Skip to main content
Connic
Back to BlogChangelog

What We Shipped in June 2026

Customizable permission groups, shareable dashboards with access controls, channels and drains for routing notifications and logs, sharper prompt-injection and data-exfiltration guardrails, AI-assisted filtering, and deployments that drain in-flight runs.

July 1, 20267 min read

May was about confidence before you ship. June is about control after you ship: who can see and do what while agents are running, and where everything they produce ends up. Fixed admin and member roles gave way to customizable permission groups, dashboards can now be shared with exactly the people you choose or published read-only, and channels and drains route notifications, approvals, and logs to your own systems. We also sharpened the built-in prompt-injection and data-exfiltration guardrails, added AI-assisted filtering to the database and runs table, and taught deployments to drain in-flight runs before they roll over.

Customizable Permission Groups

Members used to be either an admin or a member, each with a fixed set of permissions. Now you build your own permission groups from granular, action-level permissions and assign them to members and pending invites. Each permission maps to a specific action, so a group can deploy and activate builds without ever touching billing or team membership.

Permission group: Release Manager
# Composed from granular, action-level permissions
deployments.activate      # promote a build to live
deployments.override      # override deployment checks
connectors.view
budgets.view
# billing.manage and team.update left out on purpose
  • Action-level access: Grant specific actions like connectors.create or approvals.decide instead of a blunt role
  • Applies to invites: Groups attach to pending invites, so a new teammate lands with the right access on day one
  • Ownership transfer: Hand a project over to another owner from team settings

See team and permissions for the full list of actions.

Shareable Dashboards with Access Controls

Observability dashboards now carry their own visibility and edit controls. Keep one private, open it to specific permission groups, share it with the whole project, or publish it. A public dashboard gets a secure share link and an environment picker, so you can hand a live view to someone who does not have a Connic account.

Dashboard visibility
private   only you, plus editors and view-all admins
groups    members of specific permission groups
project   everyone on the project
public    anyone with the secure share link
  • View vs edit: Separate who can see a dashboard from who can change it
  • Public links: Share a read-only, tokenized link with an environment picker for people outside the project
  • Tied to groups: New dashboards.viewAll and dashboards.update permissions decide who manages what

More in the observability docs.

Channels and Drains

Connic can now push project activity out to your own systems. Create a channel that POSTs JSON to an HTTPS endpoint you control, then route notifications and approval requests to it. Drains do the same continuously for two high-volume streams: project logs and audit events, batched and forwarded as they happen. Webhook delivery is self-service, with Slack, Teams, and PagerDuty available on request. Channels are an Enterprise feature.

Signed channel delivery
POST https://hooks.acme.com/connic
Content-Type: application/json
X-Connic-Signature: <HMAC-SHA256 over "{timestamp}.{body}">
X-Connic-Timestamp: 1782864000
  • Notifications and approvals: Route project notifications and approval requests to a channel, down to the individual agent
  • Log and audit drains: Stream project logs and audit events to an endpoint, batched for volume
  • Signed and verifiable: Set a signing secret and every request carries an HMAC-SHA256 signature you can check before you trust it

Sharper Guardrails

Two of the built-in guardrails got harder to slip past. The prompt-injection guardrail now normalizes confusable Unicode characters and strips invisible formatting marks before it runs its checks, closing the Unicode-smuggling trick where lookalike characters hide an injection. The data-exfiltration guardrail now flags Base64-encoded data blocks in the output, catching payloads that try to slip out in encoded form.

agents/support.yaml
guardrails:
  input:
    - type: prompt_injection
      mode: block
      config:
        sensitivity: high
  output:
    - type: data_exfiltration
      mode: block
      config:
        allowed_domains: [example.com]
  • Unicode smuggling blocked: Confusable characters are normalized and format marks stripped before the heuristics run
  • Base64 exfiltration caught: Base64-encoded data blocks in the output are flagged, so payloads cannot slip out encoded
  • Skip after-block middleware: Set run_after_on_block: false so a blocked input skips your after middleware

Full reference in the guardrails docs.

AI-Assisted Filtering

Describe what you are looking for and Connic writes the filter. The runs table and the database browser both take a plain-language prompt and turn it into a real filter expression, status, and time range you can still tweak by hand. The database browser also swapped its raw-JSON document editor for a visual key/value editor.

AI runs filter
Prompt:  orders over $100 that failed this week

Generates:
  statuses     failed
  time range   7d
  expression   input.amount > 100
  • Runs and database: Natural-language filtering across both the runs table and the database browser
  • Real expressions: Prompts compile to the same expression language you can write by hand, like context.tier == 'enterprise'
  • Visual document editor: Edit stored documents as key/value pairs instead of raw JSON, with knowledge-base column sorting alongside

See the database docs for the query and filter reference.

Safer Deploys and Searchable Logs

A new deployment no longer cuts off the old one. Deployment draining waits for in-flight runs on the previous deployment to finish before it retires, while new and re-triggered runs go straight to the new one, so a rollout never kills a run mid-flight. Project logs also gained full-text search: filter by log message, source, or agent name, backed by a partial index that keeps the log feed fast on busy environments.

  • Graceful rollouts: In-flight runs finish on the old deployment while new runs move to the new one
  • Log search: Find a log line by message, source, or agent name
  • Built for scale: A supporting partial index keeps the log feed responsive on large environments

More Improvements

  • Testing, continued: expected_tool_call_order asserts tools fire in a given relative order, and file-level default mocks cut repetition across a test file
  • The connic skill CLI: Run connic skill (or connic init --skill) to drop the Connic skill into a project so your AI coding agent follows Connic conventions
  • Wider public API: Environments, deployments, connectors, channels, audit logs, judges, knowledge bases, and approvals are now reachable with an API key
  • Budget grouping: Group budget usage by agent or by model to see where spend concentrates

More from the Blog

Changelog

What We Shipped in May 2026

An agent testing framework, deploy gates with pull-request testing, deeper tracing for triggered and child runs, usage and budget dashboards, custom domains for connectors, and per-agent reasoning effort with cascading defaults.

June 1, 20267 min read
Changelog

What We Shipped in April 2026

Human-in-the-loop approvals, Bridge for custom tools and private services, tool hooks, discoverable tools, AI dashboard builder, custom OpenAI-compatible providers, and live logs from your own code.

May 3, 20267 min read
Changelog

What We Shipped in March 2026

A/B testing, agent guardrails, API spec tools, dashboard templates with percentile metrics, migration CLI, and more.

April 1, 20266 min read
Changelog

What We Shipped in February 2026

Managed database, templates library, evaluation judges, Telegram connector, web page reading, persistent sessions, conditional tools, and concurrency rules.

March 1, 20266 min read
Changelog

What We Shipped in January 2026

Custom observability dashboards with drag-and-drop widgets, model pricing for cost tracking, refreshed connector and runs UI, and llms.txt support.

February 10, 20265 min read
Changelog

What We Shipped in December 2025

Stripe connector with webhook signature verification, Email connector with IMAP polling and attachment support, plus dashboard UI improvements.

January 2, 20264 min read
Changelog

What We Shipped in November 2025

MCP connector exposing agents as tools, Postgres LISTEN/NOTIFY, S3 file uploads, SQS message queues, connector logs, and unified connector UI.

December 2, 20255 min read
Changelog

What We Shipped in October 2025

10 deployment regions across 5 continents, import predefined tools (trigger_agent, query_knowledge, web_search) in custom Python code.

November 3, 20254 min read
Changelog

What We Shipped in September 2025

Full audit logging with before/after diffs, data residency region selection, distributed rate limiting for connectors, and billing cost breakdown.

October 1, 20254 min read