June 1, 2026
Trinity v0.6.0 — Reliability + Security Release
Trinity v0.6.0 is out — a major reliability and security release with 264 commits, 117 issues closed, and 10 contributors.
See the full write-up in What's New →
Reliability
- Execution state machine— agent-authoritative execution state machine with single-writer projection
- Hardened recovery— hardened orchestration, capacity, and circuit-breaker recovery plus many long-running-task fixes
- Canary invariant harness— continuous canary invariant harness with 7 new orchestration checks
Security
- Redis auth mandatory— Redis auth now requires
REDIS_PASSWORD+REDIS_BACKEND_PASSWORD - Tokens encrypted at rest— Slack/Telegram bot tokens encrypted at rest
- WebSocket JWT out of the URL— moved to ticket-based auth
- Non-root containers— across all production images
- Guardrail-bypass RCE closed— plus Dependabot high/critical remediation
New
- Session tab —
--resume-default chat that keeps full working memory across turns - Voice Workspace(experimental) — agent-scoped voice + canvas with Trinity MCP access, admin-gated
- Soft-delete— plus configurable data-retention/pruning policies
- Default chat timeout 15m → 60m, platform default model setting, and A2A Agent Cards
Upgrade
Set REDIS_PASSWORD + REDIS_BACKEND_PASSWORD; re-own the data path for non-root containers. Verify: curl -s localhost:8000/api/version → 0.6.0
Full notes → github.com/abilityai/trinity/releases/tag/v0.6.0