2026-06-11

Two headline features landed: a JavaScript scripting engine that runs onRequest / onResponse hooks across every capture source, and BusyBro global (team) memory — a shared, leak-proof store of project facts recalled for everyone. The MCP server grew from 106 to 122 tools to keep full dashboard parity.

New in the product

JavaScript scripting engine

Scripts are block rules grown up. Where a block rule answers a matching request with a fixed canned response, a script is real JavaScript that runs on each matching request and response, so you can read and mutate the actual bytes — rewrite a request header, mock a JSON response computed per-request, patch one field of a real response body, or conditionally block on what's inside.

  • Two authoring models. A standalone script (Settings → Scripts global, or Devices → ‹device› → Scripts per-device) carries its own URL match and runs onRequest, onResponse, or both. An inline Script action is the 4th block-rule action type, beside Block / Drop / Mock, reusing that rule's own matcher.
  • A Monaco editor with dry-run. The code pane is the same engine as VS Code — autocomplete for the whole req / res / ctx / busymate.* / Response.json contract, plus a Test panel that runs your script against a real captured entry in the identical sandbox the live proxy uses, before it touches live traffic.
  • Runs everywhere, byte-identically. One frozen ES2020 contract runs the same across the proxy-server (the fullest engine — all decrypted-HTTPS + plain HTTP, 1 MB bodies), the bmc CDP connector (via Chrome's Fetch domain), and iOS VPN mode (SSL-Proxying-list hosts, HTTP/1.1, 256 KB bodies). See the per-source coverage matrix.
  • Treated as hostile code. Each script runs in an isolated-vm sandbox — no require / fetch / fs / timers, no network or filesystem reach. Any throw, timeout, OOM, or malformed return fails open to the original bytes (recorded as scriptError on the entry), with hard caps of 50 ms / hook, 16 MB / isolate, 1 MB / body, and a 32-slot global concurrent-hook budget that sheds under load.
  • A new scripts RBAC section. Authoring is admin-tier: scripts:view to read and dry-run, scripts:edit + admin + confirm to write any script — enforced by a Postgres write-gate on the settings tables, so a blocks:edit-only user can't smuggle a script action into a block-rules write. See Roles & permissions.
  • Full MCP parity. Agents can read and write scripts over MCP via get_scripts / set_scripts_global / set_scripts_device / dry_run_script.

BusyBro global (team) memory

BusyBro gained a second memory tier alongside your private store: a shared team store of non-personal, third-person project facts that's recalled for any user — even anonymous ones. See BusyBro memory.

  • Physically separated, leak-proof. Global facts live in their own table with no user_id — contributor identity sits in a side table that's never read on the recall path. Personal and global memories are merged only in prompt text, never in SQL, and a deterministic PII/secret scrub gates every write.
  • Quarantine, then promote. A new candidate is pending and not recallable until it's promoted — either by an admin or automatically once 2 distinct contributors corroborate it. A stricter dedup threshold keeps the shared store tight.
  • A dashboard control surface. Settings → BusyBro now has a memory admin view: Stats (personal/global counts, pending review, contributors, by-kind, growth), a Review queue for pending global candidates, and Manage (browse, per-fact governance, GDPR erasure), gated by the users capability.

New for developers

MCP at 122 tools

The MCP server now exposes 122 tools (up from 106). New since the last release: the scripting tools (get_scripts / set_scripts_global / set_scripts_device / dry_run_script), custom browser profiles, BusyBro memory & shares, and update_cdp_host for hot daemon self-update. Full categorized reference: Tool reference.

Where it's documented

Testing harness2026-06-06