v0.28.0
What's new since v0.27.0
v0.28.0 is an app-experience release. The canvas gets a full dark-mode pass, a redesigned runs sidebar with a dedicated run-inspection view, star/pin support, and a rewritten edit-and-versioning flow. It also lands a new S3-compatible storage integration for Hetzner, a much bigger GitLab surface area, Cloudsmith vulnerability workflows, GCP firewall management, and structured-output plus file-attachment support for both OpenAI and Claude prompt components.
App experience
- App-wide dark mode with a persisted theme preference, plus a follow-up sweep of missing styles across signup, admin, the diff modal, and the canvas itself.
- Star and pin apps so favorites stay at the top of the workflows list, and SuperPlane now remembers the last selected org across sessions.
- Redesigned runs sidebar paired with a new run inspection sidebar that lets you drill into inputs, outputs, and the input timeline without leaving canvas view.
- Simplified edit experience and versioning for apps — the enter-edit flow bootstraps in a single transaction, staged canvas changes are kept out of the live view, and the edit-mode indicator is much more noticeable. Restricted canvas actions are now guarded, unconnected action nodes warn before commit, and node implementation changes are rejected outright to avoid silent breakage.
- Apps can be created from folder headers in the workflows list.
1 new integration
- Hetzner Object Storage joins the S3-compatible storage lineup, so buckets and objects hosted on Hetzner can be managed with the same components as AWS S3.
Improvements to existing integrations
- GitLab graduates from base integration to a full one with a new
onMergeCommenttrigger and an updatedonMergeRequest, pluscreateMergeCommentandaddReactionactions. The setup flow and connection instructions were also rewritten. - Cloudsmith picks up the full vulnerability workflow —
scanPackage,getPackageVulnerabilities,quarantinePackage, and dedicated vulnerability-policy components — alongsidelistPackagesandpromotePackagesfor release-promotion pipelines. - GCP gains full firewall-rule lifecycle:
createFirewallRule,updateFirewallRule, anddeleteFirewallRule. - AWS EC2 adds
updateAlarmanddeleteAlarmto complete the CloudWatch alarm surface introduced last release. - Sentry learned to
linkGitHubIssue, connecting a Sentry issue to an existing GitHub issue directly from a workflow. - OpenAI and Claude text-prompt components now accept file attachments and a structured output config for JSON-typed responses. Both providers also expose usage metrics through the new
openai.usageMetricsandclaude.getDailyUsagecomponents. - Cursor's
launchCloudAgentnow returns conversation messages so downstream nodes can react to what the agent said.
New components and capabilities
- OIDC execution tokens let runners authenticate to third-party clouds during CI workflows without long-lived credentials.
- Runner logs are now available to the CLI and to agents, with fetches bounded by a record limit and returning cleanly after the stream goes idle.
- A standardized
Timestampcomponent replaces ad-hoc time expressions across workflows. - Run Claude Code Agent lands as a first-class component for triggering Claude Code from a canvas.
Agents
- Expanded image attachments in agent chat, and
/clearnow fully resets the agent chat session. - Agents display staged canvas changes without leaving edit mode, and streaming status reconciles cleanly when the connection blips.
- Agents no longer act unsolicited on canvas open or refresh, and agent tool results (including read/list) are compact by default to fit within provider limits.
- Agent panel state is remembered per canvas so new apps open with the chat visible rather than history.
Fixes and polish
The bulk of this release is polish for the draft, commit, and publish flow introduced in v0.26.0: version generation runs in a single transaction on commit, repository file reads are split by version/stage/live so caches stay consistent, and the canvas cache and enter-edit staging bootstrap were stabilized. Elsewhere, secret renaming now re-encrypts stored data, invite-link creation is protected against races, the auth middleware no longer panics on gateway authorization failures, the canvas websocket update loop was closed, and expression autocomplete stays anchored to its input while scrolling. Markdown file previews render, code blocks in notes are copyable and scrollable, and the diff view highlights are much clearer.
