v6.7.1

Dependency Updates

• Resolved Dependabot security findings across npm, Python, and GitHub Actions.
• Upgraded LiteLLM to 1.86.2 to address a CVE (CVE-2026-49468).

Acknowledgements

• @estohlmann

Full Changelog: https://github.com/awslabs/LISA/compare/v6.7.0..v6.7.1

v6.7.0

Key Features

Dedicated Messages Table with Context Compaction

Chat message storage has been refactored into a dedicated DynamoDB Messages table, separating message storage from session metadata. Each message is now an independent record, improving scalability and query flexibility, while the Sessions table serves exclusively as the store for session-level metadata.

Building on this, sessions are now automatically compacted and summarized as users approach 75% of a model's context window, preventing context overflow. Compaction summaries are visible directly in the UI and appended to the system prompt, giving users full transparency into context management.

Hybrid Search for RAG

LISA now supports hybrid search, combining vector similarity search with keyword-based search to improve retrieval quality across a broader range of query types:

• OpenSearch-backed RAG repositories support hybrid search pipelines.
• Bedrock Knowledge Base repositories support hybrid search with an admin toggle that acts as a hard gate — disabling it forces vector-only search for all sessions.
• The search mode selector only appears in the UI when the repository supports hybrid search, and unsupported knowledge bases automatically fall back to vector-only search.

Other Key Changes

• Refactored and cleaned up the Lambda function implementation for improved code organization and module resolution
• Updated the default hosted instance type so new deployments use an optimized instance configuration out of the box

Bug Fixes

• Fixed image generation not correctly referencing attached images, and removing an image reference now properly clears associated references
• Fixed DynamoDB Decimal values being serialized as strings instead of JSON numbers in session API responses
• Updated the Batch ingestion job container to use the lisa.rag.pipeline_ingestion module path and added PYTHONPATH so the shared package resolves at runtime
• Fixed corsAllowedOrigins configuration for MCP server deployments and resolved an error introduced during the MCP Workbench upgrade
• Corrected an indentation issue in the ENV_VAR helper and fixed default AWS session region resolution
• Fixed LiteLLM config passthrough behavior

Acknowledgements

• @bedanley
• @drduhe
• @estohlmann
• @gingerknight
• @jmharold

Full Changelog: https://github.com/awslabs/LISA/compare/v6.6.0..v6.7.0

v6.6.0

Key Features

Token Usage and Context Window Visibility

LISA now provides improved observability for model usage and configuration:

• View cumulative token usage for each user session.
• Display a context window field in model cards across Model Management and Model Library.
• Support overriding inferred context windows for LISA-hosted models through environment configuration.

Bedrock Agent Integration

LISA now includes native Bedrock Agent integration, giving administrators a streamlined way to publish Bedrock Agents in the platform catalog and make them available to end users.

Users can opt in to these agents directly from the Agent Management UI, which makes it easier to adopt Bedrock-powered workflows without separate integration steps.

LISA Serve Throttling

LISA Serve now includes throttling controls to better protect service stability under bursty or high-volume traffic patterns.

These controls help prevent noisy-neighbor behavior, improve predictability during traffic spikes, and provide a stronger baseline for multi-tenant reliability.

Security Hardening

CORS origins are now configurable via a new corsAllowedOrigins allowlist that is threaded through all API Gateways, Lambdas, FastAPI services, and MCP server components via a new CDK aspect, replacing permissive defaults. Additionally, client-side OAuth callback validation, safe error rendering in the UI, and stricter Pydantic request parsing for MCP Server and Workbench Lambdas reduce injection and untrusted-input risks.

Other Key Changes

• Dependency and security maintenance updates across Python and npm packages.
• Minor reliability fixes discovered during routine update work.
• Small MCP Workbench lifecycle improvements for tool synchronization and routing.
• Cypress CI workflow fixes for branch reporting and manual nightly test support.
• Incremental SDK improvements, including RAG evaluation support.

Acknowledgements

• @bedanley
• @drduhe
• @estohlmann
• @gingerknight
• @jmharold

Full Changelog: https://github.com/awslabs/LISA/compare/v6.5.0..v6.6.0

v6.5.0

Important

LISA has migrated away from the Makefile for our build system, if you need to build LISA you can now use the more modern and widely supported NPM commands. A full list of those commands can be found in our package.json file at the root of this repository.

Key Features

Self-Service RAG Administration

A new RAG Admin role gives designated users full control over RAG repository operations, document ingestion, collection management, and pipeline configuration without granting full system administrator privileges. This reduces the operational bottleneck where every RAG change required a system administrator. Self-service RAG is especially useful in multi-tenant environments.

Operations Metrics Dashboard

New dashboard reports track metrics across models and clusters, including inference latency, token usage, and batch ingestion job status. For example, customers can use the new input/output token reports to derive costs across users, groups, and models. This is useful for multi-tenant environments with a variety of end-user orgs. Also, model containers publish Prometheus metrics for vLLM, TEI, and TGI, and batch ingestion jobs report totals and failures for RAG document ingestion.

Integrating Externally Deployed Models

Administrators can register deployed models that are not LISA-managed by providing a URL that can be accessed from the LiteLLM ECS cluster. These models appear and behave like other models in the platform.

AWS Session Credentials

LISA now lets you attach AWS credentials to a chat session. While that session is active, MCP tools can use those credentials to call AWS APIs, so tool-based workflows can reach AWS resources in the same context as the conversation instead of requiring separate per-tool setup.

An example of a tool using this can be seen: lib/serve/mcp-workbench/src/examples/sample_tools/aws_operator_tools.py

Other Key Changes

• Updated OpenSearch for new RAG collections to the latest supported version and indexing engine (existing collections continue to work as before)
• Introduced optional audit logging for input/output from requests to LISA with opt-in and filtering
• Implemented a deployment Lambda to ensure configured models are present in LiteLLM
• Split Cypress E2E workflows into nightly health checks and weekly full suite runs, with API-based resource cleanup between runs
• Updated LiteLLM to version 1.82.4

Acknowledgements

• @bedanley
• @drduhe
• @Ernest-Gray
• @estohlmann
• @gingerknight
• @jmharold

Full Changelog: https://github.com/awslabs/LISA/compare/v6.4.0..v6.5.0

v6.4.0

Key Features

Project Organization for Chat Sessions

Customers can organize chat sessions into Projects, providing a structured way to manage and navigate conversation history. Projects allow users to group related sessions together, making it easier to find and revisit past conversations across different topics.

Chat Assistant Stacks

Chat Assistant Stacks allow administrators to define preconfigured assistants that bundle models, RAG repositories and collections, MCP servers and tools, and prompt templates into a single package. Users can browse available assistants and start chat sessions with everything preconfigured, eliminating the need for manual setup. Access to each stack is controlled through enterprise user groups, allowing administrators to tailor assistant availability to specific teams or roles.

Other Features

• Added context window inference step to model creation state machine for LISA-hosted and third-party models
• Added announcements banner feature to Configuration UI for administrators to set global messages for all users
• Added support for editing pipelines after repository creation
• Added secret rotation support for PGVector database credentials

UI Updates

• Stopped models now appear in model dropdown but are properly disabled to indicate unavailability
• Prompt area buttons are now properly disabled when prompt is disabled (e.g., when model is stopped)

Other Key Changes

• Batch ingestion job definition now uses static resource ID to prevent failures from definition drift during deployments
• REST containers now scale based on ECS metrics instead of ASG metrics for more reliable scaling
• Added support for additional text-based file types for RAG uploads including:
  • Javascript
  • HTML
  • Markdown
  • JSON
  • CSS
  • XML

Bug Fixes

• Fixed a liteLLM configuration issue that double prefixed openAI models, this resolves an issue with LISA hosted models integrating with Claude Code
• Fixed pipeline event handling issues
• Fixed RAG collection ID resolution

Documentation

• Added new API Reference documentation section to make it easier for developers to know where the various entity API documentation exists within our doc site.
• Added suggestions on self-hosted model performance scaling settings.

Dependency Updates

• Updated actions/setup-node and actions/upload-artifact GitHub Actions to latest versions
• Upgraded various dependencies across the platform for security and compatibility

Acknowledgements

• @bedanley
• @Ernest-Gray
• @estohlmann
• @gingerknight
• @jmharold

Full Changelog: https://github.com/awslabs/LISA/compare/v6.3.0..v6.4.0

v6.3.0

UI Updates

• Added RAG citation document preview side panel in Chat UI
• Exposed the document preview panel in the document library for viewing documents
• Added "Dismiss all" button for notification stacks
• Fixed "Loading Configuration..." text styling to match LISA UI using Cloudscape components
• Added last updated date/time to session displays

Other Key Changes

• Updated VLLM image to latest AWS deep-learning base with GPU settings for ECS, memory reservation, and tensor parallelization from GPU count
• Dockerfiles for embedding (instructor, tei), text generation (tgi), and VLLM now run OS package upgrades during build
• Removed deprecated LISA Serve V1 endpoints and supporting infrastructure
• Updated dependencies across the codebase

Bug Fixes

• Fixed RAG pipeline collection ID resolution (find_by_id_or_name fallback) and EventBus update mismatches on deployment
• Resolved max_tokens handling for non-Anthropic models on Anthropic routes
• Improved RAG PDF parsing quality (excessive whitespace and invisible Unicode characters)
• Addressed consistency of UI validation warnings for field format and required fields
• Added missing required role for batch ingestion
• Added cache clearing at login to prevent cache corruption issues

Documentation

• Added Claude Code setup guide for LISA Serve integration
• Updated deployment guide

Acknowledgements

• @bedanley
• @Ernest-Gray
• @estohlmann
• @gingerknight
• @jmharold

Full Changelog: https://github.com/awslabs/LISA/compare/v6.2.1..v6.3.0

v6.2.1

Bug Fixes

• Removed FastAPI import from auth handler preventing lambdas without FastAPI in the layer dependencies from working
• Updated Session model to account for session configuration data types to allow resuming old stored sessions
• Made exception handling more uniform and consistent across the application

UI Updates

• Cleaned up the MCP approval modal
• Removed borders around all tables for a consistent theme across the UI
• Added markdown preview toggle to prompt input
• Moved delete all sessions button under user profile and added back the refresh button to session panel

Documentation Updates

• Cleared up the vLLM variables LISA supports
• Updated deployment guide to account for new cognito updates

Acknowledgements

• @bedanley
• @Ernest-Gray
• @estohlmann
• @jmharold

Full Changelog: https://github.com/awslabs/LISA/compare/v6.2.0..v6.2.1

v6.2.0

Key Features

Custom Branding

LISA supports custom branding capabilities, allowing customers to tailor the user interface with specific logos and color schemes. The feature provides three key customization areas:

1. Visual Assets - Replace logos (favicon, top navigation logo, login image) in lib/user-interface/react/public/branding/custom/
2. Display Name - Change "LISA" brand name to your organization's product name via customDisplayName in config-custom.yaml
3. Theme Customization - Modify colors, fonts, and visual styling through the Cloudscape theming system

Video Generation Models

LISA supports video generation.

• Adding new VideoGen model type that admins can create in the model management
• Proxying routes to LiteLLM for video generation
• Saving generated videos in S3 and allowing users to download and share video links
• Exporting all videos from a selected session as a zip

Interactive Configuration Generator CLI

LISA offers an interactive CLI tool that guides customers through creating a valid config-custom.yaml file for deployment. Instead of manually editing YAML and referencing example_config.yaml, customers can now run:

@awslabs/lisa@6.2.0 generate-config
tsx scripts/generate-config.ts

╔════════════════════════════════════════════════════════════════╗
║           LISA Configuration Generator                         ║
║   Generate a config-custom.yaml for LISA deployment            ║
╚════════════════════════════════════════════════════════════════╝

The generator prompts for and validates:

• Core Configuration: AWS account, region, partition, deployment stage/name, S3 bucket
• Partition Support: additional partition configurations

Reasoning Model Support

Admins can mark models as "reasoning-capable," which enables those models to output reasoning content alongside their responses. Customers can then configure the level of reasoning effort to be included, and the reasoning content is displayed in LISA Chat and exported with the session data.

Other Key Changes

• Image Editing Support: Users can now upload reference images during image generation, allowing the model to create precise edits and updates based on the provided visual reference
• Security: Enabled encryption at rest for all S3 buckets, enforced SSL/TLS traffic only to S3, and encrypted all EBS volumes
• Deployment: Updated container source to use AWS ECR, upgraded host EC2 image to use AL2023
• Usability: Added loading/refresh icons across pages to better inform users when a refresh is taking place
• Database: Enabled IAM-based authentication for RDS connections, removed the need for storing master passwords
• Accessibility: Added a retry button next to failed user prompts, made the delete session dropdown button only appear if the config allows it
• Bugfixes: Addressed several IAM permission issues, CDK warnings, and model deployment healthiness checks
• UI Quality of Life: Continued to make subtle UI improvements by:
  • Adding various highlighting and background updates throughout the UI to make sections and errors stand out and more obvious
  • Adding loading indicators to various MCP toggles / checkboxes to display that calls are happening in the background
  • Updated various iconography, logos, and buttons to have a more uniform and clean feel

Acknowledgements

• @bedanley
• @Ernest-Gray
• @estohlmann
• @jmharold

Full Changelog: https://github.com/awslabs/LISA/compare/v6.1.1..v6.2.0

v6.1.1

UI Cleanup

[Light/Dark Theme Fixes]

Some UI elements in light mode were being rendered in a dark theme, such as code blocks, Mermaid tables, message metadata, etc. This change ensures elements render in their appropriate theme based on the user's selection.

[Auto-Scrolling Fix]

Allows users to break out of auto-scrolling during streamed responses by scrolling away from the bottom of the screen. Users can reset auto-scrolling by scrolling back down to the bottom of the stream.

[API Token Dashboard Metrics]

This change ensures that users who programmatically interact with LISA are captured in the metrics dashboard. Additionally, it introduces a reorganization of the metrics dashboard to enhance readability.

[Cypress Smoke Test Refactor]

Significantly enhanced the smoke tests to be more reliable. Added new E2E tests that reuse the smoke tests and a new model creation workflow E2E test.

[Session History Reload Fix]

Fixed session history not loading when selected, and updated session hooks to correctly invalidate and retrieve the session after selecting a new session.

[Markdown Table Support]

Introduced GitHub Flavored Markdown (GFM) to support markdown tables. Added Tailwind CSS overrides to render markdown in chat prompts. Enhanced the system prompt to render math expressions without additional prompting.

Key Changes

• Documentation: Added access control details to the Getting Started section along with general updates, added instructions on how to accept the self-signed certificate in the browser, and updates to configuration labels.
• Cypress Tests: Added additional smoke tests to ensure admin pages load with data, chat prompts render responses, chat sessions are selectable and load properly, and non-admins can't navigate to admin pages.
• Administrative: Added an AdminRoute wrapper around the McpWorkbench component.

