @hieptl in #14989
- fix: return actionable error when Jira DC token endpoint is unreachable by @ak684 in #14990
- fix(llm): restore managed member-key fallback in effective LLM key resolution by @ak684 in #14992
- fix: Fix CVE-2026-48779: Update ws to 8.21.0 by @mamoodi in #15007
- fix: remove duplicate Close button on the org invite links modal by @ak684 in #14974
- fix(jira): make Jira Cloud and Jira DC HTTP timeouts configurable and consistent by @ak684 in #15012
- fix: Fix CVE-2026-44681: Update authlib to >=1.6.12 by @mamoodi in #14983
- fix: don't switch LLM profile before the conversation UUID exists (avoids 422) by @ak684 in #14900
- fix(enterprise): log automation HTTP response failures as errors by @wgu9 in #15004
- fix(enterprise): add alembic migration for execution_status column by @tofarr in #15030
- fix(jira-dc): more forgiving repo + mention resolution for Data Center by @ak684 in #15034
- fix(device-verify): rename 'Workspace' dropdown to 'Organization' by @tofarr in #15057
- fix(jira-dc): don't org-gate a personal-workspace Jira DC integration by @ak684 in #15036
- fix: stream LLM tokens for cloud conversations and profile switches by @VascoSch92 in #15021
- fix: set email person property in PostHog during onboarding completion by @lilagrc in #15070
- fix: Timezones stored in the db do not have a timezone by @tofarr in #15092
- fix: add test for InMemoryRateLimiter.init to prevent duplicate assignment regression by @aivong-openhands in #14729
- fix(frontend): stop streamed deltas rendering twice and fragmenting in V1 chat by @shanemort1982 in #15108
- fix: crash when request.client is None in InMemoryRateLimiter by @rakshith1928 in #15119
- fix(sandbox-spec): fall back to defaults when runtime-api has no warm runtimes by @tofarr in #15141
Documentation
- docs: Bring README.md over from Agent Canvas by @rbren in #14844
- docs(skills): fix typo in OpenHands docs URL in add_agent.md by @sanjibani in #14865
- docs: revise source code links in README.md by @enyst in #14869
- docs: fix broken README urls by @lexcodes-dev in #14907
- docs: fix dead link to self-hosting guide in README by @tomsen-ai in #14975
Maintenance
- refactor(llm): clean up reverse-mapping OpenHands provider models by @enyst in #14725
- refactor(settings): delegate agent-settings merge to SDK apply_agent_settings_diff by @simonrosenberg in #14677
- build(deps): bump SDK packages to v1.28.0 by @all-hands-bot in #14753
- chore(deps): bump pyjwt from 2.12.1 to 2.13.0 by @dependabot[bot] in #14852
- chore: bump SDK and agent-server to 1.29.0 by @ak684 in #14889
- test: replace real sleeps in maintenance runner tests by @aivong-openhands in #13930
- refactor: extract billing test fixtures for PLTF-1269 by @aivong-openhands in #13998
- test: PLTF-1269 replace test_should_ naming with test_verb_noun_context convention by @aivong-openhands in #14015
- chore: purge dead acp_env field footprint (removed in SDK 1.29.0) by @simonrosenberg in #14921
- chore(main): release cloud 1.39.0 by @openhands-release-bot[bot] in #14748
- chore(security): add Python dependency freshness guardrails by @nehaaprasad in #13754
- chore(deps-dev): bump jupyterlab from 4.5.7 to 4.5.9 by @dependabot[bot] in #15009
- chore(main): release cloud 1.40.0 by @openhands-release-bot[bot] in #14969
- chore: bump SDK and agent-server to 1.30.0 by @simonrosenberg in #15079
- build: pin dependency versions exactly by @rbren in #14384
- ci: add release ready gate by @enyst in #14987
- chore: bump SDK packages to v1.31.1 by @all-hands-bot in #15127
Other Changes
- Release 1.8.0 by @mamoodi in #14743
- PLTF-2895: add enterprise migration integrity check by @aivong-openhands in #14689
- PLTF-2895: scope DB sessions tightly in poll_agent_servers to prevent idle-in-transaction by @aivong-openhands in #14637
- ci: adopt release-please for app and cloud releases by @jlav in #14718
- Fix OpenHands LLM key access for credited orgs by @enyst in #14724
- Use reusable issue duplicate checker action by @enyst in #14609
- fix: delete LiteLLM user on personal org reset by @fengjikui in #14700
- fix(frontend): skip Git-related API calls when no Git provider is configured by @saurya in #14338
New Contributors
- @he-yufeng made their first contribution in #14776
- @fengjikui made their first contribution in #14700
- @mturac made their first contribution in #14812
- @wgu9 made their first contribution in #14810
- @sanjibani made their first contribution in #14865
- @GautamKumarOffical made their first contribution in #14863
- @lexcodes-dev made their first contribution in #14907
- @openhands-release-bot[bot] made their first contribution in #14748
- @tomsen-ai made their first contribution in #14975
- @ysinghc made their first contribution in #14699
- @rakshith1928 made their first contribution in #15119
Full Changelog: 1.8.0...1.9.0
This PR was generated with Release Please. See documentation.