Latch / Docs
changelog

Changelog

Everything we have shipped: new features, improvements, and fixes.

Latch deploys continuously, so entries are grouped by the day they landed.

Developer documentation and nested spend caps
Docs you can read without signing in, and per-mount spend caps that actually nest.
  • fixed
    Per-mount spend caps now enforce alongside the latch-level cap
    Spend caps on a multi-mount latch nest: the latch-level cap is the overall daily ceiling and each mount's cap is a sub-limit within it, metered on its own counter. Previously a latch-level cap took precedence over per-mount caps, and mounts shared one daily counter. Mount-scoped requests now also return x-latch-cost-mount-limit/used headers, and the self-introspection budget endpoint lists each mount's sub-limit with live spend.
    proxy·#243
  • new
    Latch has a public developer docs site
    A quickstart, task guides, and a full filter reference now live at /docs, next to a generated REST reference for the proxy API and this changelog. No sign-in needed.
    docs·#241
Multi-mount, generally available
  • new
    Multi-mount latches are generally available
    Front several upstream services from one token: each mount routes a path prefix to its own upstream, secret, and pipeline.
    latch·#221
  • improved
    Narrow an inherited mount on an extended latch
    A child extension can remove an inherited mount or add filters on top of it, without touching the parent.
    web·#222
Retire an agent for good
  • new
    Terminal revocation for agent identities
    Retire an enrolled agent key permanently, so a decommissioned machine can never present a valid slip again.
    agent-identity·#223
Multi-mount latches
One token in front of several upstream services, each with its own credential and its own policy.
  • new
    A single latch can now front several upstream services
    Give a latch a mount table: each mount routes a path prefix to its own upstream, with its own secret and its own filter pipeline. One lat_ token, many services, one audit trail.
    tee·#217
  • improved
    The mount-type selector is hidden; new latches default to proxy
    One less decision on the way to a working latch.
    web·#220
Accurate traffic accounting
  • fixed
    /proxy and /admin are exempt from the canonical HTTPS redirect
    API and proxy calls are no longer 301'd to the canonical host, and redirected traffic is counted correctly.
    server·#218
Self-serve beta signup
  • new
    Sign up for the beta without waiting on a manual approval
    New signups are auto-approved once verified, with a denylist for exclusions.
    auth·#214
Owner-attributed usage, and Linux enrollment
  • new
    Per-user daily proxy-usage rollup
    Daily usage attributed to the owner, so you can see who is actually using what.
    analytics·#206
  • improved
    Enrollment now covers Linux hosts
    Added a Linux host enrollment card and de-Mac-centered the copy.
    web·#216
Payload correctness, batch approvals, observability
  • fixed
    payload max_length and min_length no longer fail open or deny everything
    Length bounds on the payload filter now evaluate correctly (LAT-294).
    engine·#215
  • new
    Rate-limited batch approval of access requests
    web·#211
  • improved
    Closed product and engineering observability gaps
    observability·#213
Friendlier failures
  • new
    Stylized 404 page, with a server-side fallback for unknown routes
    web·#212
  • fixed
    The MCP server validates method and path arguments instead of leaking raw JS errors
    mcp-server·#209
Faster TEE policy evaluation
  • improved
    WASM-by-handle for TEE policies
    Reference a cached policy instead of re-shipping the WASM on every call.
    rex·#197
Proxy fidelity
The proxy forwards what you actually sent.
  • fixed
    Non-JSON request bodies are forwarded verbatim
    The proxy no longer applies application/json to a body that is not JSON (LAT-281).
    proxy·#202
  • fixed
    The caller's GET query string is forwarded upstream
    proxy·#200
  • fixed
    Invalid simulate overrides no longer 500 or flood /admin/simulate
    web·#204
  • fixed
    Theme defaults to system, so Monaco editors are no longer stuck in light mode
    web·#203
  • fixed
    Dropped misleading empty payload filters from the templates
    web·#201
Editor logging toggles, and rate-limit guards
  • new
    Request and response body logging toggles in the latch editor
    web·#198
  • fixed
    rate_limit bounds maxRequests and windowSeconds, and rejects absurd values
    engine·#196
The blog, and names that hold
  • new
    Self-hosted blog at onlatch.com/blog
    web·#171
  • fixed
    Latch and secret names must be unique, with flat clone numbering
    latch·#194
  • fixed
    Latch expiry no longer shows "just now", or a blank edit field
    web·#195
  • fixed
    The Claude Desktop .mcpb manifest carries its required author field
    connect·#193
In-enclave Cedar, and the protection flow made visible
  • new
    In-enclave Cedar evaluation (engine v2)
    Cedar policies evaluate inside the enclave, compiled only for Cedar latches.
    tee·#184
  • new
    Activity shows the per-request protection flow
    Identity, then the REX enclave, then attestation, then upstream. Traced per request.
    web·#190
  • fixed
    Simulation skips stateful filters, with an advisory note
    A stateful filter cannot be meaningfully replayed in a dry run (LAT-231).
    engine·#182
  • fixed
    custom_code language options match the venue; the no-op Rust option is gone on host latches
    web·#183
  • fixed
    Expires At validates its range, and rejects unparseable dates
    latch·#191
  • fixed
    Long secret names are capped and wrapped instead of breaking the layout
    web·#192
Activity export, and activation analytics
  • new
    Activity page CSV export
    web·#185
  • new
    Numbered page navigation for the access-requests queue
    web·#186
  • new
    Per-user first-proxy-call activation event, linked to the latch
    analytics·#174
  • fixed
    The allowed timeout window matches the enclave's 30 second cap
    rex·#181
Prometheus metrics
  • new
    Prometheus /metrics endpoint
    Onboarding, proxy, and spend instrumentation exposed for scraping.
    observability·#177
  • fixed
    The TEE timeout is editable, within a 60 to 120 second range
    latch·#176
  • fixed
    Cloning a TEE latch preserves TEE instead of producing a broken local latch
    latch·#175