Everything we ship, as we ship it — new capabilities, performance work, fixes, and security updates for the FuturOne platform.
Bigger releases get deeper write-ups on the blog. To see the current build in action, watch a live run. Incident history lives on the status page.
Every run now carries cost attribution metadata: model spend per step, queue time versus execution time, and the team or cost center it bills to. The dashboard rolls these up by agent domain, project tag, and seat, with 90 days of history and latency percentiles alongside spend. Admins can set per-team budget alerts that fire a webhook at 80% and 100% of budget, and finance teams can export monthly rollups as CSV. Nothing about this changes the zero-retention model — attribution is computed from run metadata, never from content.
Every claim in a research deliverable is now linked to its sources, and every source is independently re-fetched and checked against the claim before the deliverable ships. Claims that fail verification are reworked or flagged — never silently included. Deliverables carry per-section confidence scores calibrated against historical acceptance outcomes, and sections below the escalation threshold are routed to a human with a note on what would raise confidence. How the calibration works is covered in this week's blog post.
On April 18, a subset of runs saw elevated queue latency for 38 minutes. Root cause: queue shard hot-spotting. The shard assignment function we shipped with parallel execution keyed on workspace ID, so large workspaces fanning out many concurrent branches concentrated load on a small set of shards. Shard assignment now keys on workspace plus branch with bounded rebalancing, and we added per-shard depth alarms that page before customers notice. No runs were lost or produced incorrect results; the full postmortem is on the status page.
The planner now emits a dependency graph instead of a linear sequence, and the orchestrator schedules independent branches concurrently. Across production workloads this cut median end-to-end run time by more than half and raised platform throughput 2.4x at the same fleet size. Steps that share state still serialize automatically, and nothing changes in the API — existing runs simply got faster.
GET /v1/runs/{id}/events now honors Last-Event-ID, so clients that disconnect mid-run resume from the last event they processed instead of replaying the stream or losing events. This builds on the heartbeat frames we added in September and closes the last gap for long-running workflows behind flaky corporate networks. SDKs reconnect automatically as of futurone 0.9 and @futurone/sdk 0.11.
SAML 2.0 and OIDC sign-in, tested against Okta, Microsoft Entra ID, and Google Workspace. SCIM 2.0 handles the full user lifecycle — deprovisioning a user in your IdP revokes their API keys and active sessions within 60 seconds. Group-to-role mapping lets identity teams manage FuturOne permissions entirely from the IdP, with no dashboard round-trip. Available on the Enterprise plan.
The code review agent now runs a dedicated security pass on every PR: taint-style data-flow checks for injection, authentication and authorization gaps (missing token expiry validation, unscoped credentials), secret handling, and unsafe deserialization patterns. For a vetted subset of findings the agent opens a separate auto-fix PR containing the patch, regression tests, and a plain-language explanation — it never pushes to the original branch. Findings are graded by severity and link to the exact lines and the rule that fired, so reviewers can audit the reasoning rather than trust a verdict.
For 22 minutes on February 3, webhook deliveries were delayed. Root cause: a certificate rotation on our egress proxy left long-lived delivery workers presenting a stale client certificate, so deliveries to endpoints validating the client chain failed TLS handshake and entered retry. The backlog drained within minutes of a rolling restart — no events were lost. Rotations now signal every egress worker to reload and run a canary delivery against a reference endpoint before completing. Details on the status page.
Coding, strategy, content, and research agents are out of beta and open for production use. GA includes the run API (POST /v1/runs), SSE event streams, the dashboard, webhooks, and a contractual 99.99% uptime SLA on Enterprise agreements. Pricing starts at a free Developer tier with 20 runs per month — see pricing for the full breakdown. Thank you to the 40+ teams who ran the private beta: most of what ships today exists because of your bug reports.
Failed webhook deliveries now retry up to 8 times over roughly six hours with exponential backoff and jitter, replacing the old three fixed-interval attempts. Deliveries that exhaust their retries land in a per-workspace dead-letter queue, inspectable and replayable from the dashboard for 7 days. Delivery signatures (HMAC-SHA256 in X-FuturOne-Signature) are unchanged.
Re-running a workflow now produces a structural diff against the previous deliverable: changed sections, changed findings, changed citations — not a wall of red and green text. For code review runs the diff is per-finding; for research memos it is per-claim. Beta customers asked for this more than any other feature this quarter, mostly for weekly recurring runs where what changed matters more than the full report.
API keys can now be scoped per project and per capability — create runs, read runs, manage webhooks — instead of granting workspace-wide access. Audit events covering key usage, run lifecycle, and permission changes export as JSON Lines; events record actor, action, timestamps, and resource IDs but never payload content, consistent with our zero-retention architecture. Existing unscoped keys keep working but are flagged in the dashboard with a one-click migration path.
A first-party GitHub App replaces the OAuth-plus-deploy-key setup from early beta. Install it on selected repositories and PR review runs trigger automatically on ready_for_review; permissions are read on contents and write on pull requests and checks — nothing else. Review output now posts as a single review with inline threads instead of individual comments, which cut notification noise dramatically for large PRs.
Median orchestration overhead — everything we add around model calls: planning dispatch, tool mediation, state persistence — dropped from 610ms to 248ms per step. The wins came from connection pooling to inference providers, plan caching for recurring workflow shapes, and moving step-state writes off the critical path. On long multi-step runs this compounds into minutes of end-to-end improvement.
Every beta run is now scored against a per-domain rubric before delivery: code reviews on finding correctness and severity calibration, research output on claim-source linkage and coverage. Scores are visible per run in the dashboard. This is deliberately infrastructure-first — calibrated confidence scores and automatic escalation are the features we want to build on top of it.
Several beta customers behind corporate proxies saw run event streams stall silently on runs longer than about ten minutes. The events endpoint now sets X-Accel-Buffering: no, sends a comment-frame heartbeat every 15 seconds to keep intermediaries from collecting idle connections, and flags stalled streams server-side. If your network still drops long-lived connections, the run status endpoint supports plain polling as a fallback.
Available now: pip install futurone and npm i @futurone/sdk. Both provide typed run creation, automatic status polling with backoff, and an events iterator that wraps the SSE stream. The SDKs are deliberately thin — everything they do is expressible against the public API, so nothing locks you in.
First external customers are running coding and strategy agents on real workflows. Access is by invitation and capacity-limited while we tune orchestration under production load. What exists today: the run creation API, the dashboard's run timeline, and the PR review workflow for GitHub repositories. Strategy, content, and research workflows expand over the coming months.
The demo runs the same platform described above — watch an agent plan, execute, and verify a real workflow.