v1.3.0

1.3.0 - 2026-04-09

Changed

Platform Updates

• Upgrade OpenHands from v1.4.0 to v1.6.0 (#65)
  • Merged 341 upstream commits, upgrading the base OpenHands image, SDK (v1.11.5 → v1.15.0), and runtime.
  • Removed custom S3EventService module — upstream v1.6.0 ships native AwsEventService with identical S3 path format, making the custom implementation redundant.
  • Updated _build_service_url patch for new 3-arg signature in v1.6.0 (url, service_name, runtime_id).
  • Aligned orchestrator STATUS_MAP values with upstream expectations (starting/error instead of pending/failed).
  • Removed deprecated send_telemetry config key (removed upstream in v1.6.0).
  • Fork: custom/v1.6.0-fargate-r1 (20 cherry-picked commits from v1.4.0 fork).

Developer Experience

• Replace github-workflow skill with autonomous-dev-team (#66)
  • Migrated from custom github-workflow skill to upstream autonomous-dev-team skills.
  • New skills (autonomous-dev, autonomous-review, autonomous-common, autonomous-dispatcher, create-issue) support Claude Code, Kiro CLI, and Codex agents.
  • Install via npx skills add zxkane/autonomous-dev-team -s '*' -a claude-code -a kiro-cli -a codex -y.

Fixed

CI/CD

• Add retention-days to security scan artifacts (#64)
  • Set retention-days: 3 on security scan artifact uploads to prevent GitHub Actions storage quota exhaustion (was defaulting to 90 days, causing 912 accumulated artifacts).

Security

• Fixed npm CVEs: handlebars 4.7.9, fast-xml-parser 5.5.10, minimatch 10.2.5, picomatch 4.0.4, path-to-regexp 8.4.2, brace-expansion 5.0.5 (#65)

v1.2.0

1.2.0 - 2026-03-11

Added

Sandboxes

• Startup timing instrumentation and SOCI support (#58)
  • Added structured timing logs (sandbox-startup-timing) to benchmark sandbox startup phases in /start and /resume routes.
  • Integrated SOCI v2 index generation via soci convert for Fargate lazy image loading (requires soci CLI >= v0.10).
  • Introduced sandboxSociImageUri CDK context parameter for SOCI-enabled sandbox image override.
  • Exported sandbox image ECR URI as CfnOutput for SOCI index generation scripts.

Changed

Documentation

• Improved README for discoverability and engagement (#60)
  • Restructured README to include a hero section, badges, and explicit value propositions.
  • Transformed features list into an emoji-tagged Key Features section for easier scanning.
  • Enhanced comparison tables and quick links for first-time visitor comprehension.

Fixed

Docker

• Correct VS Code port mapping from 60001 to 8001 (#62)

  • Resolved 502 runtime subdomain errors caused by incorrect port mapping (60001 → 8001) in patch-exposed-urls.py.
  • Fixed can_connect(ip, 60001) requests that failed to establish upstream connections due to mismatched port configurations in the agent-server SDK.

• Preserve project/ path for nested repo git changes (#61)

  • Corrected empty Changes tab for conversations linked to GitHub repositories.
  • Updated normalizeGitUrl() to preserve project/<repo> paths for accurate nested repo resolution.
  • Removed unnecessary intermediate git init /workspace/project repo creation shadowing actual repo changes.

• Normalize git API paths for connected repos (#59)

  • Fixed 500 errors in git Changes tab when connecting GitHub repositories to conversations.
  • Adjusted patch-fix.js to properly normalize workspace paths containing nested repo directories.

v1.1.0

1.1.0 - 2026-03-06

Added

Storage

• S3 event persistence for conversations (#56)
  • Introduced S3EventService to replace FilesystemEventService when FILE_STORE=s3.
  • Persisted events to S3 for survival across Fargate task restarts and long-term history for archived conversations.
  • Upgraded openhands-tools to v1.11.5 to resolve agent-server SDK mismatches.

