Changelog v6.10.93

v6.10.93

Improvements

Console – Plugins: Each line in the plugin logs viewer now shows a formatted timestamp. Clicking a timestamp updates the URL hash for deep-linking to that line, and hovering reveals a copy-link button — matching the existing behavior in build logs.
Console – Plugins: The plugin manager connection status indicator now displays as a colored dot with text instead of a tag, aligning with the design of the plugin registries table.
Console – Project: A link to the organization-level environment settings is now shown inside the project-level environment settings page, making it easier to reach the full environment configuration.
Console – Roles: The Sidebar sections have now the possibility to be hidden for users whose role does not include the corresponding menu permission.
Console – Service Catalog: A new "Stack Versioning" section in org settings lets admins configure glob include/exclude patterns (e.g. v*, release/*) to control which branches and tags are visible to end-users in the version picker. Org admins and stack maintainer team members always see all versions regardless of the patterns configured.
Console – StackForms: Dropdown widgets now support dynamic_search in widget configuration, enabling options to load on demand as the user types instead of fetching everything upfront. Previously selected values are preserved across searches. Designed for large datasets such as LDAP directories with millions of entries.
API – Authentication: Added menu permission actions, giving org admins control over which additional sidebar sections are visible to different roles.
API – Organizations: New batch permission check endpoint (POST /can_do/batch) resolves the user role once and evaluates up to 100 permission actions in a single request, instead of one API call per action. The legacy endpoint remains available for backward compatibility.

Fixes

Console – Authentication: Fixed a bug in the role editor where saving any unrelated permission change would silently overwrite the resource scope of unscoped rules with the resources from a scoped rule of the same action family, causing users to unexpectedly lose access to other projects.
Console – Credentials: Fixed a regression where credential names longer than ~36 characters were silently truncated when generating the canonical, causing uniqueness conflicts when saving credentials with similar long names.
Console – Environments: Fixed environment rename failing silently. It now calls the correct org-level endpoints.
Console – Environments: Fixed the project-page environment settings form staying blank after loading — data returned from the backend was not being applied to the form fields.
Console – Environments: The "Delete" button in project-level environment settings has been relabeled to "Remove from project" to accurately reflect that the action unlinks the environment from the project rather than deleting it at the org level.
Console – Organizations: Reduced page load latency and eliminated blank-page timeouts (up to 210s observed) caused by 30+ sequential permission checks on every page load. All permission checks on page entry are now batched into a single request, with results cached client-side for 2 minutes and deduplicated within the same navigation tick.
Console – Plugins: Fixed the plugin update button being a silent no-op — it was sending the currently-installed version ID to the backend instead of the new version ID, causing the backend to redeploy the same image already running.
Console – Plugins: Fixed the component plugin relations form sourcing its fields from the install configuration instead of each widget's declared relations.
Console – Plugins: When an iframe plugin widget's underlying plugin is not running, the widget now shows a proper unavailable fallback instead of rendering the raw error body inside the iframe.
Console – Roles: Fixed users with read-only or limited roles getting stuck on an inescapable "Access denied" page when opening the dashboard or org pages. Incidental 403 responses from non-critical calls (e.g. sidebar plugin widgets, cloud accounts) no longer trigger a full-app redirect.
Console – Roles: Buttons and actions the current user lacks permission to perform are now hidden rather than shown and failing with an permission denial on click.
Console – Service Catalog: When a catalog repository's default branch does not match the org-level stack version patterns, a non-blocking advisory warning is now shown to inform the maintainer that end-users may see no selectable version.
API – Components: Fixed the component list returning zero results for users with a project-scoped custom role (e.g. a maintainer scoped to a single project). The query was filtering the project entitlement against the component canonical instead of the project canonical.
API – Environments: Fixed 403 errors on environment create, update, and delete for users with custom roles after the v6.10.29 env governance release. Custom roles holding the legacy organization:project:update permission now have that accepted as a backwards-compatible fallback on env mutation endpoints.
API – Members: Removing the last member of an organization no longer automatically triggers a full cascade deletion of the organization and all its resources. The organization must now be deleted explicitly, preventing Terraform destroy runs and other API consumers from silently wiping an entire org.
API – Plugins: Fixed an intermittent failure during plugin installation where the plugin manager could not unpack an image layer because containerd's garbage collector removed a blob mid-extraction. Previously the only workaround was restarting the plugin manager. The extraction process now holds a lease to prevent the GC from collecting blobs while they are in use.
API – Roles: Fixed role updates failing with a 422 error in organizations where admin rights are granted exclusively through teams. The anti-lockout guard was ignoring team-derived admin grants and blocking every role update. The guard now only runs when the role being updated itself grants organization admin.
API – Roles: Fixed an issue where a user with a role scoped to a specific project could create their own new projects, environments, and components outside of that scope.

