Skip to content

0.6.0 - Public beta

Choose a tag to compare

View all tags
@aamdmn aamdmn released this 01 Jun 12:58
· 24 commits to main since this release
v0.6.0
dc9a02e
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

First public beta of payload-agent.

Highlights

  • Access control — scope the agent by collection (access.collections) and operation (access.operations). Internal (payload-*) and auth collections denied by default; delete is opt-in.
  • Service user — run operations as a real Payload user with overrideAccess: false, so your access control, field-level access, and hooks apply.
  • Inbound authorizationaccess.authorize(ctx) gates which chat messages the agent answers (fails closed).
  • SSRF-hardened uploadsuploadFile({ url }) only fetches publicly routable http(s) targets, re-validates redirects, and bounds size/time.
  • Per-message write limit + prompt guardrails (treat content as data, confirm bulk/destructive writes).
  • Markdown rich text + localization (read-all / translate / write-per-locale).
  • Media uploads, type grounding from payload-types.ts, persistent state, prompt caching, and streaming replies.

See CHANGELOG.md for the full list.

Assets 2
Loading