Docs
Tutorials
Pricing Changelog Blog Login Signup
All releases
Auxot Server v0.1.33 May 2, 2026

Embeddings, live CLI streaming, and security hardening

This release introduces ONNX-backed semantic embeddings, early tool-dispatch SSE for the live CLI, playbook thread memory and curator ops, and a series of security fixes across Slack and Discord attachment handling.

Features

  • Semantic embeddings: Added an internal ONNX-backed embedder wired into server configuration and dependencies, making embeddings a required backing service rather than an optional fallback. The Docker build now includes a dedicated model-fetcher stage and CGO/ORT shared library support.
  • Live CLI streaming: The live CLI now emits an early tool.dispatched SSE event from the stream, and a new allow_cli_provider_tools flag controls provider tool access from CLI sessions.
  • Playbook enhancements: Added thread memory, curator operations, and a debug admin UI to the playbook feature.
  • Tool improvements: OutputSchema now returns values, and the tools UI gained integration-only run_script hints, pagination support, and snippet discovery with Auxot schemas.
  • Thread context and dispatch: Implemented context window loop handling, dispatch snapshot schema, and improved message listing for threads.
  • License renewal UX: Added expired license UX hints, exchange wiring, and updated Tilt defaults.
  • Org-admin debug settings: Added server-side debug settings and API endpoints for org administrators.
  • Widgets: Added component datasource refresh, a Goja parser, and UI fixes.

Fixes

  • Slack file downloads: Fixed login-redirect detection with fallback to url_private, forwarded auth through redirects, and validated image magic bytes on download.
  • Slack privacy: Removed PII from server logs and expanded the Slack CDN allowlist.
  • Discord attachments: Added image magic-byte validation and rejection of HTML responses on attachment download.
  • Sandbox: JSON-encoded object console arguments for run_script stdout output.
  • Thread chat: Fixed the chat textarea remaining tall after a message was sent.

Internal

  • Split CI to native runners for CGO builds and per-architecture Goreleaser split/merge.
  • Fixed macOS dynamic linking by adding rpath to CGO_LDFLAGS so dyld locates libonnxruntime at runtime.
  • Fixed integration test runner to work without a global ORT symlink; relaxed embed similarity threshold in tests.
  • Stabilized the e2e test harness, Playwright UI/GPU configuration, and coordinator tests.
  • Added make test target that runs the full Go suite plus Playwright e2e tests.
  • Fixed ECR pull-through cache invalidation and forced ECS redeployment on release.