Trigger.dev v4.5.2

onEvent lifecycle callbacks for TriggerChatTransport, large batch payload offloading, and five chat session bug fixes.

2 new features, 8 improvements, 10 bug fixes and 7 security patches.

Highlights

API and SDK support for bulk actions

Bulk actions allow runs to be re-run based on a filter or run IDs. Now it's also available via API and in the official SDK. Create, list, retrieve, poll and abort bulk actions. Runs can be targeted to a different compute region, just like in the web UI. (#4105)


const action = await runs.bulk.replay({
filter: {
status: "FAILED",
taskIdentifier: "sync-customer",
period: "24h",
},
name: "Replay failed customer syncs",
targetRegion: "eu-central-1",
});

Lifecycle event callbacks for TriggerChatTransport

TriggerChatTransport and useTriggerChatTransport now accept an onEvent callback that fires on typed lifecycle events: message sent, stream connected, first chunk received, and turn complete. Use it to track send latency, time-to-first-token, and detect stalled turns with just a few lines of client code. (#4187)


const transport = new TriggerChatTransport({
// ...
onEvent: (event) => {
if (event.type === "message-sent") metrics.timing("chat.send_ms", event.durationMs);
if (event.type === "first-chunk") metrics.timing("chat.ttft_ms", event.sinceSendMs ?? 0);
},
});

AI Chat frontend docs

Improvements

  • Large batch payloads now offload to object storage instead of riding inline in the trigger request. batchTrigger and batchTriggerAndWait (and the by-id and by-task variants) offload any per-item payload over 128KB before sending, the same way single trigger and triggerAndWait already do, so a big batch no longer blows past the API body limit. (#4165)
  • Removed internal helpers that were only used by the end-of-life v3 self-hosted compute providers. (#4194)
  • The environment and branch selector dropdown will automatically revalidate when opened so that new branches show up. (#4171)
  • A cleaner sign-in flow: request a magic link right from the login page, or continue with SSO. (#4182)
  • Serve PostHog analytics from a same-origin /ph path that reverse-proxies to PostHog Cloud EU, following PostHog's first-party reverse-proxy guidance. (#4183)
  • Refreshed the SSO & Directory Sync settings page layout and copy. (#4196)
  • Migrated the webapp to Tailwind CSS v4 with a CSS-first @theme. Semantic color tokens are now CSS variables overridable per theme. Tailwind runs through @tailwindcss/postcss; plugins replaced or upgraded to v4-compatible versions. (#4139)
  • Replaced raw charcoal-* Tailwind classes with semantic theme tokens across the dashboard. Adds surface, border and text tokens to the themable layer so future themes only override CSS variables. (#4139)

Bug fixes

  • Fix chat turns that throw, for example from an onTurnStart hook, leaking their message listener, which lost or duplicated messages sent during later turns. (#4176)
  • Fix chat.agent and chat.createSession permanently dropping user messages when several arrived during a single turn: every buffered message is now dispatched as its own turn instead of only the first. (#4176)
  • Fix chat continuation runs replaying already-answered messages: turns delivered while the run was suspended now advance the session.in resume cursor, so a new run picks up exactly where the previous one left off. (#4176)
  • Fix chat.createSession swallowing a message sent shortly after stopping a turn: the turn's message listener now detaches when the stream settles, so those messages run as the next turn. (#4176)
  • Anchor batch item run-ops residency on the batch's own friendlyId so a mid-batch flag change can no longer mint an item into a different physical store than its BatchTaskRun row. (#4178)
  • AI generation cost now uses the exact provider-reported cost from OpenRouter/Vercel AI Gateway when present, instead of catalog pricing, so cache-discounted and fallback-routed requests match the amount the provider actually billed. (#4186)
  • Deleting a project no longer triggers a slow database cleanup that could hang on projects with many runs. (#4191)
  • Fixed the agent playground chat failing to send messages, with "Failed to fetch" errors in some environments. Messages now reach the agent reliably. (#4193)
  • Deploying with an outdated CLI could produce an image that fails to start on every run. These deploys are now stopped before going live, with a message asking you to upgrade the CLI and re-deploy. (#4184)
  • Runs resuming after a wait no longer fail with TASK_EXECUTION_ABORTED when the database is briefly unreachable; the resume endpoint returns a retryable response for transient infrastructure errors instead of a permanent one. (#4161)

Security

  • Harden account and access-control handling across auth, RBAC, org membership, and impersonation. (#4199)
  • Harden URL handling for alert webhooks and platform notifications. (#4199)
  • Harden the query and prompt-override APIs and rate-limit the query ai-title endpoint. (#4199)
  • Improve redaction of secrets from debug logs. (#4199)
  • Tighten environment scoping when replaying a run. (#4199)
  • Scope run, batch, and trigger lookups to the caller's tenant. (#4199)
  • Honor the MCP server's --dev-only flag. (#4199)

How to upgrade

Update the trigger.dev/* packages to v4.5.2 using your package manager:


npx trigger.dev@latest update # npm
pnpm dlx trigger.dev@latest update # pnpm
yarn dlx trigger.dev@latest update # yarn
bunx trigger.dev@latest update # bun

Self-hosted users: update your Docker image to ghcr.io/triggerdotdev/trigger.dev:v4.5.2.

Ready to start building?

Build and deploy your first task in 3 minutes.

Get started now