Release notes from stacktape

3.6.6

2026-03-18T14:06:35Z

🚀 New Features

Filter noisy dev logs instantly — The Stacktape dev UI now supports inline log search, so you can narrow output by workload, message text, quoted phrases, exclusions, or log level without leaving the terminal
Faster multi-service rebuild flow — In dev mode, rebuilding is quicker when several workloads are running: you can rebuild the selected workload, pick a target from the UI, or trigger all rebuilds at once
GitHub Deployments integration — Console-triggered and Git-driven deployments now report through GitHub Deployments, giving clearer environment-level status updates instead of generic commit checks
Proactive API key expiry protection — New API keys now get a default expiration window, users receive warning emails before keys expire, and org admins can revoke a member’s active org API keys when access should end

✨ Improvements

More adaptable terminal layout — The Stacktape dev UI is now organized around reusable route/context modules, which makes the interface more consistent and unlocks richer controls like fullscreen sidebar views
Smoother dev UI interactions — Terminal rendering is more responsive, making live logs and status updates feel less jerky during active work
Safer member offboarding — Removing a member or leaving an organization now revokes active org API keys so old credentials do not quietly remain usable

🔨 Bugfixes

Runner-based deletes no longer depend on repo checkout — Remote delete flows now work even when source checkout is unnecessary, avoiding failures in EC2-runner cleanup paths
Better GitHub repo URL handling — SSH-style repository URLs are now recognized correctly, which helps deployment reporting work reliably across more repository setups
Correct deploy log links in GitHub messages — GitHub comments and status links now land on the right stage-specific console pages

Docs • Slack • X

3.6.5

2026-03-18T13:57:21Z

🚀 New Features

Dev TUI log filtering and workflow controls — Added log filtering and faster workflow controls to the dev mode terminal UI

Docs • Slack • X

3.6.4

2026-03-16T01:25:37Z

🔨 Bugfixes

Stack output idempotency — Stacktape-managed CloudFormation outputs (deploymentVersion, stackInfoMap) now use overwriteExisting mode, preventing "output already exists with different value" errors when prepareForDeploy runs more than once in the same session (e.g. during rollback flows)

Docs • Slack • X

3.6.3

2026-03-16T01:25:26Z

🚀 New Features

CDN canonical URL params — Added cdnCanonicalDomain and cdnCanonicalUrl as referenceable params on all CDN-enabled resources (load balancers, buckets, functions, HTTP API gateways), making it easy to reference the canonical CDN URL in config directives

🔨 Bugfixes

Nested directive resolution — Replaced string-based directive substitution with a tree-walking node replacement algorithm that properly handles chained/nested directives (e.g. $ResourceParam() resolving to a value containing $Secret()). Removes the previous double-resolve workaround
Stack trace cleanup — Internal Stacktape source frames are now filtered from user-facing error output
npm binary entrypoint — Deduplicated spawnSync logic with consistent error/signal handling
Path resolution — Fixed file path resolution issues in compiled binaries

✨ Improvements

Build system consolidation — Centralized the OpenTUI/Solid build plugin into a single reusable module, replaced dynamic tsconfig generation with a static tsconfig.build.json, and simplified binary compilation to use Bun.build directly with a dedicated compiled-entry.ts entrypoint
TypeScript config loading — Removed the runtime Bun.build bundling pipeline; Bun's native TS support with autoloadTsconfig now handles configs directly

🖥️ Console UI

Monitoring form improvements — Alarm, budget, and notification creation modals now have better icons, default values, placeholder text, and validation (e.g. breachedPeriods <= evaluationPeriods, budget percentage validation, includeInHistory toggle)
Human-readable summary pills — MultiValueSummary now shows "All projects" / "All stages" labels instead of raw * values across alarm, budget, and notification listing pages
Navigation reorganization — AWS Accounts and Domains moved under the Configuration section for clearer grouping
Role access hints — Member invite/update forms now show "This role has access to all projects" for OWNER and ADMIN roles
Alert channel form polish — Access Token and Secret fields are now password-masked; webhook URL fields have descriptive hints