Sandboxes

• Conversation archival and lifecycle management (#54)
  • Added ARCHIVED state for conversations with configurable retention policies.
  • Supported user-initiated conversation deletion and data lifecycle transitions:
    • ARCHIVED conversations retain event history in S3 but can no longer resume.
    • Deleted conversations wipe all associated data.

Compute

• Target tracking auto scaling and rightsizing of app Fargate tasks (#53)

  • Downsized app Fargate tasks from 4 vCPU / 8 GB to 1 vCPU / 2 GB based on CloudWatch metrics.
  • Implemented auto-scaling (1-3 tasks) for both the App and OpenResty services.
  • Achieved ~75% reduction in baseline Fargate costs, reflected in updated README.md cost estimates.

• Bedrock LLM model selection support (#49)

  • Enabled user-selectable Bedrock LLM models via OpenHands model selection UI.
  • Updated default model to Claude Sonnet 4.6 for optimal cost-performance balance.

Documentation

• Updated documentation with AGENTS.md migration (#48)
  • Consolidated tool-agnostic documentation into AGENTS.md, standardizing compatible AI coding tools.
  • Added workflow enforcement hooks to prevent direct pushes to the main branch.

Changed

Platform Updates

• Lambda Node.js runtime upgrade (#52)
  • Migrated all custom AWS Lambda functions from NODEJS_22_X to NODEJS_24_X, the latest LTS runtime.

Fixed

Sandboxes

• Orphan ECS task detection in idle monitor (#50)
  • Implemented logic to detect and terminate orphan ECS tasks caused by race conditions during concurrent /resume requests.

Docker and SDK

• Bedrock improvements and patches for agent-server SDK (#51)
  • Backported Bedrock updates and patches from OpenHands upstream forks.
  • Resolved Kimi K2.5 max_output_tokens errors with custom SDK patch.

v1.0.0

1.0.0 - 2026-02-28

Added

Infrastructure

• Per-conversation EFS access points for multi-tenant isolation (#36)
  • Dynamically create EFS access points per conversation to enforce isolated filesystem access for sandbox containers.
  • On sandbox /start or /resume, EFS access points are created at /sandbox-workspace/<conversation_id> with uid/gid 1000.

Compute

• Migration from EC2 to ECS Fargate for all services (#29)

  • Eliminated dependency on EC2 instances, Launch Templates, and Auto Scaling Groups.
  • Expanded architecture to 10 stacks, introducing a shared ECS cluster (ClusterStack).
  • Migrated OpenHands app service to ECS Fargate task setup: 4 vCPU, 8 GB RAM.
  • Migrated OpenResty proxy service: 0.25 vCPU, 512 MB RAM.
  • ECS native secrets integration for OH_SECRET_KEY and DB_PASS.

• ECS Fargate sandbox orchestrator with Cloud Map service discovery (#28)

  • Implemented a TypeScript-based Fastify orchestrator service for sandbox operations (RunTask, StopTask, DescribeTasks, cleanup stale records).
  • Integrated private DNS resolution using Cloud Map (orchestrator.openhands.local:8081).
  • Added EventBridge + Lambda-driven cleanup of stale ECS Tasks.

Enhancements

• Upgrade OpenHands to v1.4.0 (#30)
  • Updated OpenHands runtime from 1.3.0 to 1.4.0 (63+ upstream commits merged).
  • Upgraded Agent Server SDK from v1.8.1 to v1.11.4, including 13 custom patches.
  • Improved E2E testing coverage with updated test cases reflecting ECS Fargate migration.

Changed

Deployment Workflow

• GitHub Actions release process improvement (#46)
  • Switched from default GITHUB_TOKEN to GitHub App token for triggering dependent workflows.
  • Ensures the build-and-test CI workflow triggers correctly on release PRs.

Fixed

Infrastructure

• Bedrock model access for sandbox task role (#44)

  • Added bedrock:InvokeModel permission to the sandboxTaskRole to resolve access errors in production deployments.

