Developer changelog
API & platform changes.
Updates that affect API and SDK consumers — model and capability changes, platform releases, and security bulletins. For the full product changelog see /changelog.
- Docs
Global policy pack: AI transparency, accessibility, copyright, government requests
Four new legal documents at bee.heossi.com/legal: AI Transparency & Disclosure (you are interacting with an AI; capabilities and limitations; the synthetic-media stance stated honestly — embedded provenance marking for generated media is in development, not yet shipped; EU-AI-Act-aligned prohibited practices; and the ML-DSA-signed machine-readable facts contract), an Accessibility Statement (WCAG 2.2 AA target with current status stated honestly and a feedback channel), a Copyright & DMCA Policy (notice, counter-notice, repeat-infringer termination), and a Government & Law-Enforcement Data Requests policy (valid legal process only, narrowest scope, customer notice by default, MLAT for foreign authorities). The Privacy Policy adds an other-jurisdictions rights clause (Brazil LGPD, India DPDPA, Japan APPI, Australia Privacy Act).
- Security
Cryptographically verifiable product facts
Bee now publishes a machine-readable product-facts contract at /facts.json — tiers, capabilities, pricing, and recent releases — dual-signed with ML-DSA-65 (NIST FIPS 204, post-quantum) and Ed25519 (classical). Anyone can verify the facts are authentically ours and untampered against the public keys at /trust/facts/keys.json; the verifier is published in the repo. The same source renders /llms.txt for AI answer engines, so every surface states the same thing and cannot drift. Also shipped: a developer changelog at /docs/changelog and a What's new panel in the workspace, all rendered from one curated source.
- Model
1M-token context, video input, tool calling and JSON mode — live
Bee Comb and Bee Buzz now serve up to 1,010,000 tokens of context through a dedicated long-context mode (proven with a real 285,501-token request that retrieved a needle at 70% depth); Bee Swarm serves 1M natively. Native video input is live on Comb, Buzz and Hive. Tool / function calling and JSON mode (structured output) are live on Comb, Buzz and Hive. Every capability listed here was proven against the running production backend before it was advertised — the capability matrix on /models is generated from those live checks, not from intent.
- Docs
OpenAPI 3.1 contract + Postman collection
The Bee API publishes a machine-readable OpenAPI 3.1 contract (api.bee.heossi.com/openapi.json) and a Postman collection (api.bee.heossi.com/postman.json), so you can generate a client or import the API instead of hand-writing request shapes.
- Security
Post-quantum encryption at rest + the signed PQ coverage register
Conversation messages and titles, personal memories, and the research queue are now encrypted at rest. Each object is sealed with a fresh AES-256-GCM data key, and that data key is wrapped by genuine NIST ML-KEM (FIPS 203) encapsulation under a per-tenant key-encryption key — verified in production as a real ML-KEM wrap, not a symmetric key-wrap wearing a post-quantum label. Encrypted-content semantic search is preserved. Bee also publishes a post-quantum coverage register at /trust, signed with ML-DSA (FIPS 204) under an offline root key, with the verification key at /trust/keys and daily probes that continuously re-test the register's claims.
- Platform
See Bee think — reasoning traces and a thinking toggle
Workspace chat now surfaces the model's reasoning trace, with an explicit per-conversation toggle to turn extended thinking on or off. Each tier also gained its own sampling profile, so a tier answers at its intended temperature rather than inheriting a single global default.
- Platform
Free-tier fairness + launch offer codes
Free tiers now reset on a rolling window rather than a per-invoice counter: Bee Cell allows 30 requests per 5-hour session, and the free API tier 250 requests per 24 hours — both reset automatically, so an active free user is never left without a working allowance. Added shared, capped, one-redemption-per-user promo codes with optional start dates for launch offers, redeemable to the prepaid usage wallet. Verified end-to-end against production. (Commits 844fb96, 159374b, 213d251.)
- Platform
Gift Bee — send credits or a plan
You can now gift Bee: prepaid usage credits, or N months of any plan. Purchase and redemption flows are live, and the gift code is emailed to the recipient on payment. (PRs #28–#35.)
- Platform
Passwordless sign-in
Sign-in is now passwordless — a one-time email code; the password field has been removed. Accounts show their linked sign-in methods (email plus Google / GitHub / Microsoft / LinkedIn), and the download page lists the real editor and MCP integrations. (Migration 055_email_login_codes; PRs #23–#27.)
- Platform
One codebase across web, desktop, and mobile
Workspace, desktop, and the iOS app now run on a single web codebase via a hybrid WebView shell, so new features land on every surface at once. (PRs #1–#2.)
- Security
Cost-safe evolution engine
The autonomous adapter-evolution loop was redesigned to be event-triggered, bounded, and human-gated, and it ships OFF by default — no training runs inside the serving path. (PRs #3–#5.)
- Model
Honest serving ladder
Each tier now serves from its own dedicated backend, with an explicit Cell last-resort fallback and an internal alert if a higher tier is unavailable — rather than silently degrading a request to a smaller model without saying so.
- Model
Correction: cybersecurity adapter no-op de-promoted
A correction to the 2026-05-05 cybersecurity-adapter notes: a served cyber adapter was found to be a no-op — it had not effectively trained and returned base-equivalent output. It has been de-promoted, and a promotion guard now blocks any no-op adapter from reaching production. We publish corrections rather than quietly editing history.
- Platform
Hosted MCP, documents & memory, tenant-scoped RAG
Shipped the hosted Model Context Protocol server with a plan-aware tool surface, plus document and personal-memory resources over both the connector and the SDK, and a tenant-scoped /bee/documents RAG passthrough. SDK and API usage is now correctly metered and billed on the gateway (closing a streamed-call metering gap found in audit).
- Security
Trust page: real, reproducible eval scores
Replaced fabricated benchmark numbers on /trust with real, reproducible Cell-base eval scores from an industry-standard runner. If a number can’t be reproduced, it doesn’t ship.
- Platform
Partner Program, VC Partner Program, BEE for Startups
Three program intakes shipped: /partners (Build / Service / Resell / Cloud lanes — integrators, resellers, MSPs, cloud platforms, app builders), /vc-partners (venture firms backing AI-native startups), and /startups (early-stage AI-native companies — credits up to $25,000, architecture review, /platform listing, compliance head-start). All three back JSON POSTs at /api/{partners,vc-partners,startups}/apply, fan-out to bee-partners@heossi.com with structured emails, and ship dedicated legal docs at /legal/{partner,vc-partner,startup}-program-terms. Startup credits are reviewed manually — no auto-grants — and use the existing credit_ledger when accepted.
- Model
Production-grade Apache-2.0 bases across the seven customer tiers
Seven customer tiers locked: Cell · Brood · Comb · Buzz · Hive · Swarm · Enclave. Each ships on a curated open-weight Apache-2.0 / MIT base under our governed release policy — specific base disclosure is contractual via the Enclave deployment manifest. Bee Ignite remains an internal R&D track, not a customer-selectable tier. Source of truth for engineers and auditors: governance documentation + per-adapter validation records published at /trust.
- Model
Hive / Swarm / Enclave tier expansion + Vertex auto-post + Kaggle multi-slug
Vertex training pipeline extended beyond Comb: Hive cybersec adapter smoke RUNNING on A100 SPOT (~10h ETA); Swarm cybersec dispatched on A100 80GB (~14h ETA); Enclave queued pending H100 80GB quota approval. Vertex worker now auto-posts to /api/training/runs (closes the gap that produced manual backfills), so eval-gate logic, the cutoff badge, and /admin/training see Vertex runs going forward. Kaggle dispatcher gained a multi-slug path so up to 3 kernels can run concurrently. With Vertex (~10 jobs), Kaggle (3), and Colab (2) live simultaneously, Bee now sustains roughly 15 parallel training jobs across the four-pipeline architecture. None of Hive / Swarm / Enclave is shipped — adapters are in training, not merged into routing. (Commit 1c285de.)
- Model
Stage 0.5 — cybersec adapter pipeline + research queue
Wired the elite cybersec adapter pipeline: Vertex Comb cybersec adapter landed at train_loss 0.314 over ~6h on L4. Tier-1 CII (Critical Information Infrastructure) wrapper and Bee Ignite research queue both online. Across today's haul: 12 Cell / Brood rotations across 9 domains via Colab (all candidate_worthy), 3 Comb domain adapters via Kaggle (cybersec, quantum, infrastructure). (Commit 9d20b3b.)
- Security
Stage 0 — runtime safety wrapper + marketing-claim audit
Added a runtime safety wrapper around every API call and ran a full marketing-claim audit so the public-facing copy matches what's actually live. Honest APK launch ready. (Commit 45a597e.)
- Security
Bee Security Eval Harness — 52 cases across 10 categories
Shipped the eval harness that gates every release: 52 cases, 10 categories (insecure code generation, prompt injection, agent tool abuse, tenant isolation, authz/authn, cloud IAM, dependency CVEs, secret leakage, unsafe cyber responses, hallucinated security claims). Source of truth: evals/yaml_harness/cybersecurity/. (Commit 96c751c.)
- Platform
NVD apiKey + pagination, CISA KEV cron, NVD history backfill
Daily NVD CVE pull and CISA KEV ingestion are wired and running (apps/web/src/app/api/cron/cve-ingest, apps/web/src/app/api/cron/kev-ingest). Added scripts/data/backfill_cve_completions.py and scripts/data/push_cve_corpus_to_hf.py for the historical backfill. (Commit b2ff987.)
- Model
Teacher-model distillation + CVE prompt backfill
Wired an external teacher model into the distillation pipeline and added the CVE prompt backfill so the cybersec adapter trains on grounded vulnerability content rather than synthetic prompts. (Commit b3d4e03.)
- Platform
Workspace + Marketing site split
We separated the customer workspace (workspace.bee.heossi.com) from the marketing site (bee.heossi.com) and published the comprehensive Trust & Evidence index, the comparison-vs-incumbents matrix, the Singapore-jurisdiction legal pack, and per-page JSON-LD + llms.txt for AI crawlers.
- Platform
Native email-confirmation + OAuth (Google · GitHub · Microsoft)
Sign-up now uses a first-party email-confirmation flow plus three OAuth providers. JWT verification is local (HMAC-SHA256 against SUPABASE_JWT_SECRET) so middleware works at the edge with no GoTrue round-trip.
- Platform
Per-plan RAG quotas + per-tenant document store
Replaced 'unlimited' RAG copy with concrete plan-level document and storage caps. Document upload now enforces per-tenant quotas at write time, fixing a privacy regression where uploads could land in the wrong tenant store.
- Model
/models page + canonical model catalogue
Single-source-of-truth model catalogue with per-1M-token pricing for Cell, Comb, Hive, Swarm, plus the Enclave deployment mode and the Ignite research track. Adapter routing reads the same catalogue.
- Platform
Production SMTP mailer + /contact form
Pooled Namecheap-Private-Email transport, the eleven bee-*@heossi.com forwarders, contact-form submissions with file attachments, honey-pot spam protection, and 5/15min/IP rate limiting.
- Security
Direct-Postgres + local-auth fallback
When Supabase egress restriction was active we needed signups to keep working — local JWT verification + a pg-shim path were added so middleware and account routes don't depend on the GoTrue HTTP API.