v1.5.20

Patch Changes

• #1132 580fc7f Thanks @RhysSullivan! - Fix the PostHog custom MCP OAuth setup flow so Add connection opens PostHog authorization instead of falling back to manual OAuth app registration.

• Updated dependencies []:

  • @executor-js/sdk@1.5.20
  • @executor-js/runtime-quickjs@1.5.20
  • @executor-js/local@1.4.4
  • @executor-js/api@1.4.40

v1.5.19

Patch Changes

• #1115 92bd86c Thanks @RhysSullivan! - Google media downloads (Drive file contents, exports, and other binary
  endpoints) are now returned as binary responses instead of being decoded as
  text, so files come back intact. Emit them with emit(result.data).

• #1115 92bd86c Thanks @RhysSullivan! - The CLI now validates that a URL is http/https before handing it to the
  operating system's browser opener, and on Windows opens it via
  rundll32 url.dll,FileProtocolHandler instead of cmd /c start. This removes a
  path where a crafted URL could be interpreted as a shell command. executor login and the "open in browser" prompts behave the same for normal URLs.

• #1115 92bd86c Thanks @RhysSullivan! - Hardened the hosted egress guard. Outbound requests from OAuth token exchanges,
  MCP transports, and GraphQL/Google/Microsoft discovery now all route through the
  guard, and the guard resolves DNS before connecting so a hostname that points at
  a private or loopback address is blocked rather than only literal private IPs.
  This tightens SSRF protection for hosted and cloud execution.

• Updated dependencies []:

  • @executor-js/sdk@1.5.19
  • @executor-js/runtime-quickjs@1.5.19
  • @executor-js/local@1.4.4
  • @executor-js/api@1.4.39

v1.5.17

Patch Changes

• #1076 3e47752 Thanks @RhysSullivan! - Add executor login (plus logout and whoami) for signing the CLI into a
  hosted or self-hosted Executor server using the OAuth 2.0 Device Authorization
  Grant (RFC 8628), instead of manually creating and pasting an API key. login
  prints a code and verification URL, opens the browser, and polls; afterwards the
  CLI authenticates with a bearer token. Works against both cloud (WorkOS) and
  self-host (Better Auth) servers.

• #1076 3e47752 Thanks @RhysSullivan! - connections.list now returns a lean summary by default, replacing the full
  oauthScope grant string (which can run to thousands of characters per
  connection) with an oauthScopeCount. Pass verbose: true to get the full
  grant back.

• #1076 3e47752 Thanks @RhysSullivan! - The execute result envelope now reports how many items a script sent to the user
  via emit(). A script that only emits (with no return value) is no longer
  indistinguishable from one that did nothing: the envelope includes an emitted
  count and a (no return value; N items emitted to the user) text preview.

• #1076 3e47752 Thanks @RhysSullivan! - Fix OAuth connect for providers that issue authorization codes redeemable only
  at a region-specific token host. Executor now redeems the code at the region
  returned on the callback rather than the statically advertised token endpoint,
  so connecting these providers no longer fails at the token-exchange step.

• #1076 3e47752 Thanks @RhysSullivan! - Send a default executor User-Agent on OpenAPI tool calls. Upstreams such as
  GitHub that reject requests without a User-Agent (HTTP 403) now succeed instead
  of surfacing the rejection as a credential error. A spec- or connection-provided
  User-Agent still takes precedence.

• Updated dependencies []:

  • @executor-js/sdk@1.5.17
  • @executor-js/runtime-quickjs@1.5.17
  • @executor-js/local@1.4.4
  • @executor-js/api@1.4.37

v1.5.16

Patch Changes

• #1066 0961773 Thanks @RhysSullivan! - Replace the code-mode output helpers with a single emit(value) primitive.
  emit(...) accepts plain values, ToolFile attachments, and MCP content blocks,
  while return remains reserved for ordinary structured data.
• Updated dependencies []:
  • @executor-js/sdk@1.5.16
  • @executor-js/runtime-quickjs@1.5.16
  • @executor-js/local@1.4.4
  • @executor-js/api@1.4.36

v1.5.15

Patch Changes

• Updated dependencies []:
  • @executor-js/sdk@1.5.15
  • @executor-js/local@1.4.4
  • @executor-js/api@1.4.35
  • @executor-js/runtime-quickjs@1.5.15

