Roadmap
Where we are.
Where we're going.
Synth is actively developed. Here's where we are and where we're headed.
Just Shipped
v1.2 — Scripted Plans
A fundamental architecture shift. The envoy no longer relies on built-in handlers — the LLM generates bash and powershell scripts tailored to each operation. If your shell can do it, Synth can plan, validate, and execute it.
LLM-Generated Execution Scripts
Planning produces bash or powershell scripts for every step. No hard-coded handlers, no format limitations. The agent reasons about your target and writes the exact commands needed — approved verbatim, executed deterministically.
Universal Target Support
Kubernetes, Terraform, Ansible, cloud CLIs, database migrations, custom toolchains — if it has a CLI, Synth can operate on it. No handler needed. No plugin required. The shell is the interface.
Boundary Validation
Every generated script is audited against the approved plan before execution. LLM-powered boundary checks ensure scripts stay within scope — no unexpected mutations, no scope creep, no surprises at 2am.
Dry-Run Scripts
Preview exactly what will execute before approving. Dry-run scripts probe target state and surface conflicts without side effects — the same intelligence that plans the operation validates its feasibility.
Automatic Rollback Generation
Every mutating script gets a paired rollback script generated alongside it. If execution fails mid-plan, rollback runs automatically — returning the environment to a known state with no manual intervention.
Cross-Platform Execution
Bash for Linux and macOS targets. PowerShell for Windows. The agent detects the target platform and generates scripts in the right language — same operation intent, native execution on every OS.
Previously Released
v1.1 — The Operations Model
Deployment was always just one type of operational work. v1.1 generalized the entire Synth model — the same intelligence that planned deployments now handles the full scope of what operations engineers actually do.
Query Operations
Read-only fleet interrogation as a first-class operation type. Ask questions about infrastructure state — cert expiry, service versions, configuration drift — and get structured findings in the debrief. No plan approval needed.
Investigation Operations
Diagnostic deep-dives where each finding informs what to check next. The agent probes iteratively, produces a root cause analysis, and proposes a resolution operation ready for approval.
Maintenance Operations
Mutating operations without an artifact: certificate rotation, configuration changes, credential updates, tooling upgrades. Describe the intent — the agent probes current state and plans accordingly.
Trigger Operations
Persistent monitoring directives authored as operations. Set a condition and a response intent — the envoy watches on schedule and spawns child operations with full lineage when thresholds are crossed.
Composite Operations
Multiple operation types in one planned sequence with dependency ordering. Deploy, rotate credentials, and run post-deploy verification as a single coherent plan — approved once, executed sequentially.
Built-in Health Monitoring
Envoys already deployed on targets now run lightweight scheduled health checks. Threshold crossings auto-spawn response operations. The same system that executes fixes detects the need for them.
External Alert Webhooks
Prometheus, PagerDuty, Datadog, and Grafana can trigger Synth operations directly. Your existing monitoring stack becomes the detection layer — Synth handles the intelligent response.
Debrief Reuse
Full-text search across all debriefs. Pin operations for quick access. Run Again pre-fills the authoring form from any past operation. Create Trigger shortcuts from successful debriefs. No separate recipe system needed.
Configurable Approval Model
Read-only operations auto-approve by default. Mutating operations require explicit approval. Environment overrides tighten defaults for sensitive targets. Overridable per request at authoring time.
The Foundation
v1.0 — Where it all started
The core that everything builds on. Intelligent planning, artifact analysis, fleet execution, and enterprise-ready identity — all shipping since day one.
Intelligent Deployment Planning
LLM-powered pipeline planning with plain-language reasoning. The agent analyzes artifacts, reasons about targets, and explains every decision.
Artifact Analysis
Deterministic extractors for container images, Helm charts, npm/NuGet packages, plus LLM fallback for unknown formats.
Plan Review
Approve, reject, or modify deployment plans. Three-mode refinement with LLM assessment.
Debrief (Decision Record)
Every agent decision logged in plain language. Failed deployments generate automatic postmortems. Audit-ready from day one.
Environment & Partition Management
Isolated deployment contexts with scoped variables and configurable conflict resolution policies.
LLM-Agnostic
Claude, GPT, Gemini, Grok, DeepSeek, Ollama, or any OpenAI-compatible endpoint. Runs entirely on your infrastructure.
CI/CD Integration
Webhook intake for GitHub Actions, GitLab CI, Azure DevOps, Jenkins, CircleCI. Docker/npm/NuGet registry polling.
Fleet Deployment
Multi-envoy orchestration with representative planning. Deploy across multiple targets from a single operation.
Enterprise Identity
SAML, OIDC, LDAP provider support with automatic role mapping. Local auth with role-based access control.
Deployment Graphs
Multi-artifact DAG orchestration with LLM-inferred dependencies and intelligent ordering.
Cross-Deployment Pattern Learning
Automatic correction tracking and reapplication. The agent learns from past decisions to improve future plans.
Security Hardened
Prompt injection protection, SSRF validation, path traversal guards, secrets masking, webhook HMAC verification.
MCP-Native
Built on Model Context Protocol from the foundation. Connect external data sources and tools through standardized MCP servers.
Co-Branding
White-label support for managed service providers. Rebrand the UI and deployment reports with your organization's identity.
Coming Soon
v1.3 — What's next
Deeper planning intelligence, compliance workflows, and scale validation. Priorities shift as we learn from production usage.
Blue-Green Deployment Strategy
Zero-downtime deployment strategy with intelligent traffic switching. The agent manages environment promotion and rollback decisions.
Compliance-Ready Audit Export
Debrief export formatted for SOC2, HIPAA, and FedRAMP audit requirements. Every operation decision already logged — now exportable in the right format.
Source Code Integration
The envoy reads your source code during planning — dependency trees, build configs, migration files, Dockerfiles. It understands where the artifact came from.
Deployment Runbook Import
Feed natural-language deployment guides into planning. Hand-written, agent-generated, or produced by CI. Tribal knowledge becomes intelligent planning input.
Plan Export to Source Control
Serialize approved plans and debriefs to your repo. JSON for tooling, markdown for humans. Diff plans between releases and maintain audit trails in git.
Fleet Deployment at Scale Validation
Large-scale fleet orchestration stress testing and performance optimization.
Multi-Envoy Orchestration Enhancements
Advanced coordination patterns for complex multi-target deployments.
Advanced Knowledge Store
Cross-organization pattern sharing for deployment intelligence at scale.
Deployment Graph Orchestration at Scale
DAG-based deployment pipelines handling hundreds of interconnected artifacts.
Third-Party Artifact Deployment
Deploy artifacts you didn't build — vendor binaries, open-source releases, partner deliverables — with checksum and signature integrity verification.
Intelligent Onboarding
The agent inspects your infrastructure and recommends how to start — greenfield setup or migration from existing tooling, tailored to what it finds.
Visual Plan Review with Deployment Graphs
Interactive DAG visualization in the plan review surface — see dependency ordering, critical paths, and parallel execution opportunities before approving.
High Availability Architecture
Active-passive server failover, envoy reconnection, and in-flight deployment recovery for production-grade uptime.
Ready to deploy smarter?
Synth is open source and self-hosted. Get started in minutes.