Open Bee
Get started

What's new

Changelog

Every release. We tag with feat (new), fix (bugs), polish (UX), and ops (infrastructure). RSS coming soon.

v0.10.7

  • fixagent-runtime daemon's TIER_PRICING used non-existent model ids (`claude-sonnet-4-5`, `claude-opus-4-5` β€” real ids are -4-6 and -4-7). Every real daemon task fell back to `fast` tier with `costUsd=undefined`, so cloud got wrong billing metrics on every completion. Now `tierForModel(id)` derives the tier by substring (haiku/flash β†’ fast, sonnet/4o/pro β†’ balanced, opus/ultra/o1 β†’ top); pricing table keyed by tier so future renames don't break it.
  • fix/api/bee-creative/publish β€” when a user picked a specific account from the social-accounts dropdown, the lookup misused `loadSocialAccount(workspaceId, platform, externalId)` with a cuid (BcSocialAccount.id) instead of the platform's externalId. Result: 400 'Belum ada akun terhubung' on every non-default selection. New `loadSocialAccountById(id, workspaceId, platform)` lookup with workspace+platform scoping.
  • fix/api/workspaces/[slug]/audit-log returned 500 on `?limit=abc` (Number('abc') = NaN propagated to `prisma.findMany({take: NaN+1})`) and on `?since=garbage` (Invalid Date rejected by Prisma). Both gated now: `Number.isFinite()` for limit, `validIso()` helper for date params. Bad input β†’ 200 with param ignored.
  • fixnext-with-env.cjs wrapper triggered Node 22 DEP0190 (`shell: true` security warning). Switched to spawning Node directly with `require.resolve('next/dist/bin/next')` β€” cross-platform, no shell, deprecation cleared.
  • opsMaintenance audit verified: typecheck green across 12 packages, 128/128 tests, production build clean, dev boot 9s, 19 public pages β†’ 200, 16 auth-protected β†’ 307, 26 API endpoints β†’ correct status, Anthropic + Google APIs live, 5 DB migrations applied with no schema drift.

v0.10.6

  • fixPhoto editor's AI Chat panel was returning 'ANTHROPIC_API_KEY is not set' even when .env.local had the real 108-char key. Root cause: `@next/env` merges shell `process.env` with `.env.local` and shell wins β€” bash session had `ANTHROPIC_API_KEY=""` (empty) from some earlier tool, which Next treated as authoritative. Fix: new `next-with-env.cjs` wrapper that strips known-secret env vars with empty values before spawning Next. Logs what it stripped at startup. Wired into dev/build/start scripts.
  • fix/api/chat would 500 on a stale `conversation.modelId` (model removed from catalog across releases). Now `tryGetModel(id) ?? defaultModelForPlan(planId)` β€” old conversations gracefully fall back to the plan's default instead of hard-erroring.
  • fixMock executor's tier-derivation always returned `fast` because it compared against non-existent ids (`bee-top`, `bee-balanced`). Latent bug β€” wrong synthetic billing metrics on demo missions. Now derives tier from the actual model config.
  • featNew `/api/health/env-check` operator-facing probe β€” reports presence/byte-length of 42 env vars (never the value). `curl https://your-deploy/api/health/env-check` to verify a deploy at a glance. Public route β€” doesn't leak secrets.
  • opsEnd-to-end live audit: 17 public pages β†’ 200, 27 API endpoints β†’ correct auth status, Anthropic + Google APIs verified working with real network calls (`claude-haiku-4-5` + `gemini-2.5-flash` both 200), 5 DB migrations applied, 128 unit tests passing, typecheck green.

v0.10.5

  • fixPhoto editor was returning 'Internal server error' on AI describe β€” root cause was `getModel("claude-sonnet-4-5")` (the real id is `claude-sonnet-4-6`); the throwing function aborted the fallback `??` chain on the first miss. Added `tryGetModel(id)` non-throwing variant + fixed all 3 call sites. apiErrorResponse now returns a `requestId` in the response body so support tickets can quote the matching server log line.
  • featBee Creative photo editor β€” AI co-pilot chat panel. User describes edits in natural language ('buat lebih sinematik', 'perluas ke kanan dengan langit sunset', 'ganti latar belakang jadi pantai tropis'); vision LLM looks at current canvas + prompt, returns a plan of operations the client dispatcher applies. Right panel now tabs between Layer (manual) and AI Chat (new).
  • featFour operation kinds: `adjust` (local sliders, instant), `generative-fill` (FLUX-fill with computed mask), `expand` (outpaint with client-side padding), `explain` (conversational). Each assistant turn surfaces what ran. Mask hints β€” geometric (left-half / right-half / top-half / bottom-half / sky / ground) get exact rectangular masks; semantic (background / foreground-subject) approximate as centred rectangles until bg-removal model lands.
  • featOutput quality polish β€” `runInpaint` defaults bumped to 40 inference steps + guidance 6 + output_quality 95 (was 28 / 7 / default). Photorealism prompt anchor appended on every FLUX-fill: 'photorealistic, natural lighting, sharp focus, high detail, blends seamlessly with surroundings' β€” prevents drift into illustration on terse prompts. Override via `REPLICATE_PROMPT_SUFFIX` env.