v1.5.14

Patch Changes

• #1051 cfda0ac Thanks @RhysSullivan! - Fix desktop startup so a failed supervised-daemon replacement no longer leaves
  the app on a black window. The desktop now re-checks the daemon after install
  failures, falls back to a managed sidecar when the stale daemon disappears, and
  surfaces startup recovery instead of leaving a failed renderer visible.
• Updated dependencies []:
  • @executor-js/sdk@1.5.14
  • @executor-js/runtime-quickjs@1.5.14
  • @executor-js/local@1.4.4
  • @executor-js/api@1.4.34

v1.5.13

Patch Changes

• #1046 2de1804 Thanks @RhysSullivan! - Windows installs now repair stale Executor service listeners and only report success after the background daemon publishes the sign-in manifest used by executor web. The desktop app also attaches to a reachable supervised daemon before trusting Windows PID probes, so it no longer starts a competing sidecar when the background service already owns the port.

• Updated dependencies []:

  • @executor-js/local@1.4.4
  • @executor-js/api@1.4.33
  • @executor-js/sdk@1.5.13
  • @executor-js/runtime-quickjs@1.5.13

v1.5.12

Patch Changes

• #1021 c8faad7 Thanks @RhysSullivan! - Self-hosted instances now detect their public URL automatically on common
  platforms, and origin handling is consistent across every host. When
  EXECUTOR_WEB_BASE_URL is not set, the server reads the origin a host injects
  (Railway, Render, Fly, Vercel, Netlify, Heroku, Azure, Cloudflare Pages) instead
  of defaulting to localhost — so a platform deploy works with zero configuration
  and no longer fails sign-in with "Invalid origin". When the origin still can't be
  determined, that error is replaced with a clear message telling you exactly which
  EXECUTOR_WEB_BASE_URL value to set, and a startup warning fires on any non-dev
  deploy that falls back to localhost. The MCP browser-approval link a self-host
  sends to clients now uses the pinned public URL (reachable behind a reverse
  proxy) rather than the server's internal address. These resolution rules now live
  in one shared helper used by every host.
• Updated dependencies []:
  • @executor-js/sdk@1.5.12
  • @executor-js/runtime-quickjs@1.5.12
  • @executor-js/local@1.4.4
  • @executor-js/api@1.4.32

v1.5.11

Patch Changes

• #1002 64b3544 Thanks @RhysSullivan! - Fix the self-hosted "Connect an agent" MCP URL. The card printed an
  organization-scoped path (<origin>/<organizationId>/mcp) that the
  single-tenant self-host server didn't serve, so connecting an MCP client
  authorized successfully but then failed to reach the tools with an HTTP 404.
  The self-host server now accepts the organization-scoped path and routes it to
  its MCP endpoint.

• #1002 64b3544 Thanks @RhysSullivan! - Self-hosted MCP connections now require explicit approval. When an MCP client
  connects, the browser stops on an approval screen showing the connecting
  client's name, what it can access, and that the grant is limited to the MCP
  server (not a web-app login, and it can't make other API calls on your behalf);
  a token is granted only after you Approve. Previously a signed-in user's client
  was authorized automatically with no prompt.

• #1008 7237bf2 Thanks @RhysSullivan! - Self-hosted instances no longer lose data on restart. Better Auth now shares
  the same libSQL connection as the rest of the instance instead of opening its
  own. Previously the two connections each managed their own write-ahead log on
  the shared database file, and the second one to open could orphan the first —
  so integrations, connections, and tools written after startup landed in a
  discarded log and disappeared on the next restart, while sign-in data survived.
  This is the "reconnected my account but it has zero tools" failure; a single
  shared connection removes the split entirely.

• Updated dependencies []:

  • @executor-js/sdk@1.5.11
  • @executor-js/runtime-quickjs@1.5.11
  • @executor-js/local@1.4.4
  • @executor-js/api@1.4.31

v1.5.10

Patch Changes

• #995 0717067 Thanks @RhysSullivan! - Self-hosted deployments now persist their data correctly across restarts.

• Updated dependencies []:

  • @executor-js/sdk@1.5.10
  • @executor-js/runtime-quickjs@1.5.10
  • @executor-js/local@1.4.4
  • @executor-js/api@1.4.30