This release adds native Cursor hooks support, full Claude Code session capture, MCP app integration across the playground and functions SDK, and a redesigned Available Tools section on MCP install pages.
Features
Cursor hooks support#2073 - Added Cursor hooks support with an authenticated endpoint, plugin, and setup flow. (Author: @bradcypert )
Claude Code full session capture#2049 - Added support for full session capture from Claude Code, recording complete transcripts of prompts, responses, and tool calls. (Author: @simplesagar )
MCP app support#2061 - Added MCP app support across the playground, local functions runner, and functions SDK, with improved lifecycle handling for proxied tool and resource responses. (Author: @danielkov )
Interactive Available Tools section on MCP install pages#2089 - Redesigned the Available Tools section on MCP install pages with a compact expandable table format. Each tool row shows its name and description, with an inline detail panel revealing annotation badges on click. Servers with more than ten tools display a "Show N more" button. (Author: @simplesagar )
Role-based access control enforcement and roles dashboard
This release adds RBAC enforcement for projects (behind a feature flag) and introduces a dashboard for assigning roles.
Features
RBAC enforcement for projects#2005 - Added role-based access control enforcement to projects, gated behind a feature flag. (Author: @tgmendes )
Roles assignment dashboard#2078 - Added a feature-flagged dashboard for assigning roles to organization members. (Author: @qstearns )
Dialog component for MCP server deletion#2076Â - Replaced the browser
dialog with a proper Dialog component for MCP server deletion, improving the user experience. (Author: @alx-xo )
Bug fixes
Fix OAuth validation checks#2080 - Fixed an issue with OAuth validation checks when tools have no security annotations, ensuring toolset-level OAuth is checked correctly. (Author: @tgmendes )
Fix custom domain verification on transient errors#2047 - Fixed custom domain verification to fail fast on transient database errors instead of incorrectly creating a new domain record. (Author: @bflad )
Attribute key discovery in log search#2050 - When searching MCP logs, available attribute keys are now displayed to assist with filtering. (Author: @alx-xo )
endpoint now returns idempotent success for non-existent projects instead of a misleading error. (Author: @bflad )
Fix toolset cache invalidation on template deletion#2046 - Fixed an issue where the toolset cache was not being invalidated when a template was deleted. (Author: @bflad )
Remove legacy grants API endpoints#2043 - Removed the legacy grants API endpoints, now replaced by the roles management API. (Author: @tgmendes )
Role-based access control API and improved deployment logs
This release introduces a new API for role, membership, and grants management, along with improved user-facing deployment logs.
Features
Role, membership, and grants management API#2031 - Added a new API for managing roles, memberships, and grants, providing the foundation for role-based access control across projects and organizations. (Author: @tgmendes )
Improved deployment logs#2033 - Improved user-facing deployment logs with source processing details and an aggregate summary for better visibility into deployment progress. (Author: @bflad )
Bug fixes
Revert multiple security schemes with public OAuth#2030 - Reverted the feature allowing other security schemes when public OAuth is configured due to unexpected behavior. (Author: @disintegrator )
Validate default environment ID#2024Â - Added validation to ensure
belongs to the caller's project before storing it in MCP metadata. (Author: @simplesagar )
Fix Pylon chat widget overlap#2025 - Fixed the Pylon chat widget overlapping the playground send button by hiding the default launcher and adding toggle support to the Get Support button. (Author: @simplesagar )
Clean up defunct observability seed logic#2019 - Removed defunct observability seed tool logic as part of onboarding cleanup. (Author: @danielkov )
Multiple security schemes alongside OAuth and health check improvements
This release adds support for multiple security schemes alongside OAuth on public servers and improves server health check reliability.
Features
Multiple security schemes with public OAuth#2023 - Added support for multiple security schemes even when OAuth servers are configured on public servers. (Author: @qstearns )
Improved server health checks#2018Â - Moved control server initialization after all routes and middleware are attached, and added a
endpoint to the main API mux so the control server can verify the API is actually serving traffic before reporting healthy. (Author: @disintegrator )
Bug fixes
Align built-in MCP detail page header#2013Â - Aligned the built-in MCP detail page header and install section with the standard MCP detail page styling. (Author: @adaam2Â )
Audit log diff viewer and non-blocking deployments
This release introduces a diff viewer for audit log update events and makes deployment interactions non-blocking to prevent UI timeouts.
