✓ No known CVEs patched in this version
Topics
+13 more
Affected surfaces
ReleasePort's take
Moderate signalPostgreSQL now supports pgbouncer transaction pooling (with statement caching disabled) and adds uuidv7() for SQL analysis.
Why it matters: Enables efficient connection management via pgbouncer transaction pooling; introduces uuidv7() builtβin to simplify UUID generation in queries.
Summary
AI summaryUpdates π Enhancements, π Bug Fixes, and ποΈ Terraform Update across a mixed release.
Changes in this release
| Type | Severity | Summary | CVE |
|---|---|---|---|
| Breaking | High |
The `--demo` server flag has been removed. The `--demo` server flag has been removed. Source: llm_adapter@2026-06-01 Confidence: high |
β |
| Feature | Low |
PostgreSQL now supports pgbouncer transaction pooling (statement cache disabled). PostgreSQL now supports pgbouncer transaction pooling (statement cache disabled). Source: llm_adapter@2026-06-01 Confidence: high |
β |
| Feature | Low |
PostgreSQL recognizes new builtβins like uuidv7() for SQL analysis and schema diff. PostgreSQL recognizes new builtβins like uuidv7() for SQL analysis and schema diff. Source: llm_adapter@2026-06-01 Confidence: high |
β |
| Feature | Low |
TiDB DML rollback and priorβbackup preview functionality is now available. TiDB DML rollback and priorβbackup preview functionality is now available. Source: llm_adapter@2026-06-01 Confidence: high |
β |
| Feature | Low |
ghβost migrations honor the configured dataβsource SSH tunnel for both MySQL connection and binlog reader. ghβost migrations honor the configured dataβsource SSH tunnel for both MySQL connection and binlog reader. Source: llm_adapter@2026-06-01 Confidence: high |
β |
| Feature | Low |
Nonβreadβonly automatic SQL Editor queries now use the admin data source when allowed by policy. Nonβreadβonly automatic SQL Editor queries now use the admin data source when allowed by policy. Source: llm_adapter@2026-06-01 Confidence: high |
β |
| Feature | Low |
Plan detail page layout refreshed for at-a-glance status across specs. Plan detail page layout refreshed for at-a-glance status across specs. Source: granite4.1:30b@2026-06-01-audit Confidence: low |
β |
| Feature | Low |
Release-backed (GitOps) plans now show only CHANGES and DEPLOY phases with UI refinements. Release-backed (GitOps) plans now show only CHANGES and DEPLOY phases with UI refinements. Source: granite4.1:30b@2026-06-01-audit Confidence: low |
β |
| Feature | Low |
MCP clients can complete OAuth against Bytebase Cloud without manual configuration. MCP clients can complete OAuth against Bytebase Cloud without manual configuration. Source: granite4.1:30b@2026-06-01-audit Confidence: low |
β |
| Dependency | High |
Terraform provider version 3.18.1 is now required; webhook URL marked writeβonly and `APP_IM` support added to bytebase_setting. Terraform provider version 3.18.1 is now required; webhook URL marked writeβonly and `APP_IM` support added to bytebase_setting. Source: llm_adapter@2026-06-01 Confidence: high |
β |
| Bugfix | Medium |
Multiβhost PostgreSQL failover now honors configured TLS material on every host. Multiβhost PostgreSQL failover now honors configured TLS material on every host. Source: llm_adapter@2026-06-01 Confidence: high |
β |
| Bugfix | Medium |
Sync Database success toast now renders the actual database name instead of `{{name}}` placeholder. Sync Database success toast now renders the actual database name instead of `{{name}}` placeholder. Source: llm_adapter@2026-06-01 Confidence: high |
β |
| Bugfix | Medium |
Plan list creator filter now correctly returns users and review badge displays consistently. Plan list creator filter now correctly returns users and review badge displays consistently. Source: llm_adapter@2026-06-01 Confidence: high |
β |
| Bugfix | Low |
Workload identities distinguished from service accounts in members table; CEL editor restored for role grants. Workload identities distinguished from service accounts in members table; CEL editor restored for role grants. Source: granite4.1:30b@2026-06-01-audit Confidence: low |
β |
| Bugfix | Low |
Large target sets in issue/plan overflow view no longer freeze or misβrender. Large target sets in issue/plan overflow view no longer freeze or misβrender. Source: granite4.1:30b@2026-06-01-audit Confidence: low |
β |
Full changelog
π Enhancements
-
Plan detail page improvements.
- Refreshed layout. Cleaner layout with at-a-glance plan-check status across all specs and consistent database-target display through every phase.
- Release-backed plan flow simplified. Release-backed (GitOps) plans now show only two phases β CHANGES and DEPLOY β with minor UI refinements throughout.
-
SaaS: MCP discovery works against Bytebase Cloud. MCP clients (Claude Code, Cursor, etc.) can now complete the OAuth flow against
cloud.bytebase.comwithout manual configuration. -
PostgreSQL β Compatible with pgbouncer transaction pooling (statement cache disabled) and PostgreSQL 18 (built-ins like
uuidv7()and 80+ others are recognized by SQL analysis and schema diff). -
TiDB β DML rollback / prior-backup preview now works. Queries against columns added out-of-band trigger the standard metadata-resync-and-retry path (matching MySQL / PostgreSQL).
-
gh-ost migrations honor the configured data-source SSH tunnel for both the MySQL connection and the binlog reader.
-
Query data source β Non-read-only automatic SQL Editor queries now use the admin data source when the query data policy allows it. Read-only queries are unaffected.
-
Demo mode removed. The
--demoserver flag has been removed. This mode was for internal demos (it loads a baked-in SQL dump and a sample admin) and was never intended for production use β if you have--demoin your startup script, drop it and configure instances and users normally.
π Bug Fixes
-
Workload identities are distinguished from service accounts in the members table, and the graphical CEL expression editor is restored for project member role grants.
-
Large target sets in the issue / plan target overflow view no longer freeze or mis-render.
-
The plan list creator filter actually returns users now, and the review badge ("Bypassed" / "Under Review") reads consistently with plan detail.
-
PostgreSQL β Multi-host failover honors Bytebase's configured TLS material on every host, not just the primary.
-
The Sync Database success toast renders the actual database name instead of the literal
{{name}}placeholder.
ποΈ Terraform Update
- Terraform provider 3.18.1 required β Marks the webhook URL as write-only and adds
APP_IMsupport tobytebase_setting. See Migration Guide.
https://github.com/bytebase/bytebase/compare/3.18.0...3.18.1
Before upgrading: 1) Back up the metadata β in-place downgrade is not supported. 2) Do not run multiple containers on the same data directory. 3) Terraform users: upgrade Bytebase server first, then apply the new Terraform config.
Breaking Changes
- Removed the `--demo` server flag; demo mode is no longer available.
- Minimum required Terraform provider version bumped to 3.18.1.
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About bytebase
World's most advanced database DevSecOps solution for Developer, Security, DBA and Platform Engineering teams. The GitHub/GitLab for database DevSecOps.
Related context
Related tools
Earlier breaking changes
- v3.18.0 API: Issue.ApprovalStatus moved to top-level ApprovalStatus enum
- v3.18.0 API: require_2fa renamed to require_mfa in WorkspaceProfileSetting
- v3.18.0 Terraform provider 3.18.0 required; adds sensitive fields and header blocks
- v3.18.0 API: plan_spec_update renamed to plan_update with restructured payload
Beta — feedback welcome: [email protected]