From 3833bbaea8abfca67a45125c7aaaf74cd7ee333c Mon Sep 17 00:00:00 2001
From: eclairen <236733058+eclairen@users.noreply.github.com>
Date: Thu, 28 May 2026 21:17:50 +0000
Subject: [PATCH 1/3] Add May 28 changelog entry

---
 changelog.mdx | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/changelog.mdx b/changelog.mdx
index 4b7c0ef..2f084e6 100644
--- a/changelog.mdx
+++ b/changelog.mdx
@@ -9,6 +9,27 @@ import { YouTubeVideo } from '/snippets/youtube-video.mdx';
 For API library updates, see the [Node SDK](https://github.com/onkernel/kernel-node-sdk/blob/main/CHANGELOG.md), [Python SDK](https://github.com/onkernel/kernel-python-sdk/blob/next/CHANGELOG.md), and [Go SDK](https://github.com/onkernel/kernel-go-sdk/blob/main/CHANGELOG.md) changelogs.
 </Note>
 
+<Update label="May 28" tags={["Product", "Docs"]}>
+## Product updates
+
+- Soft-launched [auth.md](https://kernel.sh/auth.md), a discovery file that lets agents sign up for a Kernel account or fetch an API key for an existing user account on their own. Point your agent at the URL and it can self-provision. Based on the new [auth.md protocol](https://workos.com/blog/auth-md) from WorkOS.
+- Added **browser telemetry** as a first-class request config. Pass `telemetry.enabled` (and per-category toggles) on `browsers.create()` or `browsers.update()` to capture telemetry for the session, and stream it live from `GET /browsers/{id}/telemetry/stream` (SSE).
+- Exposed [API key](/info/api-keys) management in the Node, Python, and Go SDKs. Create, list, retrieve, update, and delete keys on `/org/api_keys` programmatically.
+- Promoted `can_reauth_reason` on `ManagedAuth` to a typed enum (14 documented values like `requires_totp_without_secret`, `no_viable_plans`, `requires_external_action`) so SDK consumers can branch on it directly instead of string comparisons.
+- Added an **Auto Re-Auth** / **Needs Human** capability chip to each row on the dashboard `/auth` page, with a tooltip mapping each `can_reauth_reason` to a human-readable explanation.
+- Added TOTP secret key support to [managed auth](/auth/overview) credentials, so one-time passwords are generated automatically during login and re-authentication. No human intervention required.
+- Updated the live view loading screen to a progress bar for clearer visual feedback during browser startup.
+- The `/projects/*` endpoints are now dual-routed under `/org/projects/*`. The previous paths are deprecated.
+
+## Documentation updates
+
+- Added new [Create](/introduction/create), [Control](/introduction/control), and [Observe](/introduction/observe) introductory guides covering the core primitives for getting started with browser automation.
+- Expanded the [Control](/introduction/control) guide with three patterns for combining computer use with `playwright.execute`: expose `playwright.execute` as a tool, checkpoint state between CUA steps, and drop the agent once selectors stabilize for replay at scale.
+- Documented the new [`health_checks` and `auto_reauth` connection flags](/auth/configuration) on managed-auth connections, including defaults, how they interact (auto_reauth only applies while health_checks is on), and a create-time example with both disabled.
+- Updated the [MCP server](/reference/mcp-server) tool reference to match the current API.
+- Clarified that stealth mode's default proxy is ISP, not residential. ISP proxies use residential ASNs on datacenter infrastructure.
+</Update>
+
 <Update label="May 21" tags={["Product", "Docs"]}>
 ## Product updates
 

From 09dcab855aa4b8d4e65db582d0ead01c09b6d074 Mon Sep 17 00:00:00 2001
From: eclairen <erin@onkernel.com>
Date: Thu, 28 May 2026 14:19:51 -0700
Subject: [PATCH 2/3] Update changelog.mdx

---
 changelog.mdx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/changelog.mdx b/changelog.mdx
index 2f084e6..74882e2 100644
--- a/changelog.mdx
+++ b/changelog.mdx
@@ -19,7 +19,7 @@ For API library updates, see the [Node SDK](https://github.com/onkernel/kernel-n
 - Added an **Auto Re-Auth** / **Needs Human** capability chip to each row on the dashboard `/auth` page, with a tooltip mapping each `can_reauth_reason` to a human-readable explanation.
 - Added TOTP secret key support to [managed auth](/auth/overview) credentials, so one-time passwords are generated automatically during login and re-authentication. No human intervention required.
 - Updated the live view loading screen to a progress bar for clearer visual feedback during browser startup.
-- The `/projects/*` endpoints are now dual-routed under `/org/projects/*`. The previous paths are deprecated.
+- The `/projects/*` endpoints are now routed under `/org/projects/*`. The previous paths are deprecated.
 
 ## Documentation updates
 

From dcb517fa7afe9affa5c2d42c8127b552bd86db75 Mon Sep 17 00:00:00 2001
From: eclairen <236733058+eclairen@users.noreply.github.com>
Date: Thu, 28 May 2026 21:26:18 +0000
Subject: [PATCH 3/3] Remove broken links from May 28 entry

---
 changelog.mdx | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/changelog.mdx b/changelog.mdx
index 74882e2..11e8625 100644
--- a/changelog.mdx
+++ b/changelog.mdx
@@ -12,9 +12,9 @@ For API library updates, see the [Node SDK](https://github.com/onkernel/kernel-n
 <Update label="May 28" tags={["Product", "Docs"]}>
 ## Product updates
 
-- Soft-launched [auth.md](https://kernel.sh/auth.md), a discovery file that lets agents sign up for a Kernel account or fetch an API key for an existing user account on their own. Point your agent at the URL and it can self-provision. Based on the new [auth.md protocol](https://workos.com/blog/auth-md) from WorkOS.
+- Soft-launched [auth.md](https://kernel.sh/auth.md), a discovery file that lets agents sign up for a Kernel account or fetch an API key for an existing user account on their own. Point your agent at the URL and it can self-provision. Based on the new auth.md protocol from WorkOS.
 - Added **browser telemetry** as a first-class request config. Pass `telemetry.enabled` (and per-category toggles) on `browsers.create()` or `browsers.update()` to capture telemetry for the session, and stream it live from `GET /browsers/{id}/telemetry/stream` (SSE).
-- Exposed [API key](/info/api-keys) management in the Node, Python, and Go SDKs. Create, list, retrieve, update, and delete keys on `/org/api_keys` programmatically.
+- Exposed API key management in the Node, Python, and Go SDKs. Create, list, retrieve, update, and delete keys on `/org/api_keys` programmatically.
 - Promoted `can_reauth_reason` on `ManagedAuth` to a typed enum (14 documented values like `requires_totp_without_secret`, `no_viable_plans`, `requires_external_action`) so SDK consumers can branch on it directly instead of string comparisons.
 - Added an **Auto Re-Auth** / **Needs Human** capability chip to each row on the dashboard `/auth` page, with a tooltip mapping each `can_reauth_reason` to a human-readable explanation.
 - Added TOTP secret key support to [managed auth](/auth/overview) credentials, so one-time passwords are generated automatically during login and re-authentication. No human intervention required.