Skip to content

chore(main): release 2.4.0 #96

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
github-actions wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(main): release 2.4.0 #96

github-actions wants to merge 1 commit into from

Conversation

@github-actions
Copy link
Contributor

@github-actions github-actions bot commented Feb 4, 2026
edited
Loading

🤖 I have created a release beep boop

2.4.0 (2026-02-10)

Features

  • add direct sessions API for browser/CLI clients (c34ab3c)
  • add direct sessions API for browser/CLI clients (8f78d87)
  • add github package support and enable plan mode (b9ccf5d)
  • add MCP registry service and discovery routes (fbff9bf)
  • add network isolation, HTTP proxy, and enhanced worker configuration (d3a7db1)
  • add platform-agnostic messaging API with self-queueing and MAX_TURNS protection (c872522)
  • add user interaction system with forms and suggestions (18db834)
  • enable WhatsApp support in community deployment (658bb25)
  • implement multi-tenant space architecture (abc195f)
  • implement multi-tenant space architecture (16b8723)
  • improve first-time setup UX and add upgrade instructions (e3df936)
  • migrate gateway to Hono and remove Express from worker (#94) (499ab1b)

Bug Fixes

  • address critical security and functionality issues in direct sessions API (782f617)
  • correct session-manager tests to use proper session key format (45af581)
  • disable Nix sandbox for arm64 QEMU builds (e54e712)
  • handle empty HOME env in git cache fallback (c00ebfe)
  • improve team ID handling in Slack events (d083365)
  • include mcp-servers.json in gateway Docker image (d0c9cd3)
  • properly configure Nix sandbox for arm64 builds (71daf7b)
  • remove CLI_VERSION pinning, use latest for worker package (9c33352)
  • repair failing tests and exclude workspaces from test discovery (3227430)
  • resolve K8s deployment issues (9d48358)
  • resolve K8s deployment issues (dcd6eff)
  • restart stream on message_not_in_streaming_state error (32db4a1)
  • skip arm64 worker build due to Nix/QEMU seccomp issue (fa3f96c)
  • use writable temp directory for git cache fallback (c45fc01)

This PR was generated with Release Please. See documentation.

@mesa-dot-dev
Copy link

mesa-dot-dev bot commented Feb 4, 2026

Mesa Description

TL;DR

Release v2.4.0 introduces major architectural improvements including a migration to Hono framework, multi-tenant space support, and new APIs for direct sessions, MCP registry discovery, and platform-agnostic messaging. Includes network isolation, HTTP proxy enhancements, GitHub package support, and various bug fixes for security, Kubernetes deployment, and Slack integration.

What changed?

  • Framework Migration: Migrated gateway to Hono and removed Express from worker
  • Direct Sessions API: New browser/CLI client API for direct session management with security improvements
  • Multi-tenant Architecture: Implemented multi-tenant space architecture across the platform
  • MCP Registry: Added MCP registry service and discovery routes for Model Context Protocol support
  • Messaging API: Platform-agnostic messaging API with self-queueing and MAX_TURNS protection
  • User Interactions: New user interaction system with forms and suggestions
  • Network & Infrastructure: Enhanced worker configuration with network isolation and HTTP proxy support
  • Package Support: Added GitHub package support and plan mode
  • Setup & Upgrade: Improved first-time setup UX and added upgrade instructions
  • Bug Fixes: Security improvements in direct sessions API, Slack team ID handling, K8s deployment resolution, stream error handling, and CLI version management

Description generated by Mesa. Update settings

mesa-dot-dev[bot]
mesa-dot-dev bot reviewed Feb 4, 2026
View reviewed changes
Copy link

@mesa-dot-dev mesa-dot-dev bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Performed full review of 97492dc...7fbd5f9

Analysis

  1. Tenant Isolation Risk: The multi-tenant architecture requires thorough audit of all shared resources (Redis caches, MCP registry, messaging) to ensure proper tenant scoping and prevent potential data leakage between tenants.

  2. Framework Migration Gaps: The Express to Hono migration touches all HTTP surfaces but creates integration risks where auth middleware, error handling, and tracing utilities were previously tied to Express types and may not be fully ported.

  3. Policy Enforcement Inconsistency: Direct Sessions API and new interaction surfaces could potentially bypass orchestration policies (MAX_TURNS, rate limits) if they don't reuse the same gateway orchestration logic as other channels.

  4. Configuration Drift: The expanded configuration surface (network isolation, HTTP proxying, worker config) increases risk of inconsistency between environments (Helm charts, docker-compose, local development) without centralized schema validation.

  5. Messaging Layer Reliability: Self-queueing + MAX_TURNS enforcement requires vigilant dead-letter handling to prevent cross-channel starvation; any direct paths could bypass these protections.

Tip

Help

Slash Commands:

  • /review - Request a full code review
  • /review latest - Review only changes since the last review
  • /describe - Generate PR description. This will update the PR body or issue comment depending on your configuration
  • /help - Get help with Mesa commands and configuration options

0 files reviewed | 0 comments | Edit Agent SettingsRead Docs

@github-actions github-actions bot force-pushed the release-please--branches--main--components--create-termos branch from 7fbd5f9 to 1e9ac21 Compare February 4, 2026 14:00
@buremba buremba mentioned this pull request Feb 4, 2026
Closed
@github-actions github-actions bot force-pushed the release-please--branches--main--components--create-termos branch 7 times, most recently from ef4a84b to 7269a5b Compare February 4, 2026 15:19
@github-actions github-actions bot force-pushed the release-please--branches--main--components--create-termos branch from 7269a5b to 0a95ee0 Compare February 10, 2026 04:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@mesa-dot-dev mesa-dot-dev[bot] mesa-dot-dev[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

autorelease: pending

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants