v1.5.0 — Machine Management + Long-Lived Keys
Released: 2026-04-17
This release is about licensing friction. Every feature here exists to eliminate a specific painful situation: losing a machine, hitting a seat limit in CI, or watching a license key expire mid-year. The core codebase intelligence engine is unchanged.
Portal Self-Service
Section titled “Portal Self-Service”Solo and Pro customers can now manage machine activations without contacting support.
- Portal at
https://forge.ironpinelabs.com/portal/login— sign in with your license email via magic link (no password). View all active bindings with platform, last heartbeat date, and Forge version. Revoke any binding with one click. - Magic-link auth — 15-minute single-use links. No stored passwords.
- Audit trail — every revocation is logged with timestamp and source (portal or CLI).
- Team member handling — Team tier members are directed to their admin rather than the self-service portal.
See Recover from a dead machine.
Stale Binding Auto-Eviction
Section titled “Stale Binding Auto-Eviction”When a machine has not sent a heartbeat for 90 days, forge activate on a new machine will offer to evict the inactive binding rather than hard-blocking with “seat limit reached.”
- Interactive prompt — shows the inactive machine’s platform and days since last heartbeat. Requires explicit confirmation (
y/N). - Atomic server-side transaction — eviction and re-issuance happen in a single operation. No partial states.
- Rate-limited to 2 evictions per license per 30 days — protects against abuse on a compromised key.
- Email notification on eviction — the license holder receives a message with a 7-day reversal window.
- Gradual rollout — eviction requires 90 days of heartbeat data. Bindings registered before v1.5.0 become eligible 90 days after first heartbeat on v1.5.0.
See Machine Fingerprints and Bindings for the full eviction model.
Ephemeral Mode
Section titled “Ephemeral Mode”CI runners, GitHub Codespaces, GitLab CI, Docker containers, and Devcontainers now work without consuming seats.
- Auto-detection — Forge inspects environment variables and filesystem signals to identify ephemeral environments. Detected environments skip fingerprint registration entirely.
- Explicit override —
FORGE_EPHEMERAL=1forces ephemeral mode on any machine.FORGE_EPHEMERAL=0disables detection (useful for VMs with false-positive Docker cgroup artifacts). - Session cache — validation result is cached in
/tmp/forge-session-cache.jsonfor one hour, so multi-step CI jobs do not hit the license server on every invocation. - No seat consumption — ephemeral activations are logged for analytics but do not register a binding or count against your seat limit.
See Use Forge in CI, Use Forge in Codespaces, and Use Forge in Docker.
Long-Lived License Keys
Section titled “Long-Lived License Keys”- Online tiers (Solo, Pro, Team): signed license keys now have a 5-year validity window. Previously 1 year. No action required for existing licenses — renewals issued from this point forward use the new window.
- Air-gapped tier: offline validation keys remain at 1 year to allow for security key rotation without internet dependency.
Keys are Ed25519-signed by the license server. The expiry is embedded in the signed payload and verified locally on every invocation. A valid key that has passed its expiry degrades to community mode; it does not hard-fail.
Changed
Section titled “Changed”forge activateseat-limit behavior — when a seat limit is hit and a stale binding exists, the command now presents an eviction prompt instead of immediately exiting with an error.- Heartbeat payload — now includes
fingerprint_hashandplatformfields. These are required for eviction eligibility tracking. Clients on v1.4.x that omit these fields continue to work normally but do not populate heartbeat data and cannot benefit from auto-eviction until they upgrade.
- CI activation reliability (v1.4.5 backport) — heartbeat retries on transient network errors now use exponential backoff with jitter, preventing thundering-herd patterns on CI pipelines that start many parallel jobs simultaneously.
Upgrade Notes
Section titled “Upgrade Notes”No breaking changes. The MCP tool signatures, CLI command surface, plugin YAML schema, and SQLite schema additions from v1.0.0 are all unchanged. All 21 MCP tools continue to function identically.
Existing license keys remain valid. Heartbeat data for eviction eligibility begins accumulating from the first v1.5.0 run. No binding becomes eligible for auto-eviction until 90 days after that first heartbeat.
The API freeze from v1.0.0 remains in effect.