Docs • Slack • X

3.6.2

2026-03-15T23:44:41Z

🔨 Bugfixes

TypeScript config loading — Removed the runtime Bun.build bundling pipeline for TS configs in compiled binaries. Bun's native TypeScript support now handles configs directly, with autoloadTsconfig enabled at compile time so path aliases resolve correctly
Stack trace cleanup — Internal Stacktape source frames (from src/, shared/, scripts/) that don't exist on disk are now filtered out of user-facing error stack traces
npm binary entrypoint — Deduplicated spawnSync logic into an executeBinary helper with consistent error and signal handling for both global-binary and downloaded-binary code paths

Docs • Slack • X

3.6.1

2026-03-13T14:18:29Z

🚀 New Features

Native tunnel client — Replaced the external bore binary with a pure Node.js implementation of the bore wire protocol. Eliminates platform-specific binary distribution, reduces package size, and improves reliability of dev mode tunneling
TypeScript config from compiled binaries — Stacktape configs written in TypeScript now work when running from compiled binaries (not just raw Bun). Configs are bundled to CJS via Bun.build with mtime-based caching

🔨 Bugfixes

Alarm permission limits — Consolidated per-alarm Lambda permissions into a single shared wildcard permission, preventing CloudFormation resource limit errors in stacks with many alarms
Hook failure visibility — Deployments with failed after:deploy hooks now correctly show as failed in the TUI with a count of hook failures, instead of falsely showing success
Zod codegen — Fixed z.record(z.never()) being emitted for empty additionalProperties schemas (now correctly emits z.any())

✨ Improvements

Script-run TUI feedback — The script:run command now shows a completion message in the TUI with the script name
Event output lines — Deploy TUI event rows can now display output lines beneath them for richer feedback
Phase list visibility — The TUI phase sidebar can now be conditionally hidden for simpler command views

🖥️ Console UI

Alerting schema bootstrap — New idempotent DDL script creates BudgetAlert, AlertEvent, and AlertDelivery tables directly, wired into afterDeploy hooks alongside the existing alert channel migration

Docs • Slack • X

3.6.0

2026-03-13T14:12:28Z

🚀 New Features

Version-based rollback — rollback now deploys a previous version's CloudFormation template reusing existing artifacts (no rebuild), supporting --targetVersion, --rollbackSteps, and --listVersions. The old CloudFormation-native rollback is preserved as cf:rollback
Centralized alert system — Notifications rearchitected from client-side dispatch to server-side event routing. Alarm Lambda and CLI both report structured events to the console API, which handles routing to all channels with delivery tracking
Discord and Webhook alarm channels — Alarms now support Discord (embeds) and generic Webhook (with HMAC-SHA256 signing) in addition to Slack, MS Teams, and email
Budget alerts (server-side) — Budget monitoring moved from in-stack CloudFormation resources to the console. Set monthly thresholds (per-stack or per-org) with percentage-based triggers routed through alert channels. The budgetControl config option is removed
Alarm history and resolved events — Alarms now track both ALARM_TRIGGERED and ALARM_RESOLVED transitions. includeInHistory controls whether alarms appear in the alert history
Preview changes rewrite — preview-changes now groups CloudFormation changes under their parent Stacktape resource, strips deployment noise, includes property values, and highlights replacements
RBAC permission guards — CLI enforces role-based permissions before deploy/delete operations, with project-scoped access checks. info:whoami and org:list display human-readable role labels and permission summaries
Structured CLI output & MCP automation — Added JSONL output mode and MCP client with search_docs tool for AI agent workflows
Aurora Serverless v2 readers — Added reader instance support and reader-aware SQL debugging
SSR web CDN cache overrides — Added controls for overriding CDN cache behavior on SSR web resources
Source maps for helper lambdas — Enabled source maps in helper Lambda builds for better error diagnostics

