Skip to content

opik

v2.0.40 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 15d Error & Performance Tracking
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 1 known CVE

Topics

evaluation hacktoberfest2025 langchain llama-index llm llm-evaluation
+5 more
llm-observability llmops openai playground prompt-engineering

Summary

AI summary

Security fix using npm ci for safer dependency installation in CI.

Changes in this release

Security Medium

use npm ci instead of npm install in Docker and lint workflows

use npm ci instead of npm install in Docker and lint workflows

Source: granite4.1:8b-q6_K@2026-05-19

Confidence: low
Feature Medium

add `opik connect/endpoint stop` to cleanly terminate local runners

add `opik connect/endpoint stop` to cleanly terminate local runners

Source: granite4.1:8b-q6_K@2026-05-19

Confidence: high
Performance Medium

replace FINAL with LIMIT 1 BY in trace threads closing candidate query

replace FINAL with LIMIT 1 BY in trace threads closing candidate query

Source: granite4.1:8b-q6_K@2026-05-19

Confidence: high
Bugfix Medium

stop BaseRedisSubscriberTest.shouldRemoveConsumerOnStop flaking

stop BaseRedisSubscriberTest.shouldRemoveConsumerOnStop flaking

Source: granite4.1:8b-q6_K@2026-05-19

Confidence: high
Bugfix Medium

clear actionlint events and expression findings

clear actionlint events and expression findings

Source: granite4.1:8b-q6_K@2026-05-19

Confidence: low
Refactor Medium

Apply Spotless formatting to backend sources

Apply Spotless formatting to backend sources

Source: granite4.1:8b-q6_K@2026-05-19

Confidence: low
Full changelog

What's Changed

  • [OPIK-6580] [INFRA] [CI] fix: clear actionlint events and expression findings by @JetoPistola in https://github.com/comet-ml/opik/pull/6747
  • [OPIK-6516] [SDK] feat(runner): add opik connect/endpoint stop to cleanly terminate local runners by @alexkuzmik in https://github.com/comet-ml/opik/pull/6730
  • [NA] [BE] fix: stop BaseRedisSubscriberTest.shouldRemoveConsumerOnStop flaking by @thiagohora in https://github.com/comet-ml/opik/pull/6754
  • [OPIK-6519] [BE] perf: replace FINAL with LIMIT 1 BY in trace threads closing candidate query by @thiagohora in https://github.com/comet-ml/opik/pull/6748
  • [NA] [BE] Apply Spotless formatting to backend sources by @thiagohora in https://github.com/comet-ml/opik/pull/6750
  • [NA] [CI] [GHA] security: use npm ci instead of npm install in Docker and lint workflows by @EdvardLaub in https://github.com/comet-ml/opik/pull/6755

New Contributors

  • @EdvardLaub made their first contribution in https://github.com/comet-ml/opik/pull/6755

Full Changelog: https://github.com/comet-ml/opik/compare/2.0.39...2.0.40

Security Fixes

  • Use `npm ci` instead of `npm install` in Docker and lint workflows for secure dependency resolution
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track opik

Get notified when new releases ship.

Sign up free

About opik

Debug, evaluate, and monitor your LLM applications, RAG systems, and agentic workflows with comprehensive tracing, automated evaluations, and production-ready dashboards.

All releases →

Related context

Earlier breaking changes

  • v2.0.38 Split stats query and gate legacy feedback_scores UNION in BE.

Beta — feedback welcome: [email protected]