Bug Fixes
- Keep agent read results compact by default (#5796) by @forestileao
- Stop runner log fetches at record limit (#5804) by @forestileao
- Keep run sidebar selection focused (#5798) by @forestileao
- Return agent runner logs after stream goes idle (#5806) by @forestileao
- Show feedback on API token copy (#4333) by @matheuskafuri
- Reconcile agent chat streaming status (#5811) by @forestileao
- Remove stale change request CLI reference (#5814) by @forestileao
- Stop culling canvas nodes near the viewport edge (#5812) by @forestileao
- Stop agent from acting unsolicited on canvas open/refresh (#5815) by @forestileao
- Make code blocks in notes copyable, selectable, and scrollable (#5820) by @forestileao
- Clarify $ expression description in autocomplete (#5824) by @forestileao
- Preserve field value when toggling between Fixed and Expression (#5826) by @forestileao
- Keep expression autocomplete anchored to input on scroll (#5832) by @forestileao
- Increase Max Payload Size (#5834) by @andrecalil
- Filter Dash0 SDK fetch failures from Sentry (#5838) by @shiroyasha
- Prevent crash when display message metadata is missing (#5845) by @shiroyasha
- Guard synthetic keydown events (#5848) by @shiroyasha
- Move app name/description to workflows table (#5827) by @lucaspin
- Persist Building Blocks sidebar display settings (#4631) by @lucasdelafuentep
- Fit view to whole graph when switching canvas or version (#5833) by @forestileao
- Keep component sidebar fixed width with long field values (#5870) by @forestileao
- Open agent panel (not history) on new apps with a per-canvas preference (#5874) by @forestileao
- Derive AWS create-instance node state from emitted channel (#5862) by @WashingtonKK
- Create And Sort Secrets From the Canvas (#5875) by @andrecalil
- Prevent invite-link creation race (#5847) by @shiroyasha
- Clean Up/Improve Trigger Widget Confirmation (#5866) by @andrecalil
- Make /clear reset agent chat session (#5878) by @forestileao
- Avoid nil panic in UpdateGroup when group spec is omitted (#4655) by @inacionery
- Propagate DeleteIntegration transaction failures (#4509) by @AlexDio123
- Guard ssh commands split (#5888) by @shiroyasha
- Re-encrypt secret data when renaming secrets (#5885) by @shiroyasha
- Keep list field accordion controlled (#5893) by @shiroyasha
- Prevent canvas websocket update loop (#5890) by @shiroyasha
- Prevent approval mapper crash on missing records (#5889) by @shiroyasha
- Use timestamp fallback for versions without commit messages (#5899) by @lucaspin
- Sanitize describe organization errors (#5901) by @shiroyasha
- Prevent auth middleware panic on gateway authorization failures (#5898) by @shiroyasha
- Stabilize transitions after commit (#5904) by @lucaspin
- Preserve context cancellation error chain (#5908) by @shiroyasha
- Remove horizontal scroll from the members table (#5911) by @shiroyasha
- Wrap Text on the Add Secret Dialog (#5916) by @andrecalil
- Keep staged canvas changes out of live view (#5919) by @lucaspin
- Reject node implementation changes (#5921) by @forestileao
- Warn on unconnected action nodes (#5922) by @forestileao
- Generate version on single transaction on commit staging (#5931) by @lucaspin
- Clarify canvas yaml diff highlights (#5929) by @forestileao
- Render markdown file previews (#5930) by @forestileao
- Split repository file reads by version, stage, or live (#5932) by @lucaspin
- Stabilize enter-edit staging bootstrap and canvas cache reads (#5937) by @lucaspin
- Improve If Node Run Status (#5935) by @andrecalil
- Enter edit mode from run inspection view (#5954) by @lucaspin
- Show agent staged canvas changes without leaving edit mode (#5956) by @lucaspin
- Make edit mode state more noticeable (#5961) by @lucaspin
- Guard restricted canvas actions (#5976) by @forestileao
- Add missing dark mode styles across signup, admin, diff modal, and canvas (#5995) by @forestileao
- Lint (#6000) by @andrecalil
- Run inspector sidebar improvements (#5966) by @forestileao
- Refine run inspector input timeline behavior (#6010) by @forestileao
Improvements
- Link orphan contributor guides from CONTRIBUTING.md (#4788) by @leveretlogic
- Canvas Page at Storybook (#5810) by @andrecalil
- Remove unused ApplyCanvasAutoLayout endpoint and dead save hook options (#5822) by @lucaspin
- Align runner machine types, remove unneccessary mapping (#5818) by @re-pixel
- Link to ngrok install page (#5880) by @shiroyasha
- Clarify SSH command file field descriptions (#5879) by @shiroyasha
- Support stdin file input for roles and groups (#4546) by @Fieldmatic
- Remove dead manual save footer from SettingsTab (#5894) by @shiroyasha
- Update eslint and go unit test coverage budgets (#5895) by @lucaspin
- Add unit tests for ListIntegrations and ListInvitations (#4856) by @krishna28004
- Storybook Console Pages (#5933) by @andrecalil
- Update playwright dependency (#5965) by @lucaspin
- Fix e2e wiping out DB (#5998) by @andrecalil
New features
- Expose runner logs to cli and agents (#5797) by @forestileao
- OIDC execution tokens for CI workflow authorization (#5794) by @shiroyasha
- Add GCP create, update and delete firewall rules (#5663) by @WashingtonKK
- Add Cloudsmith listPackages and promotePackages components (#5658) by @felixgateru
- Add Cloudsmith scanPackage, getPackageVulnerabilities and quarantinePackage components (#5565) by @felixgateru
- Add openai and claude structured output config (#5763) by @WashingtonKK
- Allow files to be attached to openai and claude text prompt components (#5788) by @WashingtonKK
- Add standardized Timestamp component (#5872) by @forestileao
- Add AWS EC2 updateAlarm and deleteAlarm components (#5837) by @felixgateru
- Simplify edit experience and versioning for apps (#5882) by @lucaspin
- Return conversation messages from Cursor Launch Cloud Agent (#5813) by @WashingtonKK
- Add Sentry Link GitHub Issue action (#5910) by @shiroyasha
- Add Run Claude Code Agent component (#5795) by @felixgateru
- Add support for S3 interaction with Hetzner Object Storage (#4229) by @usernamenenad
- Remember Last Selected Org (#5920) by @andrecalil
- Star and pin apps (#5923) by @forestileao
- Add app-wide dark mode with theme preference control (#5927) by @ropsii
- Expand agent image attachments (#5928) by @forestileao
- Create apps from folder headers (#5936) by @forestileao
- Redesign runs sidebar list (#5952) by @forestileao
- Add run inspection sidebar (#5955) by @forestileao
- Refactor gitlab integration instructions and connection (#5994) by @WashingtonKK
- Add Cloudsmith vulnerability policy components (#5676) by @felixgateru
- Add Claude getDailyUsage component (#5864) by @felixgateru
- Add OpenAI usage metrics component (#5873) by @WashingtonKK
- Add GitLab onMergeComment trigger and update onMergeRequest (#6007) by @WashingtonKK
- Add GitLab createMergeComment and addReaction components (#6008) by @felixgateru
Full Changelog: v0.27.0...v0.28.0