🔨 Bugfixes

CloudFront distribution overrides — Cache behavior and root object overrides now apply to all CloudFront distributions, not just the first one
Dev mode reliability — Rewrote dev proxy to raw TCP for WebSocket support, added global port reservation to prevent conflicts, hardened startup/shutdown lifecycle and terminal restoration, fixed AGENT_READY parsing from JSONL-wrapped stdout
Bundler fixes — Fixed tsconfig resolution to use project cwd instead of process.cwd(), only externalize @aws-sdk/client-* in CJS Lambda bundles, preserve identifiers correctly
Parallel packaging — Switched to Promise.allSettled with first-rejection pattern to surface packaging errors instead of silently failing
TUI output — Batched console writes to prevent interleaving, increased JSONL result data limit to 512KB, suppressed plain summary in JSONL mode to avoid duplicate output
S3 lifecycle — Fixed expiration lifecycle rules using wrong property (NoncurrentVersionExpirationInDays vs ExpirationInDays)
Post-deploy hooks — Tolerate post-deploy hook failures without aborting the deploy flow
Zod codegen — Fixed z.record(z.never()) being emitted for empty additionalProperties (now correctly emits z.any())
TUI log normalization — Handle OSC, DCS escape sequences and carriage-return line overwrites in dev TUI logs

✨ Improvements

TUI migrated to SolidJS — Deploy and dev terminal UIs migrated from React to SolidJS via @opentui/solid for better reactivity and smaller footprint
S3 versioning for directoryUpload — Buckets with directoryUpload automatically enable S3 versioning (for rollback support) with a 30-day non-current version lifecycle
CLI telemetry — Migrated from Mixpanel to PostHog

🖥️ Console UI

Granular RBAC — New DEVELOPER and VIEWER roles with a permission matrix across ~35 actions. Users can be scoped to specific projects. All API routes enforce permissions; UI elements conditionally hidden/disabled based on role
Alert system overhaul — Replaces Integration model with AlertChannel supporting Slack, MS Teams, Discord, Email, and Webhook. Source-specific dispatchers (notification/alarm/budget) with delivery channel snapshots and status tracking (SENT/FAILED/PARTIAL/PENDING)
Budget alerts — New page for creating budget alerts with monthly thresholds, percentage-based triggers, required AWS account selection, and per-stack or per-org scoping
Per-source alert history — Dedicated history pages for notifications, alarms, and budgets with shared AlertChannelSummary and delivery status components
Notifications overhaul — 18 granular event types (deploy, delete, rollback, git, scripts, secrets) replace old coarse-grained types; event types now required; enabled toggle added
API key management — Keys support optional expiration dates and soft-revocation instead of hard delete. Status badges show Active/Expired/Revoked
One-click rollback — Rollback button in the stage activity table triggers version-based rollback with confirmation modal
Metrics dashboard — Time range toolbar with presets (1h–30d), loading/error states per chart, stats overlay (avg/max/min), chart type toggle (area/line), CloudFront metrics enabled
Config editor — New resource cards view for visual resource management, guided "Add Web Service" modal wizard
Domains page — Redesigned with improved add-domain wizard and detail modals
Member management — Redesigned invite/update forms with role picker, color-coded badges, and project-scope selector for DEVELOPER/VIEWER roles
Monitoring navigation — Restructured nav with Channels as top-level item and Config/History sub-routes for notifications, alarms, and budgets
EC2 runner fix — GitOps webhook handlers now await runner completion in Lambda contexts to prevent mid-flight kills

Docs • Slack • X

3.6.0-beta.0

2026-03-10T12:34:03Z

feat: add ensureOpenTuiPlatformPackage function for cross-compilation

3.5.8

2026-02-11T19:14:33Z

🔨 Bugfixes

NPM binary install integrity — Fixed a race/corruption scenario where Stacktape could run with a partially extracted bin directory and fail with missing helper-lambda ZIP files
Helper lambda availability checks — Launcher now validates required helper-lambda artifacts before reusing cached binaries
Global binary safety check — Global binary shortcut now verifies helper-lambda artifacts before execution, preventing invalid cache reuse

✨ Improvements

Race-safe installation — Added installation lock handling to avoid concurrent extraction conflicts on first run
Self-healing cache behavior — Added install marker validation and automatic cleanup/reinstall for incomplete cache states
Resilient bootstrap flow — Added retry path for failed/partial installs to improve reliability across CI and local environments

Docs • Slack • X

3.5.7

2026-02-11T03:28:11Z

Version: 3.5.7