• Explicit creation of CloudWatch log groups in MonitoringStack (#43)

  • Fixed OpenResty container startup failure due to missing CloudWatch log groups.
  • Addressed incorrect assumption that ECS Fargate auto-creates log groups with the awslogs driver.

• Skip parameters for conflicting VPC endpoints (#42)

  • Added skipDynamoDbEndpoint and skipInterfaceEndpoints parameters to prevent conflicts during production deployments caused by pre-existing VPC endpoints.

Security

• Remove self-referencing Sandbox Security Group rule (#34)
  • Removed ingress rules allowing inter-sandbox communications on all TCP ports to enhance network isolation and security.

Docker Images

• Resolved CVEs in system packages for all Docker images (#38)

  • Upgraded system packages in OpenResty, App (OpenHands), and Sandbox images using apt-get and apk commands.
  • Addressed critical OS-level vulnerabilities flagged during reliability scans.

• Updated OpenResty base image for CVE remediation (#35)

  • Migrated to openresty/openresty:1.27.1.2-alpine-fat from 1.25.3.1-alpine-fat.

Sandboxes

• Fix sandbox status initialization on SPA navigation (#39)

  • Patched sandbox auto-initialization for client-side navigation (pushState/popstate) on the OpenHands dashboard.

• Register conversation with agent-server during resume (#31)

  • Ensured conversations are registered with the agent-server API (POST /api/conversations) after resuming sandboxes.

• Handle .git ownership issues on sandbox stop/resume (#32)

  • Addressed HTTP 500 errors caused by mismatched permissions in the .git workspace folder during sandbox resume.

Documentation

Deployment Guide

• ECS Fargate architecture update (#37)
  • Comprehensive restructuring of architecture documentation to match recent migration updates.
  • Updated deployment prerequisites, stack details, and diagrams.

Development Workflow

• Git worktree guidance added (#33)
  • Enhanced github-workflow skill with clear instructions and common error avoidance tips for using git worktrees efficiently.

v0.3.0

0.3.0 - 2026-02-14

Added

CI/CD Automation

• Automated release workflows integrated with LLM-generated changelogs (#26)
  • Introduced two GitHub Actions workflows:
    • release-prepare.yml for manual release preparation with commit/PR enrichment and LLM-assisted changelog generation.
    • release-publish.yml for automated version tagging and package publishing.

Infrastructure

• OpenHands upgraded to v1.3.0 (#22)
  • Upgraded from v1.2.1 with support for new upstream features:
    • CORS environment variable OH_ALLOW_CORS_ORIGINS_0 for customizable origins.
    • Host network mode enabled via OH_SANDBOX_USE_HOST_NETWORK=true.
  • Applied multi-tenant conversation isolation update (Patch 27) and webhook callback UUID + secret fixes (Patches 28/29).

Changed

Code Refactor

• Replaced runtime regex patching with fork-based patches (#23):
  • Deprecated apply-patch.sh with 29 regex-based patches and introduced clean upstream modifications stored in zxkane/openhands@custom-v1.3.0-r1.
  • Consolidated patching process to Docker build time, reducing container startup complexity.

Fixed

Mobile Interface

• Fix for iPhone historical conversation messages (#24):
  • Addressed viewport-specific React component remounts causing conversation history issues.
  • Replaced synchronous DOM walking with requestIdleCallback-based batched processing to improve performance.
  • Applied temporary React Fiber patch to resolve stuck skeleton loading state on mobile viewports.

