kinto

v26.1.1 Maintenance

This release keeps dependencies and maintenance posture current for teams operating this tool.

Published 13d NoSQL & Document

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

api decentralisation http storage web

Affected surfaces

deps breaking_upgrade

ReleasePort's take

Light signal

editorial:auto 13d

Minor release with attachment history fix and new conditional instrumentation support. Two major version bumps—newrelic 13.0.0 and kinto-emailer 4.0.0—require testing before production deployment.

Why it matters: Newrelic and kinto-emailer major upgrades introduce breaking changes. Test in dev before deploying; conditional imports provide better control over instrumentation libraries.

Summary

AI summary

Minor fixes and improvements.

Changes in this release

Type	Severity	Summary	CVE
Feature	Medium	Imports sentry and newrelic libraries conditionally when enabled. Imports sentry and newrelic libraries conditionally when enabled. Source: llm_adapter@2026-05-21 Confidence: low	—
Dependency
Dependency	Medium	Updates pip from 26.0.1 to 26.1. Updates pip from 26.0.1 to 26.1. Source: llm_adapter@2026-05-21 Confidence: low	—
Dependency	Medium	Updates kinto-emailer from 3.0.4 to 4.0.0. Updates kinto-emailer from 3.0.4 to 4.0.0. Source: llm_adapter@2026-05-21 Confidence: low	—
Dependency	Medium	Updates ty from 0.0.33 to 0.0.34 in the minor-patch group. Updates ty from 0.0.33 to 0.0.34 in the minor-patch group. Source: llm_adapter@2026-05-21 Confidence: low	—
Dependency	Medium	Updates urllib3 from 2.6.3 to 2.7.0. Updates urllib3 from 2.6.3 to 2.7.0. Source: llm_adapter@2026-05-21 Confidence: low	—
Dependency	Medium	Bumps minor-patch group with 3 updates (unspecified packages). Bumps minor-patch group with 3 updates (unspecified packages). Source: llm_adapter@2026-05-21 Confidence: low	—
Dependency	Medium	Updates newrelic from 12.1.0 to 13.0.0. Updates newrelic from 12.1.0 to 13.0.0. Source: llm_adapter@2026-05-21 Confidence: low	—
Dependency	Medium	Updates idna from 3.11 to 3.15. Updates idna from 3.11 to 3.15. Source: llm_adapter@2026-05-21 Confidence: low	—
Bugfix	Medium	Fixes history entry issue on attachments creation. Fixes history entry issue on attachments creation. Source: llm_adapter@2026-05-21 Confidence: high	—

Full changelog

What's Changed

Bug Fixes

Fix mozilla/remote-settings#1277: history entry on attachments creation by @leplatrem in https://github.com/Kinto/kinto/pull/3709
Import sentry and newrelic libs only if enabled by @leplatrem in https://github.com/Kinto/kinto/pull/3702

Dependency Updates

Bump the minor-patch group with 4 updates by @dependabot[bot] in https://github.com/Kinto/kinto/pull/3701
Bump pip from 26.0.1 to 26.1 by @dependabot[bot] in https://github.com/Kinto/kinto/pull/3703
Bump kinto-emailer from 3.0.4 to 4.0.0 by @dependabot[bot] in https://github.com/Kinto/kinto/pull/3705
Bump ty from 0.0.33 to 0.0.34 in the minor-patch group by @dependabot[bot] in https://github.com/Kinto/kinto/pull/3704
Bump urllib3 from 2.6.3 to 2.7.0 by @dependabot[bot] in https://github.com/Kinto/kinto/pull/3706
Bump the minor-patch group with 3 updates by @dependabot[bot] in https://github.com/Kinto/kinto/pull/3707
Bump newrelic from 12.1.0 to 13.0.0 by @dependabot[bot] in https://github.com/Kinto/kinto/pull/3708
Bump idna from 3.11 to 3.15 by @dependabot[bot] in https://github.com/Kinto/kinto/pull/3710

Full Changelog: https://github.com/Kinto/kinto/compare/26.1.0...26.1.1

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track kinto

Get notified when new releases ship.

About kinto

A generic JSON document store with sharing and synchronisation capabilities.

All releases →