# Version 1.1.72 This update is a big step forward in **anti-detection**, **multi-account** automation, and developer power with the **new Write JS `zw` API**. It also brings **code in no-code inputs**, **sticky browser profiles**, and finer control over how browsers launch. Here are some of the major highlights: * **Bypass detection mode** TaskBots stay indistinguishable from human users and are not detected by Cloudflare and similar checks. * **Sticky browser profiles & multi-account management**\ Create multiple sticky profiles and share a single session across TaskBots per profile. No special multi-account browsers needed. * **Write JS — new `zw` APIs** Packages, state, device storage, browser control, metadata, better logging, and more. * **New building blocks**\ Launch Browser and Quit Browser. * **More powerful browser launch options** Preload scripts, add custom launch args, set the viewport, and launch with other Chromium-based browsers such as Brave. * **Code in no-code inputs** Combine text with `${…}` expressions or `$${…}` code. Example: “Just adding a random number ${Math.random()}”. See examples here: [code-in-inputs](https://docs.zerowork.io/using-zerowork/using-building-blocks/dynamic-inputs/code-in-inputs "mention") ...and much more! Dive into the full notes below. 👇 *** ### 🛡️ Bypass Detection Mode Bypass Detection Mode is a major upgrade for undetectable automation. * **Consistently undetected** by Cloudflare, anti-bot systems, and sites with strong in-house protections (including Google services like Gmail). * **Headless that doesn’t look headless.** In Bypass Detection Mode, background runs remain indistinguishable from human activity. * Enable in **TaskBot run settings**, the new **Launch Browser** block, or via **`zw.browserContext.launch()` in Write JS**. *** ### 👤 Sticky Browser Profiles **Goodbye special browsers.** With Bypass Detection plus sticky profiles, you can automate accounts without GoLogin, Multilogin, or Incognition. Sticky browser profiles make multi-account automation safer and simpler. * **One account, one session — across TaskBots.** Reuse the same sticky profile (cookies, storage, fingerprints) so multiple TaskBots working on the same account appear as a single, continuous session. * **Multi-account ready.** Create a dedicated sticky profile per account with separate proxies and cookies for clean isolation and easier organization. * **Clone your regular browser profile.** A practical replacement for “Run in my regular browser.” Clone your existing profile once, then use it as a sticky profile. You can re-clone or clear it any time. *** ### 📦 Write JS — New `zw` APIs A major expansion of what you can do in Write JS. * **Packages.** Install/import npm packages. \ Reference: [imports-and-package-management](https://docs.zerowork.io/using-zerowork/using-building-blocks/write-javascript/imports-and-package-management "mention") * **Local & global state.** Store values per run or across runs. \ Reference: [local-and-global-state](https://docs.zerowork.io/using-zerowork/using-building-blocks/write-javascript/local-and-global-state "mention") * **Device storage.** Persist key–value secrets locally across reinstalls (never sent to ZeroWork servers). \ Reference: [device-storage](https://docs.zerowork.io/using-zerowork/using-building-blocks/write-javascript/device-storage "mention") * **Utilities.** Console-style logging that accepts multiple values, plus a **live-only** temp log that isn’t sent to ZeroWork servers or saved to persistent reports. \ Reference: [utilities](https://docs.zerowork.io/using-zerowork/using-building-blocks/write-javascript/utilities "mention") * **Browser control.** Launch, re-launch, manage, and quit contexts and pages. \ Reference: [browser-context](https://docs.zerowork.io/using-zerowork/using-building-blocks/write-javascript/browser-context "mention") * **Metadata.** Read TaskBot and Desktop Agent details. \ Reference: [metadata](https://docs.zerowork.io/using-zerowork/using-building-blocks/write-javascript/metadata "mention") **✅ No breaking changes.** Existing `log()`, `delay()`, `setRef()`, and `getRef()` (without the `zw.` prefix) still work. We recommend the new convention `zw.*` (e.g., `zw.getRef()`), but your current code will continue to run. Existing `activePage` and `taskbotContext` will also continue to work, although they're now discouraged — prefer `zw.browserContext.getActivePage()` and `zw.browserContext.getContext()`. Full reference: [Broken link](https://docs.zerowork.io/release-notes/broken-reference "mention") *** ### 🧩 New Building Blocks * **Launch Browser.** Start a browser context with custom launch options directly from a building block. * **Quit Browser.** Cleanly close the active browser when needed, including mid-run. *** ### 🚀 More Powerful Browser Launch Options More control in TaskBot run settings, the Launch Browser block, and `zw.browserContext.launch()` in Write JS. * **Add custom scripts.** Inject scripts before any page loads. * **Use external Chromium-based browsers** **(Brave, Chrome, Chromium).**\ \&#xNAN;*Note: Some forks deviate from Chromium and may not work, e.g., Opera.* * **Use custom launch args (advanced)**. * ⚠️ Changing timezones, geolocation, locale, user agents, or similar can harm anti-detection. Use only if you know what you’re doing. Always test first in incognito mode before applying custom args to sticky browser profiles. * **Window control.** Disable maximizing and set a specific viewport. * **Even more options via the APIs.** Record a full-run video (handy for scheduled/webhook runs), run from Firefox, add permissions, and more. Details: [browser-context](https://docs.zerowork.io/using-zerowork/using-building-blocks/write-javascript/browser-context "mention") *** ### ⌨️ Code Input in No-Code Blocks Combine code and no-code in any text field within no-code building blocks. * **Template expressions** with `${…}` and **code blocks** with `$${…}` let you resolve values directly in inputs. * Great for pulling secrets from device storage, formatting values, or doing quick API lookups—without adding a separate Write JS block. More details: [code-in-inputs](https://docs.zerowork.io/using-zerowork/using-building-blocks/dynamic-inputs/code-in-inputs "mention") *** #### 🔐 Device Storage (Secrets) The Desktop Agent now includes **Device Storage** — a simple way to store secrets locally on your machine (for example passwords, API keys, or tokens) and use them in your TaskBots. * **Where to find it:** Open the Desktop Agent tray menu → **Device Storage**. * **Add secrets:** Click **Add key**, enter a key name (e.g. `salesforce_password`), paste the value, and click **Save**. * **Local only:** Secrets are stored **only on your device** and are **never sent to ZeroWork servers**. * **How to use in TaskBots:** Retrieve secrets in the Write JS block using [`zw.deviceStorage.