Changelog v6.10.93

v6.10.93

Improvements

Console – Plugins: Each line in the plugin logs viewer now shows a formatted timestamp. Clicking a timestamp updates the URL hash for deep-linking to that line, and hovering reveals a copy-link button — matching the existing behavior in build logs.
Console – Plugins: The plugin manager connection status indicator now displays as a colored dot with text instead of a tag, aligning with the design of the plugin registries table.
Console – Project: A link to the organization-level environment settings is now shown inside the project-level environment settings page, making it easier to reach the full environment configuration.
Console – Roles: The Sidebar sections have now the possibility to be hidden for users whose role does not include the corresponding menu permission.
Console – Service Catalog: A new "Stack Versioning" section in org settings lets admins configure glob include/exclude patterns (e.g. v*, release/*) to control which branches and tags are visible to end-users in the version picker. Org admins and stack maintainer team members always see all versions regardless of the patterns configured.
Console – StackForms: Dropdown widgets now support dynamic_search in widget configuration, enabling options to load on demand as the user types instead of fetching everything upfront. Previously selected values are preserved across searches. Designed for large datasets such as LDAP directories with millions of entries.
API – Authentication: Added menu permission actions, giving org admins control over which additional sidebar sections are visible to different roles.
API – Organizations: New batch permission check endpoint (POST /can_do/batch) resolves the user role once and evaluates up to 100 permission actions in a single request, instead of one API call per action. The legacy endpoint remains available for backward compatibility.

Fixes

Console – Authentication: Fixed a bug in the role editor where saving any unrelated permission change would silently overwrite the resource scope of unscoped rules with the resources from a scoped rule of the same action family, causing users to unexpectedly lose access to other projects.
Console – Credentials: Fixed a regression where credential names longer than ~36 characters were silently truncated when generating the canonical, causing uniqueness conflicts when saving credentials with similar long names.
Console – Environments: Fixed environment rename failing silently. It now calls the correct org-level endpoints.
Console – Environments: Fixed the project-page environment settings form staying blank after loading — data returned from the backend was not being applied to the form fields.
Console – Environments: The "Delete" button in project-level environment settings has been relabeled to "Remove from project" to accurately reflect that the action unlinks the environment from the project rather than deleting it at the org level.
Console – Organizations: Reduced page load latency and eliminated blank-page timeouts (up to 210s observed) caused by 30+ sequential permission checks on every page load. All permission checks on page entry are now batched into a single request, with results cached client-side for 2 minutes and deduplicated within the same navigation tick.
Console – Plugins: Fixed the plugin update button being a silent no-op — it was sending the currently-installed version ID to the backend instead of the new version ID, causing the backend to redeploy the same image already running.
Console – Plugins: Fixed the component plugin relations form sourcing its fields from the install configuration instead of each widget's declared relations.
Console – Plugins: When an iframe plugin widget's underlying plugin is not running, the widget now shows a proper unavailable fallback instead of rendering the raw error body inside the iframe.
Console – Roles: Fixed users with read-only or limited roles getting stuck on an inescapable "Access denied" page when opening the dashboard or org pages. Incidental 403 responses from non-critical calls (e.g. sidebar plugin widgets, cloud accounts) no longer trigger a full-app redirect.
Console – Roles: Buttons and actions the current user lacks permission to perform are now hidden rather than shown and failing with an permission denial on click.
Console – Service Catalog: When a catalog repository's default branch does not match the org-level stack version patterns, a non-blocking advisory warning is now shown to inform the maintainer that end-users may see no selectable version.
API – Components: Fixed the component list returning zero results for users with a project-scoped custom role (e.g. a maintainer scoped to a single project). The query was filtering the project entitlement against the component canonical instead of the project canonical.
API – Environments: Fixed 403 errors on environment create, update, and delete for users with custom roles after the v6.10.29 env governance release. Custom roles holding the legacy organization:project:update permission now have that accepted as a backwards-compatible fallback on env mutation endpoints.
API – Members: Removing the last member of an organization no longer automatically triggers a full cascade deletion of the organization and all its resources. The organization must now be deleted explicitly, preventing Terraform destroy runs and other API consumers from silently wiping an entire org.
API – Plugins: Fixed an intermittent failure during plugin installation where the plugin manager could not unpack an image layer because containerd's garbage collector removed a blob mid-extraction. Previously the only workaround was restarting the plugin manager. The extraction process now holds a lease to prevent the GC from collecting blobs while they are in use.
API – Roles: Fixed role updates failing with a 422 error in organizations where admin rights are granted exclusively through teams. The anti-lockout guard was ignoring team-derived admin grants and blocking every role update. The guard now only runs when the role being updated itself grants organization admin.
API – Roles: Fixed an issue where a user with a role scoped to a specific project could create their own new projects, environments, and components outside of that scope.

Changelog v6.10.93 - Cycloid Changelog

Cycloid changelog

Changelog v6.10.93

Improvements

Fixes

Cycloid changelog

Changelog v6.10.93

Improvements

Fixes