Acknowledgements

• @bedanley
• @estohlmann
• @jmharold

Full Changelog: https://github.com/awslabs/LISA/compare/v6.1.0..v6.1.1

v6.1.0

⚠️ Important: Major Dependency Updates

This release includes comprehensive dependency updates across the entire platform. While these updates are not breaking changes, they represent significant infrastructure improvements that enhance security and platform stability:

• Lambda Runtime Upgrades: All Lambda functions now use Node.js v24 and Python v3.13 (upgraded from EOL versions)
• Security Vulnerability Remediation: Updated all Python and npm dependencies to address outstanding CVEs
• Platform Modernization: Comprehensive updates to core libraries including React, AWS CDK, LangChain, Boto3, LiteLLM, and more

Recommendation: Test thoroughly in non-production environments before deploying to production systems.

Key Features

API Token Management

To further support multi-tenant environments, LISA Admins can now manage and associate API tokens with specific users or systems. This feature adds an API Management UI where Admins can create, view, and delete API tokens. This feature can be extended to non-admin users by configuring user groups and enabling it in the UI as a configuration option.

User Experience:

• Admin UI: Admins can view, create, and delete API tokens for users and system users
• User UI: Users can create and delete their own API tokens if enabled by the admin

Schedule Management

This feature delivers automatic resource scheduling with LISA self-hosted models through AWS Auto Scaling Groups and Schedule Actions, enabling automated start/stop scheduling that reduces operational costs while maintaining service availability during business hours. The solution supports both UI-driven and API-driven workflows, eliminating manual intervention overhead and providing intelligent resource management.
Scheduling Types:

• DAILY: Configure different start/stop times for each day of the week
• RECURRING: Configure a single start/stop time to be used throughout the week
• NONE: The model will run continuously with no scheduled downtime

RAG UI Enhancements

This set of UI enhancements improves the overall user experience of the Repository, Analysis, and Guardrail (RAG) components:

• Consolidated Components: Standardized common features across the UI such as User Admin Groups inputs, Metadata/Tags forms, Chunking Strategies forms, time rendering elements, and solidified sentence casing for element labels
• Expanded Tables: Exposed more fields to the user in the Repository and Collection tables
• Model In-Use Deletion Notification: Better handles models that are currently in use by collections or pipelines when deleting models
• Placeholder Descriptions: Added placeholder descriptions to improve discoverability
• Reorganized Forms: Reorganized Collection and Repository fields into separate wizard forms

Dependency Updates

This release includes several dependency updates to address security vulnerabilities and keep the project up to date:

• Python and Node Lambda runtimes: Upgraded Lambda runtimes to Node v24 and Python v3.13 to correct EOL versions
• Python Dependencies: Updated Python dependencies to the latest compatible versions, addressing outstanding CVEs: Boto3, LiteLLM, LangChain, Cryptography, etc.
• npm Dependencies: Updated npm dependencies to latest compatible versions, addressing outstanding CVEs: React, cdk-lib, LangChain, Tailwind, Vite, etc...

Bug Fixes and Other Improvements

• Consistent Date Handling: Applied consistent UTC timezone handling for object creation and UI rendering
• VPC/Cert/Guardrail Config Updates: Ensured consistent VPC and Cert configurations across all Lambdas and updated the Guardrail table config
• MCP API Deployment Fix: Ensured MCP APIs are deployed even when the MCP Workbench is disabled
• Document Tagging Improvements: Improved the logic for applying tags from all levels (repository, collection, document, pipeline) during document ingestion

Key Changes

• Feature: Added API Token Management UI for admins and users
• Feature: Implemented automated resource scheduling through AWS Auto Scaling Groups
• Enhancement: Improved the overall user experience of the RAG components
• Dependency Update: Updated various npm, GitHub Actions, and Python dependencies
• Bug Fix: Applied consistent date handling, VPC configurations, and fixed various other bugs

Acknowledgements

• @batzela
• @bedanley
• @dustins
• @jmharold
• @nishi7409

Full Changelog: https://github.com/awslabs/LISA/compare/v6.0.1..v6.1.0