Documentation

Deployment Guide

• Added prerequisites for creating sandbox secret key before first-time deployment (#21):
  • Updated README.md to include a required step for configuring the sandbox secret key.
  • Prerequisites documented in CLAUDE.md with accompanying CLI command examples.

v0.2.0

[0.2.0] - 2026-02-02

Added

Cost Management

• Dynamic cost allocation tags via CDK context (#14)
  • STAGE tag auto-detected from domainName (test.* → staging, otherwise production)
  • Project and Purpose tags configurable via --context parameters
  • All tags integrated with AWS Cost Allocation for billing visibility

Fixed

Authentication & Security

• Runtime subdomain cookie access - Changed SameSite=Lax to SameSite=None in Lambda@Edge auth handler to enable cookies on cross-subdomain fetch requests (#16)
• npm package vulnerabilities - Added override for fast-xml-parser to v5.3.4 to fix GHSA-37qj-frw5-hhjh RangeError DoS bug (#18)

Sandbox & Conversation Resume

• Conversation resume after EC2 replacement - Pass OH_SECRET_KEY to sandbox containers via Secrets Manager for encrypted secrets decryption (#17)
• Bedrock token expiration - Fixed by using EC2 instance role instead of sandbox STS credentials for LLM calls (#17)

Frontend Patches

• MCP server deduplication - Intercept XMLHttpRequest instead of fetch to prevent global MCP servers from being duplicated in user settings (#15)
• Global MCP server protection - Disable Edit/Delete buttons for system-managed MCP servers defined in config.toml (#15)

Full Changelog: v0.1.0...v0.2.0

OpenHands AWS Infrastructure v0.1.0 - Initial Release

OpenHands AWS Infrastructure v0.1.0

Initial release of the AWS CDK infrastructure for deploying OpenHands - an AI-driven development platform.

Highlights

🚀 Production-Ready AWS Infrastructure - Complete CDK stack for deploying OpenHands with enterprise features

🔐 Multi-Tenant Authentication - Cognito integration with OAuth2, managed login, and multi-domain support

📦 Self-Healing Architecture - Conversation history and workspaces persist across EC2 replacements

🌐 Runtime Subdomain Routing - User apps accessible via {port}-{convId}.runtime.{subdomain}.{domain}

Features

Infrastructure (8 CDK Stacks)

• AuthStack - Cognito User Pool with custom email templates
• NetworkStack - VPC configuration with endpoints
• SecurityStack - KMS, IAM roles, security groups
• MonitoringStack - CloudWatch dashboards, alarms, S3 data bucket
• DatabaseStack - Aurora Serverless v2 PostgreSQL with RDS Proxy
• UserConfigStack - User configuration API (Lambda) for multi-tenant MCP management
• ComputeStack - EC2 Auto Scaling with Graviton (ARM64) instances
• EdgeStack - CloudFront, Lambda@Edge, WAF

Key Capabilities

• Cognito Authentication with 30-day sessions and silent token refresh
• Aurora Serverless v2 with RDS Proxy for high availability
• S3 + EFS Persistence - Conversations and workspaces survive instance replacement
• Sandbox AWS Access - Optional scoped IAM credentials for sandbox containers
• MCP Server Support - AWS Docs and Chrome DevTools MCP integration
• Cross-User Authorization - Runtime requests verify container ownership

Security

• WAF protection on CloudFront
• Origin verification headers (direct ALB access blocked)
• VPC Endpoints for AWS services
• KMS encryption for secrets
• Automated security scanning in CI

What's Included

Component	Description
CDK Stacks	8 production-ready CloudFormation stacks
Docker Config	Custom agent-server image with patches
OpenResty Proxy	Runtime subdomain routing
Lambda@Edge	JWT verification and routing
User Config API	Multi-tenant MCP and secrets management
E2E Test Cases	Comprehensive test documentation
GitHub Workflow Skill	10-step development workflow

Requirements

• AWS CLI configured
• Node.js 20+
• Existing VPC with private subnets
• Route 53 Hosted Zone

Getting Started

npm install
npx cdk deploy --all \
  --context vpcId=<vpc-id> \
  --context hostedZoneId=<zone-id> \
  --context domainName=<domain> \
  --context subDomain=openhands \
  --context region=<region>

See README.md for full deployment instructions.

Full Changelog

See CHANGELOG.md for detailed changes.