Skip to content

v0.2.65

Choose a tag to compare

@larryro larryro released this 29 Apr 06:33

v0.2.65 — Interactive Canvas previews, multilingual subagents

Canvas HTML previews now serve from a dedicated route with a permissive CSP, so inline scripts run as expected and each render gets a fresh JS realm. Subagent prompts gain the same language-priority rules and {{user_profile}} placeholder as the chat agent across en/de/fr. A first-start DB init race that bricked fresh volumes is fixed.

🤖 Model & Provider

  • Language-priority rules and {{user_profile}} placeholder applied to all subagent example prompts (crm, file, integration, researcher, translator, web, workflow) across en/de/fr, so subagents stay in the orchestrator's language and see who they're working for.
  • Chat agent's HTML/Canvas guidance broadened to demo pages, dashboards, and visualizations; the pdf tool gate is tightened so the model stops emitting PDFs for inline-readable content. (#1645)

🚀 Features

  • Interactive Canvas HTML previews. The Canvas pane now renders previews via POST /canvas-preview instead of an iframe srcdoc. Inline <script> blocks and onclick= handlers run under a permissive (egress-locked) CSP, and every render gets a fresh Document and JS realm — so back-to-back renders no longer collide on top-level let/const declarations. (#1645)

🛠 Improvements

  • In-app markdown link routing. Same-origin anchors in chat messages now navigate client-side through TanStack router; external links keep target=_blank + rel=noopener noreferrer; mailto: and hash anchors get default browser behavior. (#1647)
  • Precise attribution in governance usage tables. The previous "Unknown assistant" rows in Top Assistants now render as Direct API for OpenAI-compat direct-model calls (translated for de/fr). Top Models filters out integration-only rows that have no model by design (Tavily/SQL/etc.); their cost is still attributed to the calling agent in Top Assistants, so no information is lost. (#1643)

🐛 Fixes

  • DB init no longer races on first start. Init-scripts were baked into the image at two locations and were both probing the same socket during initdb, causing concurrent ALTER DEFAULT PRIVILEGES statements to fail with duplicate key value violates unique constraint "pg_default_acl_role_nsp_obj_index". The wrapper is now the single runner; 03-create-knowledge-database.sql also wraps the four ALTER DEFAULT PRIVILEGES statements against unique_violation for defense in depth. (#1646)
  • Chat send no longer wedges after a PII-blocked message. sendingRef is now reset when the PII precheck blocks a send, so the toast fires every time and the input remains usable on subsequent attempts. (#1647)
  • Org-owner role label is translated. The member table built roles.${role.toLowerCase()} dynamically but the owner key was missing from en.json/de.json/fr.json, so org owners' rows rendered the raw key. Translation added and the dynamic key allowlisted.

Upgrade

Run tale upgrade to update the CLI, then tale deploy to apply the new version.

Migration Guide (only if you hit the DB init race on v0.2.64 or earlier)

If tale start previously failed with duplicate key value violates unique constraint "pg_default_acl_role_nsp_obj_index", the DB volume is half-initialized and must be removed before the patched image can come up cleanly:

tale stop
docker volume rm <project-id>-dev_db-data
tale upgrade
tale start

Replace <project-id> with your project's compose project name (the prefix of the existing *-db-data volume — see docker volume ls). All other users only need tale upgrade && tale deploy.

Contributors

@larryro, @yannickmonney, @AdeolaAdekoya


Full Changelog: v0.2.64...v0.2.65