What's New in Trinity v0.6.0
Released 2026-06-01
This is a big reliability-and-security release. Long-running and agentic tasks are far more robust — they no longer silently drop their result, hang, or leave an agent stuck — and the platform has been hardened across the board (authenticated Redis, ticket-based WebSockets, non-root containers, encrypted channel tokens). It also adds a stateful Session chat that remembers context across turns and an experimental Voice Workspace where an agent can draw on a live canvas while you talk.
Improvements
•Resumable Session chat — A new Session tab keeps the full conversation context across turns, so multi-step work, mid-task state, and reasoning carry over between messages instead of starting fresh each time.
•Voice Workspace (beta) — Talk to an agent while it paints a live canvas beside the orb: diagrams, images, and formatted text. Off by default; an admin enables it.
•Longer tasks by default — The default execution timeout increased from 15 to 60 minutes, so bigger jobs finish without being cut off. You can still set a per-agent limit.
•Safer deletes and automatic cleanup — Agents and schedules are now soft-deleted and recoverable, and configurable retention automatically prunes old execution logs and audit history to keep the database lean.
•Smarter schedules — An agent can decide a scheduled run isn't needed and skip it, so cron jobs only do work when there's something to do.
•Platform default model — Set a fleet-wide default model, with clearer UI showing which schedules use the default.
•Public chat upgrades — Logged-in users get a conversation-history dropdown, and the empty chat state now offers quick-action buttons to get started.
•External discoverability — Agents publish a standard Agent Card so outside orchestrators can discover what they do.
•Clearer verification emails — Login codes now arrive with the agent name, more context, and a proper HTML layout.
Fixes
•Long-running tasks are reliable now — The most impactful work in this release: long and agentic tasks no longer silently lose their final result, hang indefinitely, or leave an agent unresponsive. Stuck background processes are cleaned up, and the agent connection recovers on its own after overload instead of staying broken.
•Scheduled runs honor your timeout — Scheduled tasks now respect each agent's execution-timeout setting and are no longer killed early as "stale."
•Cancelled runs report correctly — A cancelled execution now shows as cancelled instead of being mislabeled a success.
•Voice — Fixed sessions that dropped when load shifted between workers, broken tool calls, and canvas flicker.
•Slack — Markdown now renders properly, image uploads are visible to the agent, the integration recovers from periodic disconnects, and a startup failure no longer leaves Slack permanently offline.
•Telegram — Image uploads are now visible to the agent.
•Outbound file sharing — Now works for agents that require a verified email.
•Read-only mode — Now blocks file Write/Edit actions, not just shell commands.
•Templates — Locally added agent templates appear in the template list, and deploying from a private GitHub template falls back to the platform credential.
•Stability under pressure — An agent running out of memory no longer freezes the admin UI.
•Small UI fixes — The Copy Config and Copy Key buttons on the API Keys page work again.
Security & Hardening
•Redis now requires a password — agent containers can no longer reach the platform's task queue unauthenticated.
•Real-time connections authenticate with single-use tickets instead of carrying a token in the URL.
•All platform containers run as a non-root user.
•Slack and Telegram bot tokens are encrypted at rest.
•Hardened several access and input-handling paths (file-write guardrails, agent-creation permission checks, login and webhook rate-limit handling, and voice-canvas content sanitization).
•Fixed an issue where one public-chat user's information could be exposed to others.
•Patched known dependency vulnerabilities and pinned CI build actions.
Upgrade Notes
•Re-login required. As with any update, you'll need to log in again after the platform restarts, and external tools connected over MCP need to reconnect.
•Self-hosted operators: this release requires Redis passwords (
REDIS_PASSWORD and REDIS_BACKEND_PASSWORD), and because containers now run as non-root you must re-own your data directory during the upgrade. Follow the upgrade guide; it has the exact steps.•The open-source platform continues to run fully on its own — the developer tooling and enterprise features moved into optional private add-ons that the public build does not require.