Features
Audit log diff viewer#1988Â - Introduced a diff viewer that highlights changes in audit subjects for update events. Additionally, renamed
audit events to
since toolsets are no longer a visible primitive on the dashboard. (Author: @disintegrator )
Non-blocking deployment interactions#2001Â - Made deployment interactions non-blocking by passing
to create/evolve API calls. The UI now polls for deployment completion instead of blocking the request, preventing timeouts on long-running deployments. (Author: @adaam2Â )
Bug fixes
Strip tools from toolset audit log snapshots#2000Â - Removed the large
field from toolset audit log snapshots to avoid serializing unnecessary data into audit log entries. (Author: @disintegrator )
Access and permissions management API and login page redesign
This release adds new API endpoints for RBAC-based access and permissions management, along with a redesigned login page featuring Speakeasy brand styling.
Features
Access and permissions management API#1968 - Added new API endpoints for access and permissions management with an RBAC enforcement package. (Author: @tgmendes )
Login page redesign#1962 - Revamped the login page with Speakeasy brand styling, a distributed platform diagram with Control Plane and Tools Platform sections, and updated copy. (Author: @simplesagar )
Bug fixes
Fix authorization header clobbering#1973 - Fixed an issue where API key headers were overwritten when the client credentials exchange was unconfigured. (Author: @qstearns )
Upgrade insights copilot model#1964Â - Upgraded the insights copilot to
and injected the current date into the system prompt for improved temporal context. (Author: @adaam2Â )
Fix skeleton flash on logout#1961Â - Suppressed the loading shell skeleton flash on unauthenticated routes during logout. (Author: @adaam2Â )
Audit log faceted search and dashboard audit logs page
This release adds faceted search to the audit logs API and introduces a new Audit Logs page to the organization dashboard.
Features
Audit log faceted search#1982Â - Added actor and action search facets to audit logs via a new
endpoint, with the existing
endpoint updated to support filtering by actor and action. (Author: @disintegrator )
Audit logs page in the organization dashboard#1985 - Introduced a new Audit Logs page to the organization dashboard, allowing users to view a history of actions taken within the organization. (Author: @disintegrator )
Bug fixes
Fix mixed-case HTTP authentication scheme handling#1986Â - Standardized OpenAPI HTTP authentication scheme casing so extraction and stored metadata function correctly across variants like
Fix server filtering in logs page#1984 - Fixed server selection functionality in the dashboard logs page using exact server filtering. (Author: @tgmendes )
This release introduces the audit logs API service, enabling tracking and recording of audit events across Gram services with new URN types to represent various subjects.
Features
Audit logs API service#1944 - Introduced the audit logs API service and supplementary code to start recording audit logs across services, including new URN types to represent various subjects in Gram. (Author: @disintegrator )
Bug fixes
Fix hardcoded org slugs in MCP log URLs#1936 - Replaced hardcoded org slugs in MCP URLs for the built-in MCP logs server. (Author: @simplesagar )
Fix CLI release signing#1945Â - Fixed CLI release signing by switching to cosign v3 bundle format and migrating to Ubuntu runner. (Author: @adaam2Â )
This release adds the ability to detach environments from MCP servers and fixes authentication for org-scoped credit usage.
Features
Detach environments from MCP servers#1934 - Added the ability to detach an environment from an MCP server, giving more flexibility in environment management. (Author: @simplesagar )
authentication so org-scoped credit usage works correctly for customers with multiple projects, requiring only session auth. (Author: @disintegrator )
Show coming soon placeholder on CLIs page#1929 - Added a coming soon placeholder on the CLIs page. (Author: @simplesagar )
Fix CLI update when using Homebrew#1931 - Fixed an issue where the CLI update command didn't work correctly when installed via Homebrew. (Author: @aditya-mitra )
Increased Gram Function runner memory and table view for list pages
This release doubles the memory allocation for Gram Function runners and adds a table view option for list pages in the dashboard.