v0.10.4

  • fixMock executor wrapped in `after()` from next/server. Previously `void runMockExecutor(id).catch(...)` β€” a fire-and-forget pattern that gets killed on Vercel once the response is flushed, leaving demo-mode tasks stuck in `running`. `after()` keeps the function alive until the executor finishes, bounded by maxDuration (60s β€” the executor runs in ~6-8s).
  • featMock executor stamps `heartbeatAt` on start + on every event emission (atomic via `$transaction`). Defense-in-depth: if the function exceeds maxDuration the cron reaper catches it via fresh heartbeat data instead of stale `startedAt`. Last mainline fire-and-forget pattern in the cloud β€” daemon-side fire-and-forget doesn't have the suspend issue (long-running process).

v0.10.3

  • featAgentTask heartbeat + stuck-task reaper. Closes the top deferred audit finding from v0.10.2 β€” a daemon that crashed mid-task previously left the row in `running` forever (user's kanban showed 'still running' days later). New `heartbeatAt` column + 30s daemon ping + cron reaper that flips any `running` task with a heartbeat older than 5 min to `failed` with a clear error message. Backward-compat: pre-heartbeat daemons keep their tasks alive via the event endpoint, which now also bumps the heartbeat opportunistically.
  • featSchema migration `20260430130000_agent_task_heartbeat` β€” adds `AgentTask.heartbeatAt DateTime?` + composite index `(status, heartbeatAt)`. Backfills existing `running` rows with `startedAt` so the first reaper tick post-deploy doesn't mass-reap.
  • featNew `POST /api/agent/tasks/[id]/heartbeat` endpoint. Atomic `updateMany` β€” only refreshes if task is still `running`. Returns 409 + current status when the task was reaped or completed elsewhere so the daemon's heartbeat loop can bail out cleanly.
  • opsCron reaper extension on `/api/cron/scheduled-tasks` (no new vercel.json cron β€” same minute tick fires both schedules + reaps). Atomic claim (precondition on heartbeatAt) prevents racing a daemon that woke back up between scan and update. 9 new tests for the reaper predicate, 128 total.

v0.10.2

  • fixPlatform-wide security audit pass β€” 4 commits, ~25 hardening fixes. OAuth open-redirect defence (`isSafeReturnTo` validator rejects protocol-relative + cross-origin returnTo); state cookie HMAC verified with `timingSafeEqual`; Telegram webhook secret + CRON_SECRET also constant-time. CRON_SECRET query-param fallback removed (was leaking into access logs). R2 storage-key SSRF defence β€” strict whitelist of `r2:` and `data:image/|video/|audio/` prefixes. Replicate version-hash placeholder swapped to `REPLICATE_FLUX_FILL_VERSION` env (was a fake hash that would 404).
  • fixNew per-user rate limits: oauthStart 30/min, bcAi 10/min, dataExport 3/hour. Plan budget caps monthly cost; rate caps stop a runaway client from burning the quota in 60s or piling up 50 concurrent Replicate jobs.
  • fixSchema migration `20260430120000_audit_cascade_fixes` β€” three cascade-rule corrections (BcSocialAccount.userId + BcPublication.userId β†’ SetNull, BcPortfolioItem.projectId β†’ Restrict) so workspace publishing capability + audit history survive user removal. New `BcPortfolio @@unique([workspaceId, userId])` closes a race in the portfolio upsert.
  • fix`apiErrorResponse` no longer echoes `err.message` to clients on the unknown-error path β€” library errors (Stripe / Replicate / fs) could leak internal paths, env values, schema details. Generic message in prod; full message in dev. Sentry capture unchanged.
  • featEncryption key rotation support via `OPENBEE_ENCRYPTION_KEY_PREVIOUS`. `decryptSecret` tries primary first, falls back to previous on auth failure. Without this, rotating the key bricked every encrypted row instantly. Rotation procedure documented in code header + .env.example.
  • featGDPR export (`/api/me/export`) bumped to schema v2 β€” adds scheduled tasks, invitations, audit events, usage events, and the full Bee Creative footprint (projects, assets, render jobs, social accounts metadata only, publications, portfolios). Closes the compliance gap surfaced by the audit.
  • opsStripe API-version future-proofing β€” helpers read API-2025-08-27 paths first (`subscription.items.data[0].current_period_end`, `invoice.parent.subscription_details.subscription`), fall back to pinned-acacia. Behavior unchanged today; future-safe on any pin bump. Validation hardening on `chat/route.ts` (UiMessage shape), `missions/[id]/events` (`since` Date validation), `bee-creative/video/render` (VideoDocument Zod-validated before FFmpeg). 12 new tests (10 oauth-refresh + 2 key rotation), 119 unit tests passing total.

v0.10.1

  • featSettings β†’ Social accounts page. Lists every connected publishing surface (YouTube channels, Facebook Pages, IG Business accounts, X handles, TikTok creators) with their account name, external id, scopes, and access-token expiry. Connect via OAuth start endpoint with returnTo back to settings; disconnect with one click. Per-platform env-availability check disables Connect buttons whose env vars aren't set instead of letting the user click into a 503.
  • featAuto-refresh access tokens on publish. New shared `lib/oauth-refresh.ts` wraps every BcSocialAccount fetch β€” when `expiresAt` is within 60s of now, hits the platform's refresh endpoint, persists the rotated tokens, and returns the fresh access. Covers YouTube (1h TTL), X (~2h TTL), TikTok (24h TTL). Meta page tokens pass through unchanged (no refresh path; user must reconnect when they expire).
  • featTwitter `refreshAccessToken` helper β€” closes the gap from v0.9 where X access tokens silently expired after ~2h with no recovery. Uses Basic-auth + grant_type=refresh_token; persists the rotated refresh_token alongside since X invalidates the previous one.
  • featDELETE /api/bee-creative/social-accounts/[id] disconnects a single account. BcPublication.socialAccountId is `SetNull` on cascade, so historical post audit trails survive disconnect.
  • opsAudit-logged actions: `bc.social.connected` (already in v0.10) + `bc.social.disconnected` (new). Same actor / IP / metadata shape as the rest of the audit trail.

v0.10.0

  • featCloudflare R2 storage backend (S3-compatible). Replaces inline data URL storage for rendered videos + AI images. Zero egress fees critical for serving 100s of MB of video. Backward-compatible: legacy v0.9 data URL assets keep working unchanged. Configure with R2_ACCOUNT_ID + R2_ACCESS_KEY_ID + R2_SECRET_ACCESS_KEY + R2_BUCKET_NAME + R2_PUBLIC_URL_BASE.
  • featFacebook OAuth + Page posting. Single Meta consent yields all the user's FB Pages with their page-scoped access tokens. Photo via /photos endpoint, video via /videos with file_url (R2 public URL pulls server-side).
  • featInstagram Business OAuth + container publish. Same Meta consent β€” IG Business accounts attached to Pages get auto-discovered. 2-step flow: container create with media_url + caption, poll status_code until FINISHED, then media_publish. Reels for video, image for image. Requires R2 (Meta needs public URL).
  • featTikTok OAuth + Content Posting API via PULL_FROM_URL. Login Kit + video.publish scope, PKCE + state cookie. TikTok pulls the video from R2 and processes server-side. Default privacy SELF_ONLY for safety; production sets PUBLIC_TO_EVERYONE. Requires app review for production-mode posting.
  • opsFive social platforms shipped: YouTube + X + Facebook + Instagram + TikTok. All five share the same OAuth helper (state + PKCE + signed cookie) and the same publish endpoint, with platform branches that pick the right post mechanism (binary upload for YT/X, public URL fetch for FB/IG/TikTok).

v0.9.0

  • featBee Creative AI generative fill / remove / expand β€” actually wired to Replicate (FLUX-fill-dev). Previous 501 stubs now return real diffusion results. Cost charged per call to bcAiCalls budget; Hobby 0 calls (paid feature), Pro 50/mo, Max 200, Team 1000, Enterprise unlimited.
  • featServer-side video render via fluent-ffmpeg + ffmpeg-static. POST /api/bee-creative/video/render runs inline in a Node serverless function (≀5 min source duration on Vercel Pro maxDuration=300). Concat + drawtext overlays + watermark + audio mux. BcRenderJob lifecycle (rendering β†’ completed/failed) tracked. Self-host has no cap.
  • featOAuth 2.0 + Data API for YouTube and X/Twitter β€” actually publish from /api/bee-creative/publish. Google + Twitter auth flows with PKCE, signed state cookie, encrypted token storage (BcSocialAccount). YouTube videos.insert with privacy=private default. Twitter chunked media upload + /2/tweets. Instagram/TikTok/Facebook still draft-only β€” those each need 1+ commits for their platform-specific quirks.
  • opsShared OAuth helper module β€” state + PKCE generation, signed-cookie state cache (HMAC-SHA256 over OPENBEE_ENCRYPTION_KEY, 10-min TTL), encrypted token persistence + decrypt. Same pattern usable for the next 3 platforms in v0.10.

