Membrane Changelog
Platform 2026-04-16

Major Updates

  • Membrane dashboard was fully re-designed to simplify understanding of your workspace.

    • It is now possible to connect any app (including ones found in the web or just typed-in by you) right from the dashboard.

    • Management of your connected software was refactored and simplified.

    • Added agent onboarding guides for Claude Code, Codex, Cursor, Copilot, and Windsurf

  • Agentic Connection UI underwent many improvement based on usage feedback.

  • Self-hosted auth no longer depends on Auth0 or any other external services.

Added

  • Connections now have key and can be identified in code-friendly way.

  • Added workspace instance name display in workspace general setting.

  • Added support for tenantKey in client JWT tokens (to replace deprecated id)

  • Added flowRunsQueueSizePerConnection to workspace limits configuration

  • Code sandbox jobs are now automatically re-routed when runners are over capacity - it will improve latency in some cases.

Changed

  • External apps are now sorted by popularity in the interface

  • Connections now start in a disconnected state until successfully authenticated. This only affects behavior of the new connected field and doesn't affect the old/deprecated disconnected field.

  • Connector versioning now auto-determines latest version by semantic versioning on publish.

  • Custom code now handles large inputs in batches with out-of-memory protection.

  • Base64 encoding is now applied to Buffers in custom code JSON output - it should speed up data transfer for large custom code jobs.

Fixed

  • OAuth loopback redirect URIs now support any port number per RFC 8252 standards

  • Connection refresh button in the console now triggers a backend refresh of the connection

  • Auth Proxies admin link now appears correctly on self-hosted installations

  • Unsupported event types now show proper error messages instead of crashing

  • Flow run errors from individual nodes now properly propagate to the overall flow run

  • OAuth consent page now properly displays tenant dropdown options

  • Workspace logo and app icon components now include fallback image handling

  • Connection refresh attempts no longer cause authentication errors when retrying disconnected connections

  • Schedule triggers no longer fire multiple times due to duplicate node schedules

  • Organization invitation acceptance is now idempotent instead of failing silently

  • Expert tasks route now displays properly under the activity section

  • External app are now marked as connected immediately after connection creation.

  • Connection building agent sessions now receive complete context information

  • Archived connectors are now properly excluded from workspace exports

  • Rate-limited event pulls are now handled proactively with proper backoff strategies

  • Queued runs are now properly stopped for misconfigured and disconnected connections

CLI 1.16.2

Fixed

  • Fixed a crash caused by missing exports in the CLI package.

  • Fixed login flow to use the correct API URI when authenticating.

  • Fixed internal dependency version pinning to ensure stable package installations.

CLI 1.16.0

Added

  • CLI telemetry events now include organization group information to provide better usage analytics.

  • Connector token types are now differentiated per MCP type with JWT claims containing settings information.

Fixed

  • Workspace imports now use UUID-only matching to prevent import conflicts and improve reliability.

    Note: This change may affect workspaces where elements have different UUIDs across environments. Before pushing, pull from the target workspace first so you can revert if elements don't match as expected.

  • Archive file paths now use connector UUIDs instead of names to prevent key collisions when multiple connectors have the same name.

API Contract 1.11

Added

  • Field usage (number) added to AgentSessionDto to track session usage metrics

  • Field archivedAt (string) added to ConnectorDto to indicate when a connector was archived

  • Is is not possible to edit isReadOnly field when updating org-workspaces.

CLI 1.15.1

Changed

  • feat(cli): add --clientName flag to login for signup source tracking
CLI 1.15.0

Changed

  • Login flow now uses a simplified single-mode authentication architecture for improved reliability - no more --tenant parameter (it's silently ignored).

  • Improved membrane status output.

Platform 2026-04-03

Major Changes

  • Custom code execution engine was refactored to V8 isolates. It makes it much faster and less resource-consuming.

    • About 5% of custom code requests use functionality not supported by isolates. They fall back to the previous implementation (sandboxed node.js processes).

    • If you self-hoste, you can disable the new custom code engine by adding CUSTOM_CODE_RUNNER_DISABLE_IVM env variable. This can act as workaround if you hit features not supported by V8 isolate and fallback doesn't work.

  • Agentic Connection UI is now used by default instead of "static" connection UI.

Changed

  • Connection state tracking simplified with clearer connected and error status fields.

  • Non-agentic connection screens now redirect to the improved agentic flow

  • Flow descriptions automatically sync between universal and integration-specific versions.

Fixed

  • Connect buttons now work properly for connectors without named authentication options

  • OAuth consent page shows helpful messages when revisited after approval

  • Connection configuration errors clear automatically after successful recovery

  • Action tabs between universal and integration versions navigate correctly

  • Console navigation works properly when flow re-runs fail

  • Actions and elements can no longer be created without required key fields

CLI 1.14.2

Fixed

  • The membrane connect command now works consistently with the membrane connection command.
API Contract 1.10

Added

  • New endpoint: PATCH /org-workspaces/{id}/user-settings for updating user workspace settings

Changed

  • Changes in connection API:

    • connected field on connections that will replace deprecated disconnected field

    • GET /connections now accepts a connected query parameter for filtering connections by status

    • Connection errors are now more consistent with the rest of elements:

      • requestError contains the latest problem with connectivity that made connection disconnected.

      • errors field has all the errors for connection: requestError and any configuration errors

      • error field still stays but is deprecated.

SDK 0.28.0

Fixed

  • Fixed crash when using the SDK in browser environments that don't support CommonJS require() in the error handling code path.
CLI 1.14.1

Fixed

  • Authentication now properly re-authenticates with tenant scope when using platform-user tokens
  • Removed unnecessary direct dependency that could cause package conflicts
CLI 1.14.0

Fixed

  • CLI version is now correctly reported in telemetry data
  • Non-agentic connection screens now properly redirect users to the agentic flow
CLI 1.13.4

Fixed

  • OAuth token responses now include the user's email address for proper telemetry tracking