Features
Increased Gram Function runner memory to 1 GB#1922 - Gram Function runners now run with 1 GB of memory instead of 512 MB, providing more headroom for memory-intensive operations. (Author: @disintegrator )
Table view toggle for list pages#1894Â - Added a grid/table view toggle for MCP, Sources, and Catalog list pages with animated dot-pattern rows and localStorage persistence. (Author: @adaam2Â )
Bug fixes
Fix MCP environments default display#1898 - Fixed an issue where the MCP environments section displayed the wrong default when no environment was attached. (Author: @simplesagar )
Prevent double-back-button on detail pages#1907 - Fixed a navigation issue where detail pages rendered two back buttons. (Author: @simplesagar )
Playground OAuth discovery fix and error handling for MCP tool results
This release fixes OAuth discovery in the playground to use toolset-level configuration and sets error status on MCP tool results based on HTTP response codes.
Features
Display audience field in OAuth proxy server details#1862 - The OAuth proxy server details view now displays the audience field. (Author: @simplesagar )
Set isError on MCP tool results based on HTTP status#1887Â - MCP tool results now have
set based on the HTTP response status code, improving error visibility for tool calls. (Author: @minuteman3Â )
Bug fixes
Fix playground OAuth discovery#1861Â - Resolved an issue where the playground OAuth discovery relied on removed tool-definition fields. OAuth requirements are now detected from
This release adds admin-only cache purging for MCP registries, improves HTTP status attribute references in MCP logs, and removes the deprecated logs enabled flag from the telemetry API.
Features
Admin-only cache purging for MCP registries#1815Â - Added a
endpoint restricted to admin users for purging MCP registry caches. (Author: @ndimares )
Bug fixes
Correct HTTP status attribute references in MCP logs#1814 - Fixed incorrect HTTP status attribute references in MCP logs search to surface the correct values. (Author: @simplesagar )
Remove logs enabled flag from telemetry API#1811Â - Removed the deprecated
field from telemetry API responses. (Author: @tgmendes )
Remove automatic browser opening on deployment#1807 - The CLI no longer automatically opens the browser when a deployment completes. The URL is printed to the console instead. (Author: @disintegrator )
Unified OAuth for external MCP servers and hooks dashboard
This release unifies the OAuth configuration pathway for external MCP servers and adds a dedicated dashboard page for managing hooks.
Features
Unified OAuth for external MCP servers#1797 - External MCP servers now use the same OAuth configuration pathway as all other toolsets, removing special-cased token resolution. The "Configure OAuth" button is enabled for external MCP servers that require OAuth, and discovered OAuth metadata can auto-populate the configuration form with a single click. (Author: @qstearns )
Hooks dashboard page#1767 - Added a dedicated dashboard page for viewing and managing hooks. (Author: @chase-crumbaugh )
to match documentation, improved dark mode styling for feedback buttons, and updated the system prompt to prevent multiple generative UI widgets per response. (Author: @adaam2Â )
Settings page with tabs routing#1747Â - Improved the settings page with tabbed routing and logging API integration. (Author: @adaam2Â )
Hooks, telemetry attribute filtering, and identity passthrough
This release introduces an initial implementation of Gram hooks for tool capture, adds dynamic attribute filtering for telemetry logs, and enables passing authenticated user emails to functions.
Features
Gram hooks for tool capture#1755 - Added Gram hooks that capture tool invocations, enabling observability into tool usage. (Author: @chase-crumbaugh )
Telemetry attribute filtering#1751 - Added the ability to filter telemetry logs by dynamic attributes on the logs page. (Author: @tgmendes )
Identity passthrough for functions#1771Â - Function authors can now receive the authenticated Gram user's email by setting
Settings page improvements#1747Â - Improved the settings page with tabbed routing and logging API integration. (Author: @adaam2Â )
Server instructions section#1729 - Moved server instructions to a dedicated section with LLM-generated best practices for MCP server instructions. (Author: @simplesagar )
External auth user ID tracking#1746 - Added the ability to track external auth user IDs in telemetry logs by extracting JWT subject from external MCP OAuth tokens. (Author: @tgmendes )
Zod v4 upgrade#1717Â - Upgraded Zod to v4 across the monorepo and bumped
This release adds the ability to install Slack apps directly through the Gram dashboard, and introduces a new CLI command for cloning and redeploying existing deployments.