v0.8.0

  • featBee Creative β€” modul foto + video editor lengkap. Photo editor berbasis Canvas dengan layer (image / text / shape / adjustment), per-image color matrix, drag-drop upload, dan ekspor PNG/JPEG. Video editor multi-track timeline (video / audio / text) dengan drag-to-reposition, playhead-synced preview, dan ekspor MediaRecorder MP4/WebM (≀60 detik di v1).
  • featAI describe (foto) + AI auto-title (video) end-to-end via vision LLM yang sudah ada (Sonnet / 4o / Gemini Pro). Tidak perlu provider AI baru. Stub 501 yang jelas untuk fitur diffusion (generative fill, inpainting, expand, auto-cut, captions, color grade) yang ships di v0.9.
  • feat12 template seeded (6 foto + 6 video) untuk YouTube / Instagram / TikTok / Facebook / X. 16 Google Fonts curated. Plan-aware caps: bcPhotoProjects, bcVideoProjects, bcExportMinutesPerMonth, bcWatermarkRemoval. Hobby tier gets watermark.
  • featPublish endpoint, portfolio CRUD, social-account schema (encrypted OAuth tokens). Per-platform OAuth + Data API integrations queued for v0.9 β€” saat ini publish menyimpan rancangan + audit log.
  • feati18n locale 'id' (Bahasa Indonesia) untuk semua label Bee Creative. Workspace sidebar gets 'Bee Creative' nav entry.
  • opsNew `@openbee/bee-creative` package (framework-free pure-function core: types, photo color matrix, video timeline math, watermark composition). Migration `add_bee_creative` (230 lines, 7 models + 5 enums). Vitest suite +18 engine tests (107 total passing).

v0.7.6

  • featSlack bridge β€” pair via bot token + signing secret, /bee slash command (run / status / help) lives in any channel where the bot is invited. Replies post via chat.postMessage. Webhook verified via X-Slack-Signature HMAC-SHA256 with 5-minute replay window.
  • featSentry error tracking β€” fail-soft, no-op without DSN. captureException wired into apiErrorResponse fallback path. ApiError + Prisma errors deliberately ignored (user-facing, not bugs).
  • featRate limiting via Upstash Redis (production) with in-memory fallback (dev / single-instance). Named limiter catalogue: auth (20/min), publicApi (100/min), cron (5/min), telegramWebhook (600/min). Wired into /api/templates and /api/cron/scheduled-tasks.
  • featPlaywright e2e suite covering 23 public-surface flows + 8 integration tests for checkSeatStatus via prisma-mock. 89 unit tests total (was 75).
  • fixTelegram bridge delete: was passing encrypted bot token raw to deleteWebhook(), failing silently due to .catch(). Now decrypts before the API call.

v0.7.5

  • featCustom agents marketplace β€” 8 curated mission templates (Daily Slack digest, Email triage, Code review, Weekly standup, Meeting notes, Support reply, Bug investigation, Doc writer) with typed inputs, {{variable}} interpolation, and one-click instantiation into your workspace. Public /marketplace browse + /marketplace/[slug] detail pages let prospects discover Open Bee's capabilities without signing in.
  • featPer-template usage counter for popularity sort. Atomic counter increment on each fire keeps ranking honest under concurrent loads. Templates audit-logged via 'task.created_from_template'.
  • featMission Control header gains a 'Templates' link. Footer + landing nav surface /marketplace for first-time discovery.

v0.7.4

  • featAudit log β€” every state-changing action recorded with actor, IP, timestamp, and stable action namespace ('invite.created', 'member.role_changed', 'workspace.deleted', etc.). Plan-gated to Team / Enterprise. Cursor-paginated UI at Settings β†’ Audit log with resource-type filters and expandable metadata rows. SOC 2 Type II foundation laid.
  • featOutbound email for invites via Resend. With RESEND_API_KEY set, invites email a branded HTML template with CTA button + raw link fallback. Without it, invites still work β€” UI surfaces 'email skipped' and the inviter shares the link manually.
  • polishMobile chat surface β€” sidebar becomes a slide-in drawer on phones with a backdrop, body-scroll lock, and route-change auto-close. Hamburger button floats top-left under chat header. Conversation delete buttons stay visible on touch (no hover state).