*`](https://docs.zerowork.io/using-zerowork/using-building-blocks/write-javascript/device-storage), or reference them in any input (example: `${zw.deviceStorage.get("salesforce_password")}`). *** ### ✨ New Features and Improvements * **New option “Don’t press Enter on line breaks”.** The Insert Text or Data building block can now preserve line breaks — useful in messengers where line breaks otherwise split one message into multiple separate messages. * **Access to newer GPT models.** * **Prettier JSON logs.** JSON is now neatly indented in both running and persistent logs (especially useful for Write JS output). * **More flexible logging.** `log()`/`zw.log()` now accept direct values (like `console.log`, example: `zw.log("logging", 1, 2)`). Structured messages with `tag`/`status` still work. * **Longer live logs.** Custom log messages (from the Log block and `log()` in Write JS) are **not truncated** in the **running** view. (They still truncate when saved to **persistent** Run Reports.) * **Random whole numbers.** The Number Operations building block now has a checkbox “Generate a whole number (no decimals)” in the Random Number option. * **End run here.** Next to “Start run from here”, you can now also choose “End run here” to stop the run at a specific building block (useful for quicker debugging). * **UI, UX, and help text improvements.** Many building blocks now have clearer options and better in-context help, making dialogs faster to understand and easier to use. *** ### ⚙️ Optimizations * **Faster, more reliable stop logic.** Improved overall TaskBot stop behavior, including aborting non-writing requests mid-request when you click Stop, resulting in faster termination. * **Smarter duplicate-run handling.** Reduces accidental double starts with unknown run status. * **Fewer DNS hiccups.** Added TTL caching to smooth local DNS resolution, resulting in fewer handshake failures and timeouts. * **More robust TaskBot start.** Overhauled the start logic for resilience and reliability. * **Cloud-run groundwork.** Internal preparations for upcoming cloud execution. * **Data sanitization on writes from custom code.** Values saved via Write JS are normalized to valid Unicode (no mid-emoji slicing, even if your code slices or scrapes imperfect data). * **Stale browser contexts.** Improved reliability by recreating contexts (where possible) and adding heartbeats. *** ### 🐛 Fixes * Rare **Google Sheets** auth flow issue that prompted unnecessary manual re-authentication — fixed. * **Autosize** rendering bug that caused brief input lag in the canvas UI under certain circumstances — fixed. * **Spintax** with empty brackets (e.g., `{ A | B | {} }`) — now resolves correctly. * Agent crash on a **single value larger than 400-500 MB** (e.g., big file buffers) — replaced with preload validation to avoid a full agent crash. * **Back/forward retry bug** — if loading failed, the retry could send extra forward/back actions. Fixed. * **Keyboard Action** building block: **Ctrl/Cmd + S** did not properly trigger the save action — fixed. *** ### 🔧 Changed Behavior (non-breaking) * **More forgiving async handling** for Write JS in the browser. Non-awaited async code continues running after the block finishes, while the TaskBot proceeds to the next block. * **Recommendation:** still use `await` for your async code for most reliable results. * Parallel runs are now allowed for the common two-device setup. You can now start a manual run while a scheduled or webhook run of that same TaskBot is already running on another device. *** ### 🚨 Breaking Changes * **Non-incognito run mode** The former **Non-incognito run mode** is now considered **legacy profile setup**. This is the area with the biggest risk of breaking changes, especially if your old Non-incognito TaskBots used **cookies** or **proxy**. In the old model, cookies and proxy were stored per TaskBot. In the new model, they are consolidated into **one shared Non-incognito sticky profile**. If older TaskBots had conflicting values, one value had to be overwritten. * If you are still using a Desktop Agent version before 1.1.72 (1.1.71 and older), legacy Non-incognito runs will continue using the old TaskBot-level cookie and proxy values. * Those old values are no longer visible in the UI. * Once you update to 1.1.72, legacy Non-incognito runs will start using the new browser launch settings. ✅ **Recommendation:** Before updating to 1.1.72, review the new **Non-incognito** browser launch settings carefully, especially if you relied on **cookies** or **proxy**. * **Run in my regular browser**\ The former **Run in my regular browser** setup is now considered **legacy profile setup**. It will continue to work, but it may stop working with newer Chrome versions, especially when it points directly to your regular Chrome profile. ✅ **Recommended replacement:** Use **Clone from browser profile** together with a **sticky browser profile**. * **Upload File size limit**\ The **Upload File** building block now enforces a **390 MB** limit. Previously, files up to about 500 MB could sometimes work; with validation, these are now blocked. This safety limit prevents Desktop Agent crashes caused by a single upload over roughly 400 to 500 MB.\ 💡 *This limit does **not** apply to downloads — you can still download files of any size, including multi-gigabyte files.* * **Bypass Detection Mode and screen sharing**\ The Bypass Detection Mode blocks IP-leak vectors to prevent real-IP exposure when using proxies. **Side effect:** browser-based screen sharing (Zoom, Google Meet, etc.) may not work when automated in Bypass Detection Mode.\ ✅ **Workaround:** Disable Bypass Detection Mode for those workflows.