Features
Slack app installation through Gram UI#1711 - Added the ability to install Slack apps through the Gram UI with OAuth-based installation, per-app event handling, and legacy cleanup. (Author: @qstearns )
command to clone and redeploy existing deployments, with a visible redeploy button on every deployment detail page and deployments navigation on the sources page. (Author: @simplesagar )
Bug fixes
Tool call logs count shown but empty state#1708 - Fixed an issue where the tool call logs count was displayed but the content showed an empty state. (Author: @simplesagar )
Telemetry attribute filtering and built-in logs MCP server
This release adds telemetry attribute key listing and arbitrary attribute filtering to the logs API, and exposes project logs as a built-in MCP server for querying through any LLM client.
Features
Telemetry attribute key listing API#1712Â - Added a
endpoint to retrieve distinct attribute keys for telemetry filtering. (Author: @tgmendes )
Arbitrary attribute filtering for search logs#1701 - Added a new filtering option to the search logs endpoint to filter by any attribute. (Author: @tgmendes )
Built-in logs MCP server#1665 - Exposed project MCP logs as a built-in logs MCP server that comes pre-deployed, enabling interaction with logs through any LLM client. (Author: @simplesagar )
Bug fixes
Source detail page crash without logs#1687 - Prevented the source detail page from crashing when logs are not enabled by gracefully degrading without metrics. (Author: @qstearns )
Logs page and AI Insights UI improvements#1658Â - Improved logs page timestamp display, fixed tree line alignment in expanded log rows, filtered out chat completion logs from tool calls list, added click-outside-to-close for AI Insights sidebar, and removed Beta labels from AI Insights. (Author: @adaam2Â )
Diagnostic hints for function runner failures#1698 - Added diagnostic hints for Node.js module loading failures in the functions runner. (Author: @simplesagar )
Tool call logging and redesigned source detail page
This release adds opt-in logging for tool call inputs and outputs, and redesigns the source detail page with a two-panel layout showing deployments and invocation activity.
Features
Opt-in tool call input/output logging#1657 - Added an opt-in toggle to record tool call inputs and outputs in logs for easier debugging and observability. (Author: @tgmendes )
Redesigned source detail page#1577 - Redesigned the source detail page with a two-panel layout showing deployments and invocation activity, giving a high-level overview of a source's utilization across MCP servers. (Author: @simplesagar )
Bug fixes
Open CORS policy on /openapi.yaml#1659Â - Updated CORS policy on
Wire up add another button in environment variables sheet#1639 - Fixed the "Add another" button in the environment variables sheet to properly add new variable rows. (Author: @simplesagar )
This release makes the Temporal task queue configurable to support staging and preview deployments.
Features
Configurable Temporal task queue#1646 - Refactored the server to make the Temporal task queue configurable, unblocking staging and preview deploys. (Author: @disintegrator )
This release displays Elements errors directly in the chat interface and adds automatic session token refresh before chat requests.
Features
Show Elements errors inside the chat#1633 - Elements errors now appear directly in the chat conversation for easier debugging. (Author: @chase-crumbaugh )
Auto-refresh expired session tokens#1615Â - Added JWT expiry detection with a 30-second buffer, deduplicates concurrent refresh calls via
, and falls back to the stale token on failure. Refresh is automatic for non-static sessions and skipped during replays. (Author: @walker-tx )
Inline error display and insights dashboard improvements
This release surfaces Elements errors directly inside the chat interface and reorders the insights dashboard to prioritize tool metrics.
Features
Reorder insights dashboard#1641 - Reordered the insights dashboard to show tool metrics first, making the most actionable data immediately visible. (Author: @simplesagar )
Bug fixes
Show Elements errors inside the chat#1633 - Elements errors now appear inline within the chat interface instead of failing silently. (Author: @chase-crumbaugh )