v0.7.3

  • featMission scheduling β€” cron-driven recurring missions with timezone support, presets (daily 09:00, weekdays, Mondays, monthly, hourly) plus a custom-cron escape hatch. Atomic per-fire claim prevents double-execution under cron retries. Vercel Cron config for hosted, documented self-host alternative via crontab.
  • featPlan-aware caps: Hobby 0 (upgrade-gated), Pro 5, Max 25, Team unlimited. Preserves single-member ownership constraint while opening scheduled missions on Pro+.
  • featMission Control header gains a 'Schedules' link. New /w/<slug>/missions/schedules page with create/pause/resume/delete/fire-now actions and pretty cron descriptions.

v0.7.2

  • featWorkspace member invites β€” invite by email, role-aware (member / admin), 7-day token-based links with revocation, 192-bit-entropy tokens. Plan-aware seat enforcement so Hobby/Pro/Max stay single-member and Team caps at the seat count Stripe knows about.
  • featMembers settings page with current roster, role changes, promote/demote, and a 'leave workspace' action for non-owners. Pending invites table with copy-link + revoke.
  • featPublic /invite/<token> landing page that handles both signed-in and signed-out arrivals with the right CTA. Sign-up redirect preserves the invite so new users land in the right workspace post-signup.

v0.7.1

  • featWhatsApp bridge (M6.7) β€” pair via QR from your local open-bee daemon. Messages flow phone ↔ daemon ↔ Mission Control without traversing our cloud. whatsapp-web.js + Chromium are optional deps; install with --include=optional and run with open-bee start --whatsapp.
  • featNew daemon endpoints: /api/agent/bridges (list managed bridges with decrypted session), POST /api/agent/bridges/<id>/qr (push pairing QR), POST .../state (lifecycle), POST .../incoming (turn WA messages into tasks).
  • featBridges settings page now has a real WhatsApp card with QR display, polling-aware status updates, retry on failure, and disconnect.

v0.7.0

  • featPrivacy & compliance pre-launch pass β€” at-rest encryption (AES-256-GCM) for Telegram tokens and BYOK keys, full Privacy Policy / Terms / DPA / Security pages, GDPR-compliant data export, owner-confirmed workspace deletion with 30-day grace, and per-workspace BYOK for Anthropic/OpenAI/Google.
  • opsUniform API error mapping β€” Prisma init failures surface as 503, P2002 unique violations as 409, P2025 not-found as 404.
  • polishVisibility-aware polling on Mission Control and task detail β€” pauses while the tab is hidden or offline, resumes immediately on return.

v0.6.6

  • featMission Control Run button now flips between daemon and demo mode based on a live API-key probe. Telegram bridge ships with one-screen setup.
  • featMulti-provider chat β€” Anthropic Haiku 4.5 / Sonnet 4.6 / Opus 4.7, OpenAI GPT-4o-mini / 4o / o1, Google Gemini 2.5 Flash / Pro / Ultra.
  • fixDaemon API and Telegram webhook routes are now public to Clerk middleware so Bearer auth and signature verification get a chance to run.

v0.6.5

  • featDaemon ↔ cloud handshake β€” workspace-scoped API keys (obee_…), open-bee link, open-bee start, atomic task claim, structured event log.

v0.6.0

  • featMission Control Kanban β€” backlog / planned / running / review / done / failed columns with drag-to-move, run, archive.
  • featMission detail page with live event log, retry, and per-mission cost / duration / tool-call metrics.

v0.5.0

  • featOpen-source agent runtime under Apache-2.0. CLI commands: link, start, status, unlink. Reference tool plugins for filesystem and shell.

v0.4.0

  • featVisual Mode β€” toggle in chat to render Mermaid diagrams and Recharts charts inline, in a sandboxed iframe with strict CSP.

v0.3.0

  • featChat surface with vision β€” image attachments, model picker grouped by provider, taglines per model, Hobby tier defaults to Bee Fast.

v0.2.0

  • featAuth + billing β€” Clerk sign-in, Stripe Checkout / Portal, four plans (Hobby $2, Pro $25, Max $69, Team $39/seat), usage metering, per-model rate limits.

v0.1.0

  • featFoundation + landing page β€” Turborepo monorepo, Next.js 15 App Router, Tailwind, shadcn-style UI, hero / vision / mission / pricing / FAQ sections.