Skip to main content

On-Prem Release Notes - 2026

v0.159.0 — April 10, 2026

New Features

  • Async executor backend for Prompt Studio: Enables asynchronous extraction execution in Prompt Studio, improving throughput for large document sets
  • Container image listing script: Added script to list all on-prem container images from the Helm chart for air-gapped deployment preparation

Fixes & Improvements

  • Fixed signup button calling incorrect endpoint (login instead of signup)
  • Added ZIPSTACK_ID_DEFAULT_DOMAIN fallback for on-prem SSO settings
  • Fixed HITL review header layout and file incorrectly returning to pending review after queue fetch
  • Fixed re-indexing and re-extraction issues in Prompt Studio document management
  • Improved platform key error message with actionable link to settings page
  • Fixed tiny action buttons in Prompt Studio modals and blank LLM profile edit form
  • Security hardening: pinned axios dependency, added global organization filter backend, sanitized SQL identifiers in database connectors
  • Optimized dashboard metrics aggregation and Prompt Studio list endpoint performance
  • Fixed worker warm shutdown by ignoring SIGTERM in child processes
  • Fixed application logging out users on "Test Connection" failure with invalid credentials
  • Fixed manual review migration discrepancies
  • Added missing agentic-studio internal URL route for on-prem deployments

Helm Configuration Changes

  • Added HITL default values and inline docs to sample chart configs
  • Added IRSA configuration to sample on-prem values
  • Added celery_executor_agentic queue to executor worker configuration
  • Added global ServiceAccount support for admission policy compliance (default: create enabled for on-prem)
  • Fixed Helm 4 dig() incompatibility and ServiceAccount pre-upgrade hook issues
  • Added Helm hook annotations to run-migrations Job for ArgoCD sync compatibility
  • Added imagePullSecret to MinIO Tenant spec
  • Added private registry image override values file for on-prem deployments

v0.158.4 — March 27, 2026

New Features

  • AWS S3 IRSA authentication: Support for IAM Roles for Service Accounts (IRSA) on both S3 storage and S3 connectors, eliminating the need for static credentials in EKS deployments
  • HTTP session lifecycle management: Managed HTTP session pooling for workers API clients, improving connection reuse and reliability

Fixes & Improvements

  • Added TTL to API HITL settings and fixed NaN TTL display
  • Security hardening: cookie security attributes and XSS prevention headers
  • Added input validation and Content Security Policy (CSP) headers across backend and frontend
  • Frontend CSP adjustments for RJSF form rendering (unsafe-eval) and PDF viewer (blob:)
  • Switched litellm to Zipstack fork after PyPI quarantine
  • Upgraded litellm to 1.82.3 to fix Azure OpenAI connection errors
  • Monkey-patched litellm Cohere embed timeout for Bedrock embeddings
  • Added LLMCompat bridge class to fix retriever LLM compatibility with llama-index
  • Handle LLM refusal responses to prevent NoneType errors
  • Include adapter name in error messages for easier debugging

Helm Configuration Changes

  • Hardcoded image references now configurable via values.yaml — previously hardcoded container image paths can be overridden for air-gapped or custom registry deployments

v0.158.0 — March 19, 2026

New Features

  • Platform API keys for programmatic access to the Unstract Platform API. Organization admins can create, list, update, rotate, and delete API keys via the UI under Platform > Platform API Keys. Keys provide Bearer token authentication for all Platform API endpoints. See Platform API Keys documentation for details.
  • Service account access bypass for pluggable apps, enabling automated integrations without manual permission grants
  • Agentic Prompt Studio (beta): new backend and frontend for agentic document extraction workflows. See Agentic Prompt Studio for details.
  • HITL enhancements: sidebar navigation, queue deletion, nested table support, fetch-specific for targeted document review, reviewer name display on in-review documents, and default TTL changed from unlimited to 90 days. See HITL documentation for details.
  • CSV, TXT, and Excel file support in Prompt Studio file converter
  • Dashboard metrics system with plan banner, welcome card, and subscription usage tab
  • Card-based layout for Pipelines and API Deployments listing pages
  • Profile page now displays role and organization info
  • 1M context support for Anthropic LLM adapters
  • Vertex AI vertex_location support for regional endpoint configuration. See Gemini Pro adapter for details.
  • total_pages_processed exposed in execution API response and worker destination metadata
  • SharePoint/OneDrive connector for filesystem integration. See Connectors for details.
  • Azure AI Foundry adapter for LLM access
  • Redis Sentinel HA support with dual-mode configuration for backend, Celery, cache, tool containers, sidecars, and manual review queue. See HA Deployment for details.
  • RabbitMQ HA with configurable quorum queues. See HA Deployment for details.
  • MinIO HA support via optional MinIO Operator. See HA Deployment for details.
  • OAuth product scope added to login/signup authorization requests
  • Dynamic plugin loading infrastructure for enterprise components, migrations, and rule engine
  • Sidebar expand-on-hover UX improvement
  • Documentation link popover for connectors in the UI
  • Workflow deletion errors now show specific pipeline/API deployment names

Fixes & Improvements

  • HITL reliability: PostgreSQL count mismatch and slow query optimizations, bulk queries with lrange, soft-delete for DB-synced records, TTL display in days, rule engine nested array flattening fix, API rules evaluation fix after removal, add-row race condition fix, and queue metadata backfill migration
  • Custom data support added to single pass extraction; fixed string values being wrapped in extra quotes. See Custom Data for details.
  • PostgreSQL race condition in concurrent table creation handled
  • Memory and resource leak fixes: database cursor closure in subscription usage handler, platform-service resource leaks
  • Ollama adapters fixed post LiteLLM migration. See Ollama adapter for details.
  • Packet processing final fetch response API fix
  • Role update failures for existing users resolved
  • LLMWhisperer API key lookup database fallback added; client retry backoff configuration added
  • SIGTERM trap handlers for graceful container shutdown
  • Worker API timeout increased to prevent stuck executions during cron storms
  • Vertex AI thinking config skip for pro models when disabled
  • Azure OpenAI cost tracking now uses actual model name
  • Worker query optimization and retry configuration improvements
  • fsspec directory listing cache fix on connectors (including Azure listings expiry regression)
  • SharePoint walk() now supports detail=True
  • Secure cookie settings and CSRF cookie secure attribute enabled
  • Forbidden email handling in Auth0 OAuth callback
  • PDF viewer error fallback when document fails to load
  • Frontend migrated from Create React App to Vite
  • Export reminder state persists across page reloads
  • HTTP 409 returned when tool image not found in container registry
  • Legacy Celery file processing workers and dead code removed

Helm Configuration Changes

  • Redis Sentinel HA: new REDIS_SENTINEL_MODE env var added to prompt, runner, and multi-az values for dual-mode (standalone/sentinel) support
  • RabbitMQ HA: configurable quorum queues support added
  • MinIO HA: optional MinIO Operator support (operator deployed separately)
  • HITL worker secrets added to on-prem secret template
  • Agentic Studio apps and URLs added to on-prem configuration
  • Backfill metrics enabled by default for on-prem deployments
  • MODEL_PRICES_TTL_IN_DAYS changed from 7 to 1
  • Legacy worker templates removed: useUnifiedWorkers toggle and workerLogging config no longer needed