What's new for you
Release focused on setup UX, prompt quality, operational guardrails, and channel/runtime reliability: improved onboarding security UI and model-load feedback, stronger default agent prompts, tiered model pricing support, session-store maintenance caps, cron state-file split, Moonshot Kimi defaults, and broad fixes across owner-command enforcement, startup dependency repair, thinking/reasoning controls, Slack/Telegram/Matrix/BlueBubbles delivery, and gateway security boundaries.
- Onboarding — clearer security disclaimer UX plus loading spinner during initial model catalog fetch
- Models/cost — tiered pricing support and bundled Moonshot Kimi K2.6/K2.5 usage-cost estimates
- Sessions/maintenance — enforce entry cap + age pruning to avoid backlog-driven OOM startup
- Cron — split runtime state into `jobs-state.json` so `jobs.json` stays stable for tracked definitions
- Security — stricter owner-command identity checks and expanded gateway config mutation guardrails
- Channels/runtime — large reliability pass across Slack, Telegram, Matrix, BlueBubbles, Discord, and cron delivery
Release highlights
| Feature | Details |
|---|---|
| Onboarding security UX refresh | Setup wizard now uses a clearer warning-banner layout, better scanning structure, and loading feedback during initial model catalog resolution. |
| Tiered model pricing + Kimi defaults | Token-cost reporting now supports tiered pricing; bundled Moonshot setup and media/web-search defaults move to kimi-k2.6 with kimi-k2.5 compatibility. |
| Session maintenance guardrails | Built-in session entry caps and age pruning are enforced by default, including load-time pruning for oversized stores to reduce startup OOM risk. |
| Cron state split (`jobs-state.json`) | Execution/runtime state is separated from job definitions so jobs.json remains clean for review and source control. |
| Owner-command and gateway guardrails | Owner-enforced commands require true owner identity, and model-facing gateway config mutation paths are further restricted for trusted settings. |
| Plugin runtime dependency repair | Bundled plugin runtime deps are repaired per-plugin runtime directory with quieter repeated startups and safer package-manager handling. |
| Channel delivery reliability pass | Fixes include Slack thread alias handling, Telegram polling/reaction tuning, Matrix allowlist reloads, BlueBubbles send/replay stability, and cron announce delivery correctness. |
Feature deep dives
Learn more about the changes that matter most. Bug fixes and minor improvements are listed on GitHub.
Onboarding security UX refresh
Setup wizard warning UX and initial model-load behavior are clearer and less error-prone.
Read more →Tiered pricing and Kimi defaults
Usage-cost estimates improve with tiered pricing while bundled Moonshot defaults move to kimi-k2.6.
Read more →Session maintenance guardrails
Default caps and age pruning reduce runaway backlog size and startup memory risk.
Read more →Cron jobs-state split
Runtime execution state now lives in jobs-state.json, preserving cleaner tracked job definitions.
Read more →Owner-command and gateway guardrails
Owner checks and model-facing config mutation constraints are tightened for safer operation.
Read more →Plugin runtime dependency repair
Bundled plugin runtime dependency install and repair paths are more stable and less noisy.
Read more →Channel delivery reliability pass
Large reliability pass across Slack, Telegram, Matrix, BlueBubbles, Discord, and cron delivery.
Read more →Full release notes
The complete changelog with all changes, fixes, and technical details is on the official GitHub release page.
Open v2026.